HUAWEI-ACL-MIB

Imported modules

HUAWEI-MIB	SNMPv2-CONF	SNMPv2-SMI
SNMPv2-TC	P-BRIDGE-MIB	IPV6-TC

Imported symbols

huaweiMgmt	OBJECT-GROUP	MODULE-COMPLIANCE
NOTIFICATION-GROUP	IpAddress	Integer32
Unsigned32	Gauge32	Counter32
OBJECT-TYPE	Counter64	MODULE-IDENTITY
NOTIFICATION-TYPE	RowStatus	TruthValue
MacAddress	EnabledStatus	Ipv6Address

Defined Types

HwAclNumGroupEntry
SEQUENCE
	hwAclNumGroupAclNum	Integer32
	hwAclNumGroupMatchOrder	INTEGER
	hwAclNumGroupSubitemNum	Counter32
	hwAclNumGroupStep	Integer32
	hwAclNumGroupDescription	OCTET STRING
	hwAclNumGroupCountClear	INTEGER
	hwAclNumGroupRowStatus	RowStatus
	hwAclNumGroupAclName	OCTET STRING
	hwAclNumGroupAclType	INTEGER

HwAclBasicRuleEntry
SEQUENCE
	hwAclBasicAclNum	Integer32
	hwAclBasicSubitem	Unsigned32
	hwAclBasicAct	INTEGER
	hwAclBasicSrcIp	IpAddress
	hwAclBasicSrcWild	IpAddress
	hwAclBasicTimeRangeIndex	Integer32
	hwAclBasicFragments	INTEGER
	hwAclBasicLog	TruthValue
	hwAclBasicEnable	TruthValue
	hwAclBasicCount	Counter64
	hwAclBasicVrfName	OCTET STRING
	hwAclBasicRowStatus	RowStatus
	hwAclBasicDescription	OCTET STRING

HwAclAdvancedRuleEntry
SEQUENCE
	hwAclAdvancedAclNum	Integer32
	hwAclAdvancedSubitem	Unsigned32
	hwAclAdvancedAct	INTEGER
	hwAclAdvancedProtocol	Integer32
	hwAclAdvancedSrcIp	IpAddress
	hwAclAdvancedSrcWild	IpAddress
	hwAclAdvancedSrcOp	INTEGER
	hwAclAdvancedSrcPort1	Integer32
	hwAclAdvancedSrcPort2	Integer32
	hwAclAdvancedDestIp	IpAddress
	hwAclAdvancedDestWild	IpAddress
	hwAclAdvancedDestOp	INTEGER
	hwAclAdvancedDestPort1	Integer32
	hwAclAdvancedDestPort2	Integer32
	hwAclAdvancedPrecedence	Integer32
	hwAclAdvancedTos	Integer32
	hwAclAdvancedDscp	Integer32
	hwAclAdvancedEstablish	TruthValue
	hwAclAdvancedTimeRangeIndex	Integer32
	hwAclAdvancedIcmpType	Integer32
	hwAclAdvancedIcmpCode	Integer32
	hwAclAdvancedFragments	INTEGER
	hwAclAdvancedLog	TruthValue
	hwAclAdvancedEnable	TruthValue
	hwAclAdvancedCount	Counter64
	hwAclAdvancedVrfName	OCTET STRING
	hwAclAdvancedRowStatus	RowStatus
	hwAclAdvancedTcpSyncFlag	Integer32
	hwAclAdvancedDescription	OCTET STRING
	hwAclAdvancedSrcPoolName	OCTET STRING
	hwAclAdvancedDestPoolName	OCTET STRING
	hwAclAdvancedProtocolNew	Integer32
	hwAclAdvancedVni	Integer32
	hwAclAdvancedIgmpType	Integer32
	hwAclAdvancedTtlOp	INTEGER
	hwAclAdvancedTtlExpire	Integer32
	hwAclAdvancedTtlExpireEnd	Integer32
	hwAclAdvancedPktLenOp	INTEGER
	hwAclAdvancedPktLenBegin	Integer32
	hwAclAdvancedPktLenEnd	Integer32

HwAclIfRuleEntry
SEQUENCE
	hwAclIfAclNum	Integer32
	hwAclIfSubitem	Unsigned32
	hwAclIfAct	INTEGER
	hwAclIfIndex	Integer32
	hwAclIfAny	TruthValue
	hwAclIfTimeRangeIndex	Integer32
	hwAclIfLog	TruthValue
	hwAclIfEnable	TruthValue
	hwAclIfCount	Counter64
	hwAclIfRowStatus	RowStatus

HwAclUserRuleEntry
SEQUENCE
	hwAclUserAclNum	Integer32
	hwAclUserSubitem	Unsigned32
	hwAclUserAct	INTEGER
	hwAclUserProtocol	Integer32
	hwAclUserSrcIp	IpAddress
	hwAclUserSrcWild	IpAddress
	hwAclUserSrcOp	INTEGER
	hwAclUserSrcPort1	Integer32
	hwAclUserSrcPort2	Integer32
	hwAclUserDestIp	IpAddress
	hwAclUserDestWild	IpAddress
	hwAclUserDestOp	INTEGER
	hwAclUserDestPort1	Integer32
	hwAclUserDestPort2	Integer32
	hwAclUserPrecedence	Integer32
	hwAclUserTos	Integer32
	hwAclUserDscp	Integer32
	hwAclUserEstablish	TruthValue
	hwAclUserTimeRangeIndex	Integer32
	hwAclUserIcmpType	Integer32
	hwAclUserIcmpCode	Integer32
	hwAclUserFragments	TruthValue
	hwAclUserLog	TruthValue
	hwAclUserEnable	TruthValue
	hwAclUserCount	Counter32
	hwAclUserVrfName	OCTET STRING
	hwAclUserSrcUserGroupName	OCTET STRING
	hwAclUserDestUserGroupName	OCTET STRING
	hwAclUserSrcModeType	Integer32
	hwAclUserDestModeType	Integer32
	hwAclUserRowStatus	RowStatus
	hwAclUserTcpSyncFlag	Integer32
	hwAclUserSrcUserGroupNum	Integer32
	hwAclUserDestUserGroupNum	Integer32

HwAclCompileNumGroupEntry
SEQUENCE
	hwAclCompileNumGroupStatus	INTEGER

HwAclIpv6BasicRuleEntry
SEQUENCE
	hwAclIpv6BasicAclNum	Integer32
	hwAclIpv6BasicSubitem	Unsigned32
	hwAclIpv6BasicAct	INTEGER
	hwAclIpv6BasicSrcIp	Ipv6Address
	hwAclIpv6BasicSrcPrefix	Integer32
	hwAclIpv6BasicTimeRangeIndex	Integer32
	hwAclIpv6BasicFragment	INTEGER
	hwAclIpv6BasicLog	TruthValue
	hwAclIpv6BasicEnable	EnabledStatus
	hwAclIpv6BasicCount	Counter64
	hwAclIpv6BasicVrfName	OCTET STRING
	hwAclIpv6BasicRowStatus	RowStatus
	hwAclIpv6BasicDescription	OCTET STRING
	hwAclIpv6BasicSrcMask	Ipv6Address

HwAclIpv6AdvancedRuleEntry
SEQUENCE
	hwAclIpv6AdvancedAclNum	Integer32
	hwAclIpv6AdvancedSubitem	Unsigned32
	hwAclIpv6AdvancedAct	INTEGER
	hwAclIpv6AdvancedProtocol	Integer32
	hwAclIpv6AdvancedSrcIp	Ipv6Address
	hwAclIpv6AdvancedSrcPrefix	Integer32
	hwAclIpv6AdvancedSrcOp	INTEGER
	hwAclIpv6AdvancedSrcPort1	Integer32
	hwAclIpv6AdvancedSrcPort2	Integer32
	hwAclIpv6AdvancedDestIp	Ipv6Address
	hwAclIpv6AdvancedDestPrefix	Integer32
	hwAclIpv6AdvancedDestOp	INTEGER
	hwAclIpv6AdvancedDestPort1	Integer32
	hwAclIpv6AdvancedDestPort2	Integer32
	hwAclIpv6AdvancedPrecedence	Integer32
	hwAclIpv6AdvancedTos	Integer32
	hwAclIpv6AdvancedDscp	Integer32
	hwAclIpv6AdvancedEstablish	TruthValue
	hwAclIpv6AdvancedTimeRangeIndex	Integer32
	hwAclIpv6AdvancedIcmpType	Integer32
	hwAclIpv6AdvancedIcmpCode	Integer32
	hwAclIpv6AdvancedFragment	INTEGER
	hwAclIpv6AdvancedLog	TruthValue
	hwAclIpv6AdvancedEnable	EnabledStatus
	hwAclIpv6AdvancedCount	Counter64
	hwAclIpv6AdvancedVrfName	OCTET STRING
	hwAclIpv6AdvancedRowStatus	RowStatus
	hwAclIpv6AdvancedDescription	OCTET STRING
	hwAclIpv6AdvancedSrcMask	Ipv6Address
	hwAclIpv6AdvancedDestMask	Ipv6Address
	hwAclIpv6AdvancedProtocolNew	Integer32

HwAclEthernetFrameRuleEntry
SEQUENCE
	hwAclEthernetFrameAclNum	Integer32
	hwAclEthernetFrameSubitem	Unsigned32
	hwAclEthernetFrameAct	INTEGER
	hwAclEthernetFrameType	Integer32
	hwAclEthernetFrameTypeMask	Integer32
	hwAclEthernetFrameSrcMac	MacAddress
	hwAclEthernetFrameSrcMacMask	MacAddress
	hwAclEthernetFrameDstMac	MacAddress
	hwAclEthernetFrameDstMacMask	MacAddress
	hwAclEthernetFrameTimeRangeIndex	Integer32
	hwAclEthernetFrameLog	TruthValue
	hwAclEthernetFrameEnable	EnabledStatus
	hwAclEthernetFrameCount	Counter64
	hwAclEthernetFrameRowStatus	RowStatus
	hwAclEthernetFrameEncapType	INTEGER
	hwAclEthernetFrameDoubleTag	TruthValue
	hwAclEthernetFrameVlanId	Integer32
	hwAclEthernetFrameVlanIdMask	Integer32
	hwAclEthernetFrameCVlanId	Integer32
	hwAclEthernetFrameCVlanIdMask	Integer32
	hwAclEthernetFrameRule8021p	Integer32
	hwAclEthernetFrameRuleCVlan8021p	Integer32
	hwAclEthernetFrameDescription	OCTET STRING

HwAclAppliedEntry
SEQUENCE
	hwAclAppliedOperation	INTEGER
	hwAclAppliedScopeType	INTEGER
	hwAclAppliedScopeIndex	Integer32
	hwAclAppliedDirection	INTEGER
	hwAclAppliedAclNum	Integer32
	hwAclAppliedSubitem	Integer32
	hwAclAppliedAclNum2	Integer32
	hwAclAppliedSubitem2	Integer32
	hwAclAppliedStatMode	INTEGER
	hwAclAppliedStatCount	Counter64
	hwAclAppliedLimitCir	Integer32
	hwAclAppliedLimitPir	Integer32
	hwAclAppliedLimitCbs	Integer32
	hwAclAppliedLimitPbs	Integer32
	hwAclAppliedLimitGreenAction	INTEGER
	hwAclAppliedLimitGreenValue	Integer32
	hwAclAppliedLimitYellowAction	INTEGER
	hwAclAppliedLimitYellowValue	Integer32
	hwAclAppliedLimitRedAction	INTEGER
	hwAclAppliedLimitRedValue	Integer32
	hwAclAppliedMirrObservedPort	Integer32
	hwAclAppliedMirrRspanVlan	Integer32
	hwAclAppliedRedirectIfIndex	Integer32
	hwAclAppliedRedirectIpAddr	IpAddress
	hwAclAppliedRedirectIpv6Addr	Ipv6Address
	hwAclAppliedRemarkVlan	Integer32
	hwAclAppliedRemarkCVlan	Integer32
	hwAclAppliedRemark8021p	Integer32
	hwAclAppliedRemarkDscp	Integer32
	hwAclAppliedRemarkIpPre	Integer32
	hwAclAppliedRemarkLocalPre	Integer32
	hwAclAppliedRemarkMacAddr	MacAddress
	hwAclAppliedIsIPv6Acl	TruthValue
	hwAclAppliedRowStatus	RowStatus

HwAclIpv6NumGroupEntry
SEQUENCE
	hwAclIpv6NumGroupAclNum	Integer32
	hwAclIpv6NumGroupMatchOrder	INTEGER
	hwAclIpv6NumGroupSubitemNum	Counter32
	hwAclIpv6NumGroupCountClear	INTEGER
	hwAclIpv6NumGroupAclName	OCTET STRING
	hwAclIpv6NumGroupDescription	OCTET STRING
	hwAclIpv6NumGroupAclType	INTEGER
	hwAclIpv6NumGroupRowStatus	RowStatus
	hwAclIpv6NumGroupStep	Integer32

HwAclIpv6IfRuleEntry
SEQUENCE
	hwAclIpv6IfAclNum	Integer32
	hwAclIpv6IfSubitem	Unsigned32
	hwAclIpv6IfAct	INTEGER
	hwAclIpv6IfIndex	Integer32
	hwAclIpv6IfAny	TruthValue
	hwAclIpv6IfTimeRangeIndex	Integer32
	hwAclIpv6IfLog	TruthValue
	hwAclIpv6IfEnable	TruthValue
	hwAclIpv6IfCount	Counter64
	hwAclIpv6IfRowStatus	RowStatus

HwAclMplsRuleEntry
SEQUENCE
	hwAclMplsAclNum	Integer32
	hwAclMplsSubitem	Unsigned32
	hwAclMplsAct	INTEGER
	hwAclMplsExp1	Integer32
	hwAclMplsExp2	Integer32
	hwAclMplsExp3	Integer32
	hwAclMplsExp4	Integer32
	hwAclMplsLabel1	Integer32
	hwAclMplsLabel2	Integer32
	hwAclMplsLabel3	Integer32
	hwAclMplsLabel4	Integer32
	hwAclMplsTTLOP1	INTEGER
	hwAclMplsTTL1Begin	Integer32
	hwAclMplsTTL1End	Integer32
	hwAclMplsTTLOP2	INTEGER
	hwAclMplsTTL2Begin	Integer32
	hwAclMplsTTL2End	Integer32
	hwAclMplsTTLOP3	INTEGER
	hwAclMplsTTL3Begin	Integer32
	hwAclMplsTTL3End	Integer32
	hwAclMplsRowStatus	RowStatus
	hwAclMplsCount	Counter64

Defined Values

hwAcl		1.3.6.1.4.1.2011.5.1
The HUAWEI-ACL-MIB contains objects to configure ACL module, including ACL group, rule and acl accelerate, and query the current ACL configuration and status. This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable, hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable, hwAclCompileEnableFlag, hwAclCompileNumGroupTable, hwAclIpv6NumGroupTable and acl trap. To filter data packets, a series of rules need to be configured on the device. These rules are defined by ACL (Access Control List), which are a series of sequential rules consisting of rule permit or deny statements. The rules are described by source address, destination address and port number of data packets. ACL classifies data packets through these device interface applied rules, by which the device decides which packets can be received and which should be rejected.
MODULE-IDENTITY

hwAclMibObjects		1.3.6.1.4.1.2011.5.1.1
OBJECT IDENTIFIER

hwAclNumGroupTable		1.3.6.1.4.1.2011.5.1.1.2
The table of ACL group information including match order, step, description and so on
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclNumGroupEntry

hwAclNumGroupEntry		1.3.6.1.4.1.2011.5.1.1.2.1
An entry containing characters of an acl group
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclNumGroupEntry

hwAclNumGroupAclNum		1.3.6.1.4.1.2011.5.1.1.2.1.1
The index of acl group, identifying an ACL. The object specifies the range of an ACL number. The basic ACL is represented by the number in the range 2000 through 2999. The advanced ACL is represented by the number in the range 3000 through 3999. The interface-based ACL is represented by the number in the range 1000 to 1999. The User Defined ACL is represented by the number in the range 5000 through 5999. The User ACL is represented by the number in the range 6000 through 9999. The Mpls ACL is represented by the number in the range 10000 through 10999. The name ACL is represented by the number in the range 42768 through 76535.
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclNumGroupMatchOrder		1.3.6.1.4.1.2011.5.1.1.2.1.2
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL rules are matched following the 'Depth-first' principle.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	config(1), auto(2)

hwAclNumGroupSubitemNum		1.3.6.1.4.1.2011.5.1.1.2.1.3
The total number of the rules in the acl group.
Status: current	Access: read-only
OBJECT-TYPE
	Counter32

hwAclNumGroupStep		1.3.6.1.4.1.2011.5.1.1.2.1.4
The object indicates the step value of number acl. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The ACL IDs change along with the step. When the step is 5, the ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	1..20

hwAclNumGroupDescription		1.3.6.1.4.1.2011.5.1.1.2.1.5
The object indicates the description of this acl group. The object describes the usage of an ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclNumGroupCountClear		1.3.6.1.4.1.2011.5.1.1.2.1.6
Reset the statistics of ACL group.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	cleared(1), notUsed(2)

hwAclNumGroupRowStatus		1.3.6.1.4.1.2011.5.1.1.2.1.7
RowStatus, Now support three value:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclNumGroupAclName		1.3.6.1.4.1.2011.5.1.1.2.1.8
The object indicates the name of an acl group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..64)

hwAclNumGroupAclType		1.3.6.1.4.1.2011.5.1.1.2.1.9
The type of ACL group.
Status: current	Access: read-only
OBJECT-TYPE
	INTEGER	basic(1), advanced(2), link(3), user(4), interface(5), mpls(6), mac(7), ucl(8)

hwAclBasicRuleTable		1.3.6.1.4.1.2011.5.1.1.4
Configure the rule for basic acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclBasicRuleEntry

hwAclBasicRuleEntry		1.3.6.1.4.1.2011.5.1.1.4.1
Each entry is a rule of basic acl.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclBasicRuleEntry

hwAclBasicAclNum		1.3.6.1.4.1.2011.5.1.1.4.1.1
The index of basic acl group, the index range is (1..99 \| 2000..2999 \| 42768..76535 ).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclBasicSubitem		1.3.6.1.4.1.2011.5.1.1.4.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclBasicAct		1.3.6.1.4.1.2011.5.1.1.4.1.3
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclBasicSrcIp		1.3.6.1.4.1.2011.5.1.1.4.1.4
The object indicates the source IP-address of a basic acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclBasicSrcWild		1.3.6.1.4.1.2011.5.1.1.4.1.5
The object indicates the source IP-address wild of a basic acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclBasicTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.4.1.6
The object indicates the time range of a basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclBasicFragments		1.3.6.1.4.1.2011.5.1.1.4.1.7
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255)

hwAclBasicLog		1.3.6.1.4.1.2011.5.1.1.4.1.8
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclBasicEnable		1.3.6.1.4.1.2011.5.1.1.4.1.9
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	TruthValue

hwAclBasicCount		1.3.6.1.4.1.2011.5.1.1.4.1.10
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclBasicVrfName		1.3.6.1.4.1.2011.5.1.1.4.1.11
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..31)

hwAclBasicRowStatus		1.3.6.1.4.1.2011.5.1.1.4.1.12
RowStatus, Now support three value:CreateAndGo,Active and Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclBasicDescription		1.3.6.1.4.1.2011.5.1.1.4.1.13
The object indicates the description of this basic rule. The object describes the usage of an ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclAdvancedRuleTable		1.3.6.1.4.1.2011.5.1.1.5
Configure the rule for advanced acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclAdvancedRuleEntry

hwAclAdvancedRuleEntry		1.3.6.1.4.1.2011.5.1.1.5.1
Each entry contains a rule of advanced acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclAdvancedRuleEntry

hwAclAdvancedAclNum		1.3.6.1.4.1.2011.5.1.1.5.1.1
The index of advanced acl table, the index range is (100..199 \| 3000..3999 \| 42768..76535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclAdvancedSubitem		1.3.6.1.4.1.2011.5.1.1.5.1.2
The object specifies the number of an advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclAdvancedAct		1.3.6.1.4.1.2011.5.1.1.5.1.3
The object indicates the action of an advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclAdvancedProtocol		1.3.6.1.4.1.2011.5.1.1.5.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclAdvancedSrcIp		1.3.6.1.4.1.2011.5.1.1.5.1.5
The object indicates the source IP-address of an advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclAdvancedSrcWild		1.3.6.1.4.1.2011.5.1.1.5.1.6
The object indicates the source IP-address wild of an advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclAdvancedSrcOp		1.3.6.1.4.1.2011.5.1.1.5.1.7
The object indicates the source Port operation symbol of an advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclAdvancedSrcPort1		1.3.6.1.4.1.2011.5.1.1.5.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclAdvancedSrcPort2		1.3.6.1.4.1.2011.5.1.1.5.1.9
The object indicates the fourth layer source port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclAdvancedDestIp		1.3.6.1.4.1.2011.5.1.1.5.1.10
The object indicates the destination IP-address of an advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclAdvancedDestWild		1.3.6.1.4.1.2011.5.1.1.5.1.11
The object indicates the destination IP-address wild of an advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclAdvancedDestOp		1.3.6.1.4.1.2011.5.1.1.5.1.12
The object indicates the destination Port operation symbol of an advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclAdvancedDestPort1		1.3.6.1.4.1.2011.5.1.1.5.1.13
The object indicates the fourth layer destination port1.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclAdvancedDestPort2		1.3.6.1.4.1.2011.5.1.1.5.1.14
The object indicates the fourth layer destination port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclAdvancedPrecedence		1.3.6.1.4.1.2011.5.1.1.5.1.15
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclAdvancedTos		1.3.6.1.4.1.2011.5.1.1.5.1.16
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..15 \| 255

hwAclAdvancedDscp		1.3.6.1.4.1.2011.5.1.1.5.1.17
The object indicates the value of frame.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63 \| 255

hwAclAdvancedEstablish		1.3.6.1.4.1.2011.5.1.1.5.1.18
The object indicates whether or not establishing.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclAdvancedTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.5.1.19
The object indicates the time range of an advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclAdvancedIcmpType		1.3.6.1.4.1.2011.5.1.1.5.1.20
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclAdvancedIcmpCode		1.3.6.1.4.1.2011.5.1.1.5.1.21
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclAdvancedFragments		1.3.6.1.4.1.2011.5.1.1.5.1.22
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255)

hwAclAdvancedLog		1.3.6.1.4.1.2011.5.1.1.5.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclAdvancedEnable		1.3.6.1.4.1.2011.5.1.1.5.1.24
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	TruthValue

hwAclAdvancedCount		1.3.6.1.4.1.2011.5.1.1.5.1.25
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclAdvancedVrfName		1.3.6.1.4.1.2011.5.1.1.5.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..31)

hwAclAdvancedRowStatus		1.3.6.1.4.1.2011.5.1.1.5.1.27
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclAdvancedTcpSyncFlag		1.3.6.1.4.1.2011.5.1.1.5.1.28
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..63

hwAclAdvancedDescription		1.3.6.1.4.1.2011.5.1.1.5.1.29
The object indicates the description of this advanced rule. The object describes the usage of an ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclAdvancedSrcPoolName		1.3.6.1.4.1.2011.5.1.1.5.1.30
The object indicates the source pool name.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..32)

hwAclAdvancedDestPoolName		1.3.6.1.4.1.2011.5.1.1.5.1.31
The object indicates the destination pool name.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..32)

hwAclAdvancedProtocolNew		1.3.6.1.4.1.2011.5.1.1.5.1.32
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclAdvancedVni		1.3.6.1.4.1.2011.5.1.1.5.1.33
The object indicates the ID of VXLAN, The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..16777215

hwAclAdvancedIgmpType		1.3.6.1.4.1.2011.5.1.1.5.1.34
The object indicates the type of igmp, The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclAdvancedTtlOp		1.3.6.1.4.1.2011.5.1.1.5.1.35
The object indicates the ttl operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclAdvancedTtlExpire		1.3.6.1.4.1.2011.5.1.1.5.1.36
The object indicates the begin ttl value. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclAdvancedTtlExpireEnd		1.3.6.1.4.1.2011.5.1.1.5.1.37
The object indicates the end ttl value. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclAdvancedPktLenOp		1.3.6.1.4.1.2011.5.1.1.5.1.38
The object indicates the packet length operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclAdvancedPktLenBegin		1.3.6.1.4.1.2011.5.1.1.5.1.39
The object indicates the begin packet length value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclAdvancedPktLenEnd		1.3.6.1.4.1.2011.5.1.1.5.1.40
The object indicates the end packet length value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclIfRuleTable		1.3.6.1.4.1.2011.5.1.1.6
Configure the rule for interface-based acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclIfRuleEntry

hwAclIfRuleEntry		1.3.6.1.4.1.2011.5.1.1.6.1
Each entry contains a rule of interface-based acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclIfRuleEntry

hwAclIfAclNum		1.3.6.1.4.1.2011.5.1.1.6.1.1
The index of interface-based acl group, the index range is (1000..1999 \| 42768..76535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclIfSubitem		1.3.6.1.4.1.2011.5.1.1.6.1.2
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclIfAct		1.3.6.1.4.1.2011.5.1.1.6.1.3
The object indicates the action of an interface-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclIfIndex		1.3.6.1.4.1.2011.5.1.1.6.1.4
The object indicates the index of an interface. It specifies the interface information of the packets.The invalid interface index is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclIfAny		1.3.6.1.4.1.2011.5.1.1.6.1.5
The object indicates whether or not matching any interface.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIfTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.6.1.6
The object indicates the time range of an interface-based acl rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclIfLog		1.3.6.1.4.1.2011.5.1.1.6.1.7
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIfEnable		1.3.6.1.4.1.2011.5.1.1.6.1.8
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	TruthValue

hwAclIfCount		1.3.6.1.4.1.2011.5.1.1.6.1.9
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclIfRowStatus		1.3.6.1.4.1.2011.5.1.1.6.1.11
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclUserRuleTable		1.3.6.1.4.1.2011.5.1.1.7
Configure the rule for user acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclUserRuleEntry

hwAclUserRuleEntry		1.3.6.1.4.1.2011.5.1.1.7.1
Each entry contains a rule of user acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclUserRuleEntry

hwAclUserAclNum		1.3.6.1.4.1.2011.5.1.1.7.1.1
The index of user acl table, the index range is (6000..9999).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclUserSubitem		1.3.6.1.4.1.2011.5.1.1.7.1.2
The object specifies the number of an User ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclUserAct		1.3.6.1.4.1.2011.5.1.1.7.1.3
The object indicates the action of an User acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclUserProtocol		1.3.6.1.4.1.2011.5.1.1.7.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclUserSrcIp		1.3.6.1.4.1.2011.5.1.1.7.1.5
The object indicates the source IP-address of an User acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclUserSrcWild		1.3.6.1.4.1.2011.5.1.1.7.1.6
The object indicates the source IP-address wild of an User acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclUserSrcOp		1.3.6.1.4.1.2011.5.1.1.7.1.7
The object indicates the source Port operation symbol of an User acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclUserSrcPort1		1.3.6.1.4.1.2011.5.1.1.7.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclUserSrcPort2		1.3.6.1.4.1.2011.5.1.1.7.1.9
The object indicates the fourth layer source port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclUserDestIp		1.3.6.1.4.1.2011.5.1.1.7.1.10
The object indicates the destination IP-address of an User acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclUserDestWild		1.3.6.1.4.1.2011.5.1.1.7.1.11
The object indicates the destination IP-address wild of an User acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclUserDestOp		1.3.6.1.4.1.2011.5.1.1.7.1.12
The object indicates the destination Port operation symbol of an User acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)

hwAclUserDestPort1		1.3.6.1.4.1.2011.5.1.1.7.1.13
The object indicates the fourth layer destination port1.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclUserDestPort2		1.3.6.1.4.1.2011.5.1.1.7.1.14
The object indicates the fourth layer destination port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclUserPrecedence		1.3.6.1.4.1.2011.5.1.1.7.1.15
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclUserTos		1.3.6.1.4.1.2011.5.1.1.7.1.16
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..15 \| 255

hwAclUserDscp		1.3.6.1.4.1.2011.5.1.1.7.1.17
The object indicates the value of frame.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63 \| 255

hwAclUserEstablish		1.3.6.1.4.1.2011.5.1.1.7.1.18
The object indicates whether or not establishing.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclUserTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.7.1.19
The object indicates the time range of an User acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclUserIcmpType		1.3.6.1.4.1.2011.5.1.1.7.1.20
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclUserIcmpCode		1.3.6.1.4.1.2011.5.1.1.7.1.21
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclUserFragments		1.3.6.1.4.1.2011.5.1.1.7.1.22
The object indicates whether or not matching fragmented packet, It specifies that this rule is only valid for the non-first fragment packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclUserLog		1.3.6.1.4.1.2011.5.1.1.7.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclUserEnable		1.3.6.1.4.1.2011.5.1.1.7.1.24
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	TruthValue

hwAclUserCount		1.3.6.1.4.1.2011.5.1.1.7.1.25
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter32

hwAclUserVrfName		1.3.6.1.4.1.2011.5.1.1.7.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..32)

hwAclUserSrcUserGroupName		1.3.6.1.4.1.2011.5.1.1.7.1.27
The object indicates the source user group name of this rule. if modetype source is user, null sting means any user
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..32)

hwAclUserDestUserGroupName		1.3.6.1.4.1.2011.5.1.1.7.1.28
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..32)

hwAclUserSrcModeType		1.3.6.1.4.1.2011.5.1.1.7.1.29
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4

hwAclUserDestModeType		1.3.6.1.4.1.2011.5.1.1.7.1.30
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4

hwAclUserRowStatus		1.3.6.1.4.1.2011.5.1.1.7.1.31
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclUserTcpSyncFlag		1.3.6.1.4.1.2011.5.1.1.7.1.32
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..63

hwAclUserSrcUserGroupNum		1.3.6.1.4.1.2011.5.1.1.7.1.33
The object indicates the source user group num of this rule. if modetype source is user, null sting means any user
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..64000 \| 65535

hwAclUserDestUserGroupNum		1.3.6.1.4.1.2011.5.1.1.7.1.34
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..64000 \| 65535

hwAclCompileEnableFlag		1.3.6.1.4.1.2011.5.1.1.10
The object indicates whether acl compiler is enabled. when acl compiler is enabled, and ACL accelerate function is enabled, then matching packets by rule is efficient.
Status: current	Access: read-write
OBJECT-TYPE
	TruthValue

hwAclCompileNumGroupTable		1.3.6.1.4.1.2011.5.1.1.11
The ACL compiler table extending the Acl-number-group table
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclCompileNumGroupEntry

hwAclCompileNumGroupEntry		1.3.6.1.4.1.2011.5.1.1.11.1
The entry of Acl-number-group compiler extended table
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclCompileNumGroupEntry

hwAclCompileNumGroupStatus		1.3.6.1.4.1.2011.5.1.1.11.1.1
The object indicates the status of Acl-number-group compiler. 'notCompile' means acl accelerate function is disabled, 'compiled' means acl accelerate function is enabled, 'changeAfterCompile' means acl is changed after compiled.
Status: current	Access: read-write
OBJECT-TYPE
	INTEGER	notCompile(1), compiled(2), changeAfterCompile(3)

hwAclIpv6BasicRuleTable		1.3.6.1.4.1.2011.5.1.1.12
Configure the rule for ipv6 basic acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclIpv6BasicRuleEntry

hwAclIpv6BasicRuleEntry		1.3.6.1.4.1.2011.5.1.1.12.1
Each entry is a rule of ipv6 basic acl.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclIpv6BasicRuleEntry

hwAclIpv6BasicAclNum		1.3.6.1.4.1.2011.5.1.1.12.1.1
The index of ipv6 basic acl group, the index range is (2000..2999 \| 42768..75535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclIpv6BasicSubitem		1.3.6.1.4.1.2011.5.1.1.12.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically; otherwise, this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclIpv6BasicAct		1.3.6.1.4.1.2011.5.1.1.12.1.3
The object indicates the action of a ipv6 basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclIpv6BasicSrcIp		1.3.6.1.4.1.2011.5.1.1.12.1.4
The object indicates the source IPv6-address of a ipv6 basic acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6BasicSrcPrefix		1.3.6.1.4.1.2011.5.1.1.12.1.5
The object indicates the source IPv6-address prefix length of a ipv6 basic acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..128

hwAclIpv6BasicTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.12.1.6
The object indicates the time range of a ipv6 basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclIpv6BasicFragment		1.3.6.1.4.1.2011.5.1.1.12.1.7
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	fragmentSubseq(0), fragment(1), none(255)

hwAclIpv6BasicLog		1.3.6.1.4.1.2011.5.1.1.12.1.8
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIpv6BasicEnable		1.3.6.1.4.1.2011.5.1.1.12.1.9
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	EnabledStatus

hwAclIpv6BasicCount		1.3.6.1.4.1.2011.5.1.1.12.1.10
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclIpv6BasicVrfName		1.3.6.1.4.1.2011.5.1.1.12.1.11
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..31)

hwAclIpv6BasicRowStatus		1.3.6.1.4.1.2011.5.1.1.12.1.12
RowStatus, Now support three value: CreateAndGo, Active and Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclIpv6BasicDescription		1.3.6.1.4.1.2011.5.1.1.12.1.13
The object indicates the description of this IPv6 basic rule. The object describes the usage of an IPv6 ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclIpv6BasicSrcMask		1.3.6.1.4.1.2011.5.1.1.12.1.14
The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6AdvancedRuleTable		1.3.6.1.4.1.2011.5.1.1.13
Configure the rule for ipv6 advanced acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclIpv6AdvancedRuleEntry

hwAclIpv6AdvancedRuleEntry		1.3.6.1.4.1.2011.5.1.1.13.1
Each entry contains a rule of ipv6 advanced acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclIpv6AdvancedRuleEntry

hwAclIpv6AdvancedAclNum		1.3.6.1.4.1.2011.5.1.1.13.1.1
The index of ipv6 advanced acl table, the index range is (3000..3999 \| 42768..75535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclIpv6AdvancedSubitem		1.3.6.1.4.1.2011.5.1.1.13.1.2
The object specifies the number of an ipv6 advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclIpv6AdvancedAct		1.3.6.1.4.1.2011.5.1.1.13.1.3
The object indicates the action of an ipv6 advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclIpv6AdvancedProtocol		1.3.6.1.4.1.2011.5.1.1.13.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclIpv6AdvancedSrcIp		1.3.6.1.4.1.2011.5.1.1.13.1.5
The object indicates the source IPv6-address of an ipv6 advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6AdvancedSrcPrefix		1.3.6.1.4.1.2011.5.1.1.13.1.6
The object indicates the source IPv6-address prefix length of an ipv6 advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..128

hwAclIpv6AdvancedSrcOp		1.3.6.1.4.1.2011.5.1.1.13.1.7
The object indicates the source Port operation symbol of an ipv6 advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), range(5), invalid(255)

hwAclIpv6AdvancedSrcPort1		1.3.6.1.4.1.2011.5.1.1.13.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclIpv6AdvancedSrcPort2		1.3.6.1.4.1.2011.5.1.1.13.1.9
The object indicates the fourth layer source port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclIpv6AdvancedDestIp		1.3.6.1.4.1.2011.5.1.1.13.1.10
The object indicates the destination IPv6-address of an ipv6 advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6AdvancedDestPrefix		1.3.6.1.4.1.2011.5.1.1.13.1.11
The object indicates the destination IPv6-address prefix length of an ipv6 advanced acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..128

hwAclIpv6AdvancedDestOp		1.3.6.1.4.1.2011.5.1.1.13.1.12
The object indicates the destination Port operation symbol of an ipv6 advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), neq(4), range(5), invalid(255)

hwAclIpv6AdvancedDestPort1		1.3.6.1.4.1.2011.5.1.1.13.1.13
The object indicates the fourth layer destination port1.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclIpv6AdvancedDestPort2		1.3.6.1.4.1.2011.5.1.1.13.1.14
The object indicates the fourth layer destination port2.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..65535

hwAclIpv6AdvancedPrecedence		1.3.6.1.4.1.2011.5.1.1.13.1.15
The object indicates the value of IPv6-packet's precedence, It filters packets according to precedence field. The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclIpv6AdvancedTos		1.3.6.1.4.1.2011.5.1.1.13.1.16
The object indicates the value of IPv6-packet's TOS, It filters packets according to type of service. The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..15 \| 255

hwAclIpv6AdvancedDscp		1.3.6.1.4.1.2011.5.1.1.13.1.17
The object indicates the value of frame.The invalid value is 255.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63 \| 255

hwAclIpv6AdvancedEstablish		1.3.6.1.4.1.2011.5.1.1.13.1.18
The object indicates whether or not establishing.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIpv6AdvancedTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.13.1.19
The object indicates the time range of an ipv6 advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclIpv6AdvancedIcmpType		1.3.6.1.4.1.2011.5.1.1.13.1.20
The object indicates the type of ICMPv6 packet. It filters ICMP packets according to the ICMPv6 message type. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclIpv6AdvancedIcmpCode		1.3.6.1.4.1.2011.5.1.1.13.1.21
The object indicates the code of ICMPv6 packet. It filters ICMPv6 packets according to the message code. The invalid value is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclIpv6AdvancedFragment		1.3.6.1.4.1.2011.5.1.1.13.1.22
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	fragmentSubseq(0), fragment(1), none(255)

hwAclIpv6AdvancedLog		1.3.6.1.4.1.2011.5.1.1.13.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIpv6AdvancedEnable		1.3.6.1.4.1.2011.5.1.1.13.1.24
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	EnabledStatus

hwAclIpv6AdvancedCount		1.3.6.1.4.1.2011.5.1.1.13.1.25
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclIpv6AdvancedVrfName		1.3.6.1.4.1.2011.5.1.1.13.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..31)

hwAclIpv6AdvancedRowStatus		1.3.6.1.4.1.2011.5.1.1.13.1.27
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclIpv6AdvancedDescription		1.3.6.1.4.1.2011.5.1.1.13.1.28
The object indicates the description of this IPv6 advanced rule. The object describes the usage of an IPv6 ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclIpv6AdvancedSrcMask		1.3.6.1.4.1.2011.5.1.1.13.1.29
The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6AdvancedDestMask		1.3.6.1.4.1.2011.5.1.1.13.1.30
The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclIpv6AdvancedProtocolNew		1.3.6.1.4.1.2011.5.1.1.13.1.31
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 65535.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255 \| 65535

hwAclEthernetFrameRuleTable		1.3.6.1.4.1.2011.5.1.1.14
Configure the rule for ethernet-frame-based acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclEthernetFrameRuleEntry

hwAclEthernetFrameRuleEntry		1.3.6.1.4.1.2011.5.1.1.14.1
Each entry contains a rule of ethernet-frame-based acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclEthernetFrameRuleEntry

hwAclEthernetFrameAclNum		1.3.6.1.4.1.2011.5.1.1.14.1.1
The index of ethernet-frame-based acl group, the index range is (4000..4999 \| 42768..76535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclEthernetFrameSubitem		1.3.6.1.4.1.2011.5.1.1.14.1.2
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclEthernetFrameAct		1.3.6.1.4.1.2011.5.1.1.14.1.3
The object indicates the action of an ethernet-frame-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclEthernetFrameType		1.3.6.1.4.1.2011.5.1.1.14.1.4
The object indicates the type of an ethernet frame. It specifies the interface information of the packets. The invalid ethernet frame type is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclEthernetFrameTypeMask		1.3.6.1.4.1.2011.5.1.1.14.1.5
The object indicates the mask of ethernet frame.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclEthernetFrameSrcMac		1.3.6.1.4.1.2011.5.1.1.14.1.6
The object indicates the source mac address of rule.
Status: current	Access: read-create
OBJECT-TYPE
	MacAddress

hwAclEthernetFrameSrcMacMask		1.3.6.1.4.1.2011.5.1.1.14.1.7
The object indicates the source mac mask of rule.
Status: current	Access: read-create
OBJECT-TYPE
	MacAddress

hwAclEthernetFrameDstMac		1.3.6.1.4.1.2011.5.1.1.14.1.8
The object indicates the destination mac address of rule.
Status: current	Access: read-create
OBJECT-TYPE
	MacAddress

hwAclEthernetFrameDstMacMask		1.3.6.1.4.1.2011.5.1.1.14.1.9
The object indicates the destination mac mask of rule.
Status: current	Access: read-create
OBJECT-TYPE
	MacAddress

hwAclEthernetFrameTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.14.1.10
The object indicates the time range of a ethernet frame acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclEthernetFrameLog		1.3.6.1.4.1.2011.5.1.1.14.1.11
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, source/destination mac addr, protocol of ethernet frame, and number of packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclEthernetFrameEnable		1.3.6.1.4.1.2011.5.1.1.14.1.12
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	EnabledStatus

hwAclEthernetFrameCount		1.3.6.1.4.1.2011.5.1.1.14.1.13
The object indicates the statistics of matched packets by rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclEthernetFrameRowStatus		1.3.6.1.4.1.2011.5.1.1.14.1.14
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclEthernetFrameEncapType		1.3.6.1.4.1.2011.5.1.1.14.1.15
The object indicates the encapsulation type of rule.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	ether2(1), ieee802dot3(2), snap(3), none(255)

hwAclEthernetFrameDoubleTag		1.3.6.1.4.1.2011.5.1.1.14.1.16
The object indicates two tags of rule. False value do not care the number of tags.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclEthernetFrameVlanId		1.3.6.1.4.1.2011.5.1.1.14.1.17
The object indicates the vlan ID of rule. The invalid vlan ID is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4094

hwAclEthernetFrameVlanIdMask		1.3.6.1.4.1.2011.5.1.1.14.1.18
The object indicates the vlan ID mask of rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4095

hwAclEthernetFrameCVlanId		1.3.6.1.4.1.2011.5.1.1.14.1.19
The object indicates the ce-vlan ID of rule. The invalid vlan ID is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4094

hwAclEthernetFrameCVlanIdMask		1.3.6.1.4.1.2011.5.1.1.14.1.20
The object indicates the ce-vlan ID mask of rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4095

hwAclEthernetFrameRule8021p		1.3.6.1.4.1.2011.5.1.1.14.1.21
The object indicates the 8021p value of S-tag.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclEthernetFrameRuleCVlan8021p		1.3.6.1.4.1.2011.5.1.1.14.1.22
The object indicates the 8021p value of C-tag.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclEthernetFrameDescription		1.3.6.1.4.1.2011.5.1.1.14.1.23
The object indicates the description of this ethernetframe rule. The object describes the usage of an ACL with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclAppliedTable		1.3.6.1.4.1.2011.5.1.1.15
Configure the applied ACL.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclAppliedEntry

hwAclAppliedEntry		1.3.6.1.4.1.2011.5.1.1.15.1
Each entry contains a applied ACL.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclAppliedEntry

hwAclAppliedOperation		1.3.6.1.4.1.2011.5.1.1.15.1.1
The actions taken when packets conforming or exceeding the configured.
Status: current	Access: not-accessible
OBJECT-TYPE
	INTEGER	filter(1), limit(2), mirror(3), redirectCpu(4), redirectInterface(5), redirectIpNextHop(6), redirectIpv6NextHop(7), remark8021p(8), remarkDscp(9), remarkIpPrecedence(10), remarkLocalPrecedence(11), remarkVlanId(12), remarkCVlanId(13), remarkDestMac(14), statistic(15)

hwAclAppliedScopeType		1.3.6.1.4.1.2011.5.1.1.15.1.2
The scope that ACL apply on.
Status: current	Access: not-accessible
OBJECT-TYPE
	INTEGER	global(1), vlan(2), interface(3)

hwAclAppliedScopeIndex		1.3.6.1.4.1.2011.5.1.1.15.1.3
When the scope is global, this field is invalid; When the scope is vlan, this field is vlan ID; When the scope is interface, this field is interface index.
Status: current	Access: not-accessible
OBJECT-TYPE
	Integer32

hwAclAppliedDirection		1.3.6.1.4.1.2011.5.1.1.15.1.4
The direction acl apply on.
Status: current	Access: not-accessible
OBJECT-TYPE
	INTEGER	inbound(1), outbound(2)

hwAclAppliedAclNum		1.3.6.1.4.1.2011.5.1.1.15.1.5
The index of ACL group. Basic ACL in range 2000~2999; Advance ACL in range 3000~3999; Link ACL in range 4000~4999;
Status: current	Access: not-accessible
OBJECT-TYPE
	Integer32	2000..4999

hwAclAppliedSubitem		1.3.6.1.4.1.2011.5.1.1.15.1.6
The object specifies the number of an ACL rule.
Status: current	Access: not-accessible
OBJECT-TYPE
	Integer32

hwAclAppliedAclNum2		1.3.6.1.4.1.2011.5.1.1.15.1.7
The index of ACL group. 65535 means this field is valid.
Status: current	Access: not-accessible
OBJECT-TYPE
	Integer32	2000..3999 \| 65535

hwAclAppliedSubitem2		1.3.6.1.4.1.2011.5.1.1.15.1.8
The object specifies the number of an ACL rule.
Status: current	Access: not-accessible
OBJECT-TYPE
	Integer32

hwAclAppliedStatMode		1.3.6.1.4.1.2011.5.1.1.15.1.9
The object specifies the mode of statistics. When action is statistic, this field is valid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	byPackets(1), byBytes(2)

hwAclAppliedStatCount		1.3.6.1.4.1.2011.5.1.1.15.1.10
The object indicates the statistics of matched packets by the policy. When action is statistic or limit, this field is valid.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclAppliedLimitCir		1.3.6.1.4.1.2011.5.1.1.15.1.11
Committed information rate. Unit: kbps.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0 \| 64..10000000

hwAclAppliedLimitPir		1.3.6.1.4.1.2011.5.1.1.15.1.12
Peak information rate. Unit: kbps. 0 is the default value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0 \| 64..10000000

hwAclAppliedLimitCbs		1.3.6.1.4.1.2011.5.1.1.15.1.13
Committed burst size. Unit: byte. 0 is the default value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0 \| 4096..16773120

hwAclAppliedLimitPbs		1.3.6.1.4.1.2011.5.1.1.15.1.14
Peak burst size. Unit: byte. 0 is the default value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0 \| 4096..16773120

hwAclAppliedLimitGreenAction		1.3.6.1.4.1.2011.5.1.1.15.1.15
Green action.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)

hwAclAppliedLimitGreenValue		1.3.6.1.4.1.2011.5.1.1.15.1.16
The value is to remark When green action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63

hwAclAppliedLimitYellowAction		1.3.6.1.4.1.2011.5.1.1.15.1.17
Yellow action.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)

hwAclAppliedLimitYellowValue		1.3.6.1.4.1.2011.5.1.1.15.1.18
The value is to remark When yellow action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63

hwAclAppliedLimitRedAction		1.3.6.1.4.1.2011.5.1.1.15.1.19
Red action.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)

hwAclAppliedLimitRedValue		1.3.6.1.4.1.2011.5.1.1.15.1.20
The value is to remark When red action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63

hwAclAppliedMirrObservedPort		1.3.6.1.4.1.2011.5.1.1.15.1.21
The mirror observe port number.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclAppliedMirrRspanVlan		1.3.6.1.4.1.2011.5.1.1.15.1.22
The object specifies the RSPAN vlan. 0 means mirror to local port.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4094

hwAclAppliedRedirectIfIndex		1.3.6.1.4.1.2011.5.1.1.15.1.23
The redirect output interface.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclAppliedRedirectIpAddr		1.3.6.1.4.1.2011.5.1.1.15.1.24
The redirect IP next hop address.
Status: current	Access: read-create
OBJECT-TYPE
	IpAddress

hwAclAppliedRedirectIpv6Addr		1.3.6.1.4.1.2011.5.1.1.15.1.25
The redirect IPv6 next hop address.
Status: current	Access: read-create
OBJECT-TYPE
	Ipv6Address

hwAclAppliedRemarkVlan		1.3.6.1.4.1.2011.5.1.1.15.1.26
The remarked vlan ID.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4094

hwAclAppliedRemarkCVlan		1.3.6.1.4.1.2011.5.1.1.15.1.27
The remarked ce-vlan ID.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..4094

hwAclAppliedRemark8021p		1.3.6.1.4.1.2011.5.1.1.15.1.28
The remarked 8021p value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7

hwAclAppliedRemarkDscp		1.3.6.1.4.1.2011.5.1.1.15.1.29
The remarked DSCP value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..63

hwAclAppliedRemarkIpPre		1.3.6.1.4.1.2011.5.1.1.15.1.30
The remarked IP precedence value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7

hwAclAppliedRemarkLocalPre		1.3.6.1.4.1.2011.5.1.1.15.1.31
The remarked local precedence value.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7

hwAclAppliedRemarkMacAddr		1.3.6.1.4.1.2011.5.1.1.15.1.32
The remarked MAC address.
Status: current	Access: read-create
OBJECT-TYPE
	MacAddress

hwAclAppliedIsIPv6Acl		1.3.6.1.4.1.2011.5.1.1.15.1.33
The object indicates whether is IPv6 ACL.
Status: current	Access: not-accessible
OBJECT-TYPE
	TruthValue

hwAclAppliedRowStatus		1.3.6.1.4.1.2011.5.1.1.15.1.51
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclIpv6NumGroupTable		1.3.6.1.4.1.2011.5.1.1.16
The table of IPv6 ACL group information.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclIpv6NumGroupEntry

hwAclIpv6NumGroupEntry		1.3.6.1.4.1.2011.5.1.1.16.1
An entry containing characters of an IPv6 ACL group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclIpv6NumGroupEntry

hwAclIpv6NumGroupAclNum		1.3.6.1.4.1.2011.5.1.1.16.1.1
The index of IPv6 ACL group, identifying an IPv6 ACL.
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclIpv6NumGroupMatchOrder		1.3.6.1.4.1.2011.5.1.1.16.1.2
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL6 rules are matched following the 'Depth-first' principle.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	config(1), auto(2), default(3)

hwAclIpv6NumGroupSubitemNum		1.3.6.1.4.1.2011.5.1.1.16.1.3
The total number of the rules in the ACL6 group.
Status: current	Access: read-only
OBJECT-TYPE
	Counter32

hwAclIpv6NumGroupCountClear		1.3.6.1.4.1.2011.5.1.1.16.1.4
Reset the statistics of ACL6 group.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	cleared(1), notUsed(2)

hwAclIpv6NumGroupAclName		1.3.6.1.4.1.2011.5.1.1.16.1.5
The object indicates the name of an acl6 group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..64)

hwAclIpv6NumGroupDescription		1.3.6.1.4.1.2011.5.1.1.16.1.6
The object indicates the description of this acl6 group. The object describes the usage of an ACL6 with a word or a sentence.
Status: current	Access: read-create
OBJECT-TYPE
	OCTET STRING	Size(0..127)

hwAclIpv6NumGroupAclType		1.3.6.1.4.1.2011.5.1.1.16.1.7
The type of IPv6 ACL group.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	basic(1), advanced(2)

hwAclIpv6NumGroupRowStatus		1.3.6.1.4.1.2011.5.1.1.16.1.51
RowStatus, Now support three value:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclIpv6NumGroupStep		1.3.6.1.4.1.2011.5.1.1.16.1.52
The object indicates the step value of number IPv6 ACL. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The IPv6 ACL IDs change along with the step. When the step is 5, the IPv6 ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	1..20

hwAclIpv6IfRuleTable		1.3.6.1.4.1.2011.5.1.1.17
Configure the rule for interface-based acl6 group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclIpv6IfRuleEntry

hwAclIpv6IfRuleEntry		1.3.6.1.4.1.2011.5.1.1.17.1
Each entry contains a rule of interface-based acl6 group.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclIpv6IfRuleEntry

hwAclIpv6IfAclNum		1.3.6.1.4.1.2011.5.1.1.17.1.1
The index of interface-based acl6 group, the index range is (1000..1999 \| 42768..75535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclIpv6IfSubitem		1.3.6.1.4.1.2011.5.1.1.17.1.2
The object specifies the number of an ACL6 rule. If the number specified has been assigned to an ACL6 rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL6. It will be placed at the end of the ACL6 when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL6 rule must be given 0, but it will be assigned automatically;otherwise, this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclIpv6IfAct		1.3.6.1.4.1.2011.5.1.1.17.1.3
The object indicates the action of an interface-based acl6 rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclIpv6IfIndex		1.3.6.1.4.1.2011.5.1.1.17.1.4
The object indicates the index of an interface. It specifies the interface information of the packets. The invalid interface index is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32

hwAclIpv6IfAny		1.3.6.1.4.1.2011.5.1.1.17.1.5
The object indicates whether or not matching any interface.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIpv6IfTimeRangeIndex		1.3.6.1.4.1.2011.5.1.1.17.1.6
The object indicates the time range of an interface-based acl6 rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..256

hwAclIpv6IfLog		1.3.6.1.4.1.2011.5.1.1.17.1.7
The object indicates whether to log the matched packets. The log contents include sequence number of ACL6 rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
Status: current	Access: read-create
OBJECT-TYPE
	TruthValue

hwAclIpv6IfEnable		1.3.6.1.4.1.2011.5.1.1.17.1.8
The object indicates whether the rule is valid or invalid.
Status: current	Access: read-only
OBJECT-TYPE
	TruthValue

hwAclIpv6IfCount		1.3.6.1.4.1.2011.5.1.1.17.1.9
The object indicates the statistics of matched packets by basic rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclIpv6IfRowStatus		1.3.6.1.4.1.2011.5.1.1.17.1.11
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclMplsRuleTable		1.3.6.1.4.1.2011.5.1.1.18
Configure the rule for mpls acl group.
Status: current	Access: not-accessible
OBJECT-TYPE
	SEQUENCE OF
		HwAclMplsRuleEntry

hwAclMplsRuleEntry		1.3.6.1.4.1.2011.5.1.1.18.1
Each entry is a rule of mpls acl.
Status: current	Access: not-accessible
OBJECT-TYPE
	HwAclMplsRuleEntry

hwAclMplsAclNum		1.3.6.1.4.1.2011.5.1.1.18.1.1
The index of mpls acl group, the index range is (10000..10999 \| 42768..76535).
Status: current	Access: read-only
OBJECT-TYPE
	Integer32

hwAclMplsSubitem		1.3.6.1.4.1.2011.5.1.1.18.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
Status: current	Access: read-only
OBJECT-TYPE
	Unsigned32

hwAclMplsAct		1.3.6.1.4.1.2011.5.1.1.18.1.3
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	permit(1), deny(2)

hwAclMplsExp1		1.3.6.1.4.1.2011.5.1.1.18.1.4
The object indicates the exp1 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclMplsExp2		1.3.6.1.4.1.2011.5.1.1.18.1.5
The object indicates the exp2 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclMplsExp3		1.3.6.1.4.1.2011.5.1.1.18.1.6
The object indicates the exp3 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclMplsExp4		1.3.6.1.4.1.2011.5.1.1.18.1.7
The object indicates the exp4 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..7 \| 255

hwAclMplsLabel1		1.3.6.1.4.1.2011.5.1.1.18.1.8
The object indicates the label1 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..1048575

hwAclMplsLabel2		1.3.6.1.4.1.2011.5.1.1.18.1.9
The object indicates the label2 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..1048575

hwAclMplsLabel3		1.3.6.1.4.1.2011.5.1.1.18.1.10
The object indicates the label3 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..1048575

hwAclMplsLabel4		1.3.6.1.4.1.2011.5.1.1.18.1.11
The object indicates the label4 of a mpls acl rule.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	-1 \| 0..1048575

hwAclMplsTTLOP1		1.3.6.1.4.1.2011.5.1.1.18.1.12
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), range(5), invalid(0), any(255)

hwAclMplsTTL1Begin		1.3.6.1.4.1.2011.5.1.1.18.1.13
The object indicates the begin value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsTTL1End		1.3.6.1.4.1.2011.5.1.1.18.1.14
The object indicates the end value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsTTLOP2		1.3.6.1.4.1.2011.5.1.1.18.1.15
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), range(5), invalid(0), any(255)

hwAclMplsTTL2Begin		1.3.6.1.4.1.2011.5.1.1.18.1.16
The object indicates the begin value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsTTL2End		1.3.6.1.4.1.2011.5.1.1.18.1.17
The object indicates the end value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsTTLOP3		1.3.6.1.4.1.2011.5.1.1.18.1.18
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
Status: current	Access: read-create
OBJECT-TYPE
	INTEGER	lt(1), eq(2), gt(3), range(5), invalid(0), any(255)

hwAclMplsTTL3Begin		1.3.6.1.4.1.2011.5.1.1.18.1.19
The object indicates the begin value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsTTL3End		1.3.6.1.4.1.2011.5.1.1.18.1.20
The object indicates the end value of a mpls ttl.
Status: current	Access: read-create
OBJECT-TYPE
	Integer32	0..255

hwAclMplsRowStatus		1.3.6.1.4.1.2011.5.1.1.18.1.21
RowStatus, Now support three value:CreateAndGo,Active and Destroy.
Status: current	Access: read-create
OBJECT-TYPE
	RowStatus

hwAclMplsCount		1.3.6.1.4.1.2011.5.1.1.18.1.22
The object indicates the statistics of matched packets by the rule.
Status: current	Access: read-only
OBJECT-TYPE
	Counter64

hwAclMibTrap		1.3.6.1.4.1.2011.5.1.2
OBJECT IDENTIFIER

hwAclTrapOid		1.3.6.1.4.1.2011.5.1.2.1
OBJECT IDENTIFIER

hwAclTrapsDefine		1.3.6.1.4.1.2011.5.1.2.2
OBJECT IDENTIFIER

hwAclTraps		1.3.6.1.4.1.2011.5.1.2.2.1
OBJECT IDENTIFIER

hwAclResourceTrapsTable		1.3.6.1.4.1.2011.5.1.2.2.1.1
OBJECT IDENTIFIER

hwAclResSlotStr		1.3.6.1.4.1.2011.5.1.2.2.1.1.1
The infomation of slot.
Status: current	Access: accessible-for-notify
OBJECT-TYPE
	OCTET STRING

hwAclResStage		1.3.6.1.4.1.2011.5.1.2.2.1.1.2
The stage where trap infomation exists.
Status: current	Access: accessible-for-notify
OBJECT-TYPE
	OCTET STRING

hwAclResLimit		1.3.6.1.4.1.2011.5.1.2.2.1.1.3
The usage of rule resource.
Status: current	Access: accessible-for-notify
OBJECT-TYPE
	Integer32

hwAclResourceTrapsEntry		1.3.6.1.4.1.2011.5.1.2.2.1.1.4
OBJECT IDENTIFIER

hwAclResThresholdExceedClearTrap		1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1
Acl resource lack clear trap
Status: current	Access: accessible-for-notify
NOTIFICATION-TYPE

hwAclResThresholdExceedTrap		1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2
Acl resource lack trap
Status: current	Access: accessible-for-notify
NOTIFICATION-TYPE

hwAclResTotalCountExceedClearTrap		1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3
Acl resource full clear trap
Status: current	Access: accessible-for-notify
NOTIFICATION-TYPE

hwAclResTotalCountExceedTrap		1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4
Acl resource full trap
Status: current	Access: accessible-for-notify
NOTIFICATION-TYPE

hwAclResourceTrapsGroups		1.3.6.1.4.1.2011.5.1.2.2.1.1.5
OBJECT IDENTIFIER

hwAclResourceTrapsGroup		1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1
Group for all acl resource traps.
Status: current	Access: accessible-for-notify
NOTIFICATION-GROUP

hwAclMibConformance		1.3.6.1.4.1.2011.5.1.3
OBJECT IDENTIFIER

hwAclMibCompliances		1.3.6.1.4.1.2011.5.1.3.1
OBJECT IDENTIFIER

hwAclMibCompliance		1.3.6.1.4.1.2011.5.1.3.1.1
The compliance statement for entities which implement the Huawei acl MIB.
Status: current	Access: accessible-for-notify
MODULE-COMPLIANCE

hwAclMibGroups		1.3.6.1.4.1.2011.5.1.3.2
OBJECT IDENTIFIER

hwAclGroup		1.3.6.1.4.1.2011.5.1.3.2.1
A collection of objects providing mandatory acl information.
Status: current	Access: accessible-for-notify
OBJECT-GROUP