-- This file is corresponding to Release 6.1.2.100 from 2001/09/26 00:00:00 -- (C)opyright 1991-1999 BinTec Communications AG, All Rights Reserved -- $RCSfile: mibip,v $ -- $Revision: 1.46 $ BIANCA-BRICK-IP-MIB DEFINITIONS ::= BEGIN IMPORTS DisplayString FROM SNMPv2-TC IpAddress, Counter, TimeTicks FROM RFC1155-SMI OBJECT-TYPE FROM RFC-1212; org OBJECT IDENTIFIER ::= { iso 3 } dod OBJECT IDENTIFIER ::= { org 6 } internet OBJECT IDENTIFIER ::= { dod 1 } private OBJECT IDENTIFIER ::= { internet 4 } enterprises OBJECT IDENTIFIER ::= { private 1 } bintec OBJECT IDENTIFIER ::= { enterprises 272 } bibo OBJECT IDENTIFIER ::= { bintec 4 } biboip OBJECT IDENTIFIER ::= { bibo 5 } -- IP Group -- Management Information for the IP Subsystem of the BIANCA/BRICK -- old access list tables, don't reuse these OIDs -- ipAllowTable OBJECT-TYPE ::= { biboip 1 } -- ipDenyTable OBJECT-TYPE ::= { biboip 2 } ipExtIfTable OBJECT-TYPE SYNTAX SEQUENCE OF IpExtIfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipExtIfTable contains extended information related to IP and the interfaces found on the system. Entries can only be added or deleted by the system." ::= { biboip 3} ipExtIfEntry OBJECT-TYPE SYNTAX IpExtIfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipExtIfIndex } ::= { ipExtIfTable 1 } IpExtIfEntry ::= SEQUENCE { ipExtIfIndex INTEGER, ipExtIfRipSend INTEGER, ipExtIfRipReceive INTEGER, ipExtIfNat INTEGER, ipExtIfNatRmvFin INTEGER, ipExtIfNatTcpTimeout INTEGER, ipExtIfNatOtherTimeout INTEGER, ipExtIfNatOutXlat INTEGER, ipExtIfAccounting INTEGER, ipExtIfTcpSpoofing INTEGER, ipExtIfOspf INTEGER, ipExtIfOspfMetric INTEGER, ipExtIfTcpCksum INTEGER, ipExtIfBackRtVerify INTEGER, ipExtIfRuleIndex INTEGER, ipExtIfAuthentication INTEGER, ipExtIfAuthMode INTEGER, ipExtIfAuthLifeTime INTEGER, ipExtIfAuthKeepalive INTEGER, ipExtIfRouteAnnounce INTEGER, ipExtIfIpFragmentation INTEGER, ipExtIfRerouting INTEGER, ipExtIfBodRuleIndex INTEGER, ipExtIfQoSRuleIndex INTEGER, ipExtIfIpsecAccounting INTEGER, ipExtIfMulticast INTEGER, ipExtIfNatSilentDeny INTEGER } ipExtIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Unique interface index" ::= { ipExtIfEntry 1 } ipExtIfRipSend OBJECT-TYPE SYNTAX INTEGER { ripV1 (1), -- send RIP V1 messages ripV2 (2), -- send RIP V2 messages both(3), -- send RIP V1 and RIP V2 messages none(4), -- don't send RIP messages ripV2mcast(5) -- send RIP V2 messages as multicast } ACCESS read-write STATUS mandatory DESCRIPTION "specifies which versions of RIP messages are sent to that interface. Usually RIP messages are sent as broadcast, except this object is set to ripV2mcast. In this case RIP V2 messages are sent to the multicast address 224.0.0.9 ." ::= { ipExtIfEntry 3 } ipExtIfRipReceive OBJECT-TYPE SYNTAX INTEGER { ripV1 (1), -- accept only RIP V1 messages ripV2 (2), -- accept only RIP V2 messages both(3), -- accept RIP V1 and RIP V2 messages none(4) -- don't accept any RIP messages } ACCESS read-write STATUS mandatory DESCRIPTION "specifies which versions of RIP messages are accepted from that interface. RIP V2 messages are received regardless if they are sent as broadcast or multicast." ::= { ipExtIfEntry 4 } ipExtIfProxyArp OBJECT-TYPE SYNTAX INTEGER { off(1), -- proxy arp switched off on(2), -- if operational status of the destination -- interface is up or dormant up-only(3) -- if operational status of the destination -- interface is up } ACCESS read-write STATUS mandatory DESCRIPTION "Switch for Proxy ARP on this interface." ::= { ipExtIfEntry 5 } ipExtIfNat OBJECT-TYPE SYNTAX INTEGER { off(1), on(2), reverse(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object can be used to switch NAT on and off for a specific interface. " ::= { ipExtIfEntry 6 } ipExtIfNatRmvFin OBJECT-TYPE SYNTAX INTEGER { no(1), yes(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies, wether entries in the IpNatTable shall be removed, when TCP-FINS have been received and acknowledged in both directions, a TCP-RST has been received or a ICMP-ERROR message has been received for the entry." ::= { ipExtIfEntry 7 } ipExtIfNatTcpTimeout OBJECT-TYPE SYNTAX INTEGER (1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "TCP NAT entries vanish unconditionally after not being used for the amount of time specified by this object in seconds." ::= { ipExtIfEntry 8 } ipExtIfNatOtherTimeout OBJECT-TYPE SYNTAX INTEGER (1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "Non-TCP NAT entries vanish unconditionally after not being used for the amount of time specified by this object in seconds." ::= { ipExtIfEntry 9 } ipExtIfNatOutXlat OBJECT-TYPE SYNTAX INTEGER { on(1), off(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object can be used to switch the outgoing address translation off. Then, all addresses are passed instead of being translated. The session mechanism remains active and implements a security mechanism. " ::= { ipExtIfEntry 10 } ipExtIfAccounting OBJECT-TYPE SYNTAX INTEGER { off(1), on(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Switch for accounting on the specified interface. An IP packet is being accounted, when this object is set to on for either the source or the destination interface." ::= { ipExtIfEntry 11 } ipExtIfTcpSpoofing OBJECT-TYPE SYNTAX INTEGER { off(1), on(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Switch for TCP spoofing on this interface. TCP keepalive polls are answered by the BRICK to prevent unnecessary ISDN connections. Set this object to on for ISDN dialup interfaces." ::= { ipExtIfEntry 12 } ipExtIfAccessAction OBJECT-TYPE SYNTAX INTEGER { ignore(1), refuse(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes the action, that is done, when a packet received from the interface has been filtered out. When set to ignore, no action takes place. When set to refuse, an ICMP unreachable message is being sent to the originator of the packet." ::= { ipExtIfEntry 13 } ipExtIfAccessReport OBJECT-TYPE SYNTAX INTEGER { none(1), info(2), dump(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies, how a packed filtered by accesslists should be logged. When set to none, no logging takes place. When set to info, protocol, ip-addresses and portnumbers are logged. When set to dump, a dump of the first 64 bytes of the packet will be written to the syslog table." ::= { ipExtIfEntry 14 } ipExtIfOspf OBJECT-TYPE SYNTAX INTEGER { passive(1), active(2), off(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Configure the OSPF status of this interface. Routing information about routes on passive and active interfaces is propagated on active interfaces. Only active interfaces run the OSPF protocol. When set to off the interface and its associated routes are invisible to the OSPF protocol." ::= { ipExtIfEntry 15 } ipExtIfOspfMetric OBJECT-TYPE SYNTAX INTEGER { auto(1), -- based on ifSpeed fixed(2), -- user configured auto-adjust(3), -- auto + metric adjustment fixed-adjust(4) -- fixed + metric adjustment } ACCESS read-write STATUS mandatory DESCRIPTION "Configure the metric calculation of OSPF interfaces. If set to auto the metric is calculated based on ifSpeed. If set to fixed the metric is taken from the ospfIfMetricTable. Additionaly the metric adjustment for dialup interfaces can be configured. If set to auto-adjust or fixed-adjust the basic metric value is reduced if the operational status of the dialup interface is up." ::= { ipExtIfEntry 16 } ipExtIfTcpCksum OBJECT-TYPE SYNTAX INTEGER { check(1), dont-check(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable or disable the TCP checksum check for local packets received on the corresponding interface. Disabling the check may improve performance for some local applications (i.e. remote CAPI). This object should only be set to dont-check on interfaces for LANs without further routers. Packets received from routers may have a corrupted TCP checksum and TCP will no longer be able to detect those packets. The TCP checksum must be checked by the receiving TCP under any circumstances, when TCP header compression is used on any router." ::= { ipExtIfEntry 17 } ipExtIfBackRtVerify OBJECT-TYPE SYNTAX INTEGER { off(1), on(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object activates an additional check for incoming packets. If set to on, incoming packets are only accepted if return packets sent back to their source IP address would be sent over the same interface. This prevents packets being passed from untrusted interfaces to this interface." ::= { ipExtIfEntry 18 } ipExtIfRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the index of the first access rule that is applied for incoming packets. If set to 0 or if there is no access rule with this index no access rules are applied for this interface." ::= { ipExtIfEntry 19 } ipExtIfAuthentication OBJECT-TYPE SYNTAX INTEGER { off(1), securID(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the authentication scheme used for incoming packets." ::= { ipExtIfEntry 20 } ipExtIfAuthMode OBJECT-TYPE SYNTAX INTEGER { strict(1), loose(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the authentication mode. If set to strict each source IP address must be authenticated. If set to loose all source IP addresses are allowed if at least one IP address is successfully authenticated." ::= { ipExtIfEntry 21 } ipExtIfAuthLifeTime OBJECT-TYPE SYNTAX INTEGER (180..36000) ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the time in seconds a successful authentication is valid since the IP partner was authenticated." ::= { ipExtIfEntry 22 } ipExtIfAuthKeepalive OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the period between short authentications that are invisible to the user" ::= { ipExtIfEntry 23 } ipExtIfRouteAnnounce OBJECT-TYPE SYNTAX INTEGER { up-only(1), up-dormant(2), always(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the condition when routes on this interface are propagated by routing protocols. If set to up-only routes are only propagated if the operational status of the interface is up. If set to up-dormant routes are propagated if the status is up or dormant. If set to always routes are propagated independent of the operational status." ::= { ipExtIfEntry 24 } ipExtIfIpFragmentation OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2), equal(3), reverse(4) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines different modes used for fragmentation of IP datagrams greater than the MTU of the destination interface. If set to enabled (1) each IP datagram will be splitted into a first fragment MTU sized and the last one smaller than the first. If set to disabled (2) an ICMP unreachable message will be performed. The equal (3) mode defines a fragmentation technique wich generates fragments having approximately the same size whereon the reverse (4) mode starts with a small fragment followed by MTU sized fragment(s)." ::= { ipExtIfEntry 25 } ipExtIfRerouting OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object enables or disables rerouting on this interface. The default value is enabled. If set to disabled, then only the better one route from two or more possible routes is chosen, even if the ifOperStatus of the interface for this route is dormant." ::= { ipExtIfEntry 26 } ipExtIfBodRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the index of the first rule used for Bandwidth on Demand (BOD) that is applied for incoming and/or outgoing traffic. If set to 0 or if there is no entry in the ipBodRuleTable with this index no BOD-specific information is applied for this interface." ::= { ipExtIfEntry 27 } ipExtIfQosRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the index of the first rule used for Qos (Qualtiy of Service) rules applied for IP traffic. If set to 0 or if there is no entry in the ipQoSTable with this index no QoS-specific information is applied for this interface." ::= { ipExtIfEntry 28 } ipExtIfIpsecAccounting OBJECT-TYPE SYNTAX INTEGER { ipsec(1), clear(2), both(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines, whether packets which are en- or decapsulated by IPSec should be accounted with encapsulation header(ipsec) or without the encapsulation header (clear), or even twice (both)." ::= { ipExtIfEntry 29 } ipExtIfMulticast OBJECT-TYPE SYNTAX INTEGER { off(1), on(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable that multicast frames are accepted from that interface." ::= { ipExtIfEntry 30 } ipExtIfNatSilentDeny OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies - if NAT is enabled (see ipExtIfNat) - wether incoming IP packets not passed by the NAT barrier should answered with an ICMP Host Unreachable or TCP RST message addressed to to packet originator. If set to enabled(2), such incoming IP packets will be silently discarded." ::= { ipExtIfEntry 31 } ipExtRtTable OBJECT-TYPE SYNTAX SEQUENCE OF IpExtRtEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipExtRtTable can be used in addition (not instead of) to the ipRouteTable to specify routing of IP datagrams. The selection of datagram-types is more specific with the ipExtRtTable, so routing of different services over different pathes is possible. The specification of local IP-addresses is not possible in the ipExtRtTable. The ipExtRtTable will be searched before the ipRouteTable. If a matching entry is found, it will be taken for routing and no further lookup in the ipRouteTable will happen." ::= { biboip 4 } ipExtRtEntry OBJECT-TYPE SYNTAX IpExtRtEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry in the ipExtRtTable describes a set of IP datagrams and the destination interface for that set. Metric parameters allow for ordering of the different specifications for overlapping sets." INDEX { ipExtRtProtocol } ::= { ipExtRtTable 1 } IpExtRtEntry ::= SEQUENCE { ipExtRtProtocol INTEGER, ipExtRtSrcIfIndex INTEGER, ipExtRtSrcAddr IpAddress, ipExtRtSrcMask IpAddress, ipExtRtSrcPort INTEGER, ipExtRtSrcPortRange INTEGER, ipExtRtDstAddr IpAddress, ipExtRtDstMask IpAddress, ipExtRtDstPort INTEGER, ipExtRtDstPortRange INTEGER, ipExtRtTos INTEGER, ipExtRtTosMask INTEGER, ipExtRtDstIfMode INTEGER, ipExtRtDstIfIndex INTEGER, ipExtRtNextHop IpAddress, ipExtRtType INTEGER, ipExtRtMetric1 INTEGER, ipExtRtMetric2 INTEGER, ipExtRtMetric3 INTEGER, ipExtRtMetric4 INTEGER, ipExtRtMetric5 INTEGER, ipExtRtProto INTEGER, ipExtRtAge TimeTicks } ipExtRtProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), ggp(3), tcp(6), egp(8), pup(12), udp(17), hmp(20), xns-idp(22), rdp(27), rsvp(46), gre(47), esp(50), ah(51), igrp(88), ospf(89), l2tp(115), dont-verify(256) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the value of the protocolfield in the ip header for all IP-datagrams belonging to the set. If this object is set to dont-verify, the value of the protocol field is not specified and can take any value." ::= { ipExtRtEntry 1 } ipExtRtSrcIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the source index of the IP-datagrams. If this object has a value other than 0, only datagrams received over the interface with the appropriate interface index are considered to be part of the set. If this object is set to 0, the source interface index for the datagrams belonging to the set is not specified." ::= { ipExtRtEntry 2 } ipExtRtSrcAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtSrcMask the range of the source-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the source- addresses for the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 3 } ipExtRtSrcMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtSrcAddr the range of the source-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the source- addresses for the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 4 } ipExtRtSrcPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtSrcPortRange the range of source portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the source portnumber is not specified and can take any value." ::= { ipExtRtEntry 5 } ipExtRtSrcPortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtSrcPort the range of source portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the source portnumber is not specified and can take any value." ::= { ipExtRtEntry 6 } ipExtRtDstAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtDstMask the range of the target-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the target- addresses for the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 7 } ipExtRtDstMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtDstAddr the range of the target-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the target- addresses for the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 8 } ipExtRtDstPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtDstPortRange the range of target-portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the target portnumber is not specified and can take any value." ::= { ipExtRtEntry 9 } ipExtRtDstPortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtDstPort the range of target-portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the target portnumber is not specified and can take any value." ::= { ipExtRtEntry 10 } ipExtRtTos OBJECT-TYPE SYNTAX INTEGER (0..255) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtTosMask the range of the Type of Service field (TOS) in the IP-header of the IP-datagrams belonging to the set. A TOS value is considered within the range, when the following equation is valid: (tos & ipExtRtTosMask) == (ipExtRtTos & ipExtRtTosMask) If both objects are set to 0 the TOS value of the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 11 } ipExtRtTosMask OBJECT-TYPE SYNTAX INTEGER (0..255) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipExtRtTos the range of the Type of Service field (TOS) in the IP-header of the IP-datagrams belonging to the set. A TOS value is considered within the range, when the following equation is valid: (tos & ipExtRtTosMask) == (ipExtRtTos & ipExtRtTosMask) If both objects are set to 0 the TOS value of the datagrams in the set is not specified and can take any value." ::= { ipExtRtEntry 12 } ipExtRtDstIfMode OBJECT-TYPE SYNTAX INTEGER { dialup-wait(1), dialup-continue(2), up-only(3), always(4) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes different behavior depending on the ifOperStatus of the destination interface: dialup-wait: The route matches, when the ifOperStatus of the destination interface is either up or dormant. If the status is dormant, the ifAdminStatus is set to dialup to bring the interface to the up state. The datagram will wait until the ifOperStatus reaches the up state. For all other states, the routing tables will be searched for a different matching entry. dialup-continue: The route matches, if the ifOperStatus of the destination interface is up. For all other states, the routing tables are searched for different matching entry. However, if the ifOperStatus was dormant, the ifAdminStatus will be set to dialup to bring the interface to the up state. This setting can be used to establish a better path for a specific service and to use an existing path for that service as long as the better path could not be established. up-only: The route matches, if the ifOperStatus of the destination interface is up. For all other states, the routing tables are searched for different matching entry. always: The route matches independantly of the ifOperStatus of the destination interface. If it is up, the interface is used. If the state is dormant, ifAdminStatus is set to dialup to bring the interface in the up state. For all other states, the destination is considered unreachable. " ::= { ipExtRtEntry 13 } ipExtRtDstIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the destination interface for the IP-datagrams belonging to the set. If the value of this object is set to 0, the datagrams of the set are discarded and an ICMP destination unreachable datagram is sent back to the originator." ::= { ipExtRtEntry 14 } ipExtRtNextHop OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object is used on point-to-multipoint interfaces with indirect routes (see ipExrRtType) to specify the IP-address of the gateway on the network, where the datagram should be routed to." ::= { ipExtRtEntry 15 } ipExtRtType OBJECT-TYPE SYNTAX INTEGER { other(1), invalid(2), direct(3), indirect(4) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies, on point-to-multipoint interface wether the datagram shall be sent to the destination IP address in the IP datagram header (direct) or to a gateway (indirect). In the later case, the IP-addres of the gateway is specified by ipExtRtNextHop. If this object is set to other, the entry is not used for routing. The complete entry can also be deleted, by setting this object to invalid. " ::= { ipExtRtEntry 16 } ipExtRtMetric1 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to specify an order on the entries in the ipExtRtTable. If a datagram is matching multiple entries, the entry with the lowest value of ipExtRtMetric1 is choosen. The decision is undefined, when even after interpreting the metric, there are still multiple entries matching the IP-datagram." ::= { ipExtRtEntry 17 } ipExtRtMetric2 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Undefined yet; for further extension" ::= { ipExtRtEntry 18 } ipExtRtMetric3 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Undefined yet; for further extension" ::= { ipExtRtEntry 19 } ipExtRtMetric4 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Undefined yet; for further extension" ::= { ipExtRtEntry 20 } ipExtRtMetric5 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Undefined yet; for further extension" ::= { ipExtRtEntry 21 } ipExtRtProto OBJECT-TYPE SYNTAX INTEGER { other(1), local(2), netmgmt(3), icmp(4), egp(5), ggp(6), hello(7), rip(8), is-is(9), es-is(10), ciscoIgrp(11), bbnSpfIgp(12), ospf(13), bgp(14) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes, how the route has been gained. This will normaly be netmgmt, because there is currently no routing protocol, that is able to handle extended routes." ::= { ipExtRtEntry 22 } ipExtRtAge OBJECT-TYPE SYNTAX TimeTicks ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the age of the route." ::= { ipExtRtEntry 23 } ipNatTable OBJECT-TYPE SYNTAX SEQUENCE OF IpNatEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "If NAT is switched on for an interface, this table contains an entry for each session running over the interface. Table entries are creates by the system whenever a valid session is established. A session may be either a tcp connection, a udp connection or an icmp connection with icmp-echo messages (ping). A valid session is either an outgoing session or an incoming session specified in the ipNatPresetTable. Everything behind an interface with NAT enabled is called outside. The BRICK itself and all networks connected to it via interfaces without NAT are called inside. Table entries are removed after timeout. This timeout is specified by ipExtIfNatOtherTimeout for UDP and ICMP sessions. specified by ipExtIfTcpTimeout for TCP sessions 16 seconds for closed TCP-sessions (FIN has been received and acknowledged in both directions. " ::= { biboip 5 } ipNatEntry OBJECT-TYPE SYNTAX IpNatEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipNatIfIndex, ipNatProtocol, ipNatIntAddr, ipNatIntPort } ::= { ipNatTable 1 } IpNatEntry ::= SEQUENCE { ipNatIfIndex INTEGER, ipNatProtocol INTEGER, ipNatIntAddr IpAddress, ipNatIntPort INTEGER, ipNatExtAddr IpAddress, ipNatExtPort INTEGER, ipNatRemoteAddr IpAddress, ipNatRemotePort INTEGER, ipNatDirection INTEGER, ipNatAge TimeTicks } ipNatIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the interface, for which the session is monitored." ::= { ipNatEntry 1 } ipNatProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), tcp(6), udp(17), gre(47), esp(50), ah(51), ospf(89), l2tp(115) } ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the protocol, the session is using. The value icmp specifies an icmp-echo (ping) session. ICMP error messages are processed by the appropriate tcp or udp session. " ::= { ipNatEntry 2 } ipNatIntAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the internal local IP Address used for the session. The internal address is only visible to inside networks and is translated to the external address, when a packet is being sent outside. " ::= { ipNatEntry 3 } ipNatIntPort OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the internal local portnumber used for the session. The internal portnumber is only visible to inside networks and is translated to the external portnumber whenever a packet is being sent outside. " ::= { ipNatEntry 4 } ipNatExtAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the external local address used for the session. This address is visible outside only and will be translated to the internal address, whenever a packet is received from outside. " ::= { ipNatEntry 5 } ipNatExtPort OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the external local portnumber used for the session. This address is visible outside only and is translated to the internal portnumber, whenever a packet is received from outside. " ::= { ipNatEntry 6 } ipNatRemoteAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the remote IP-address used for the session. This is an outside address. However, it is visible to outside networks and also to inside networks. " ::= { ipNatEntry 7 } ipNatRemotePort OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the remote portnumber used for the session. This is an outside portnumber. However, it is visible to outside networks and also to inside networks. " ::= { ipNatEntry 8 } ipNatDirection OBJECT-TYPE SYNTAX INTEGER { incoming(1), outgoing(2) } ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies, whether the session is incoming (from outside to inside) or outgoing (from inside to outside). " ::= { ipNatEntry 9 } ipNatAge OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies how long no packet has been transferred for the session and is used internally for timeout purposes. " ::= { ipNatEntry 10 } ipNatPresetTable OBJECT-TYPE SYNTAX SEQUENCE OF IpNatPresetEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "This table specifies the IP addresses and port numbers for sessions requested from outside. If this table is empty and NAT is enabled, only packets for sessions initiated from inside are forwarded. The IP address and the port number of the internal server can be specified individually for each combination of - protocol (udp/tcp/icmp) - initiating hosts IP address (RemoteAddr, RemoteMask) - called hosts IP address (ExtAddr, ExtMask) - called port number (ExtPort, ExtPortRange) Entries in the table are created and removed manually by network management." ::= { biboip 6 } ipNatPresetEntry OBJECT-TYPE SYNTAX IpNatPresetEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipNatPrIfIndex, ipNatPrProtocol, ipNatPrExtPort } ::= { ipNatPresetTable 1 } IpNatPresetEntry ::= SEQUENCE { ipNatPrIfIndex INTEGER, ipNatPrProtocol INTEGER, ipNatPrRemoteAddr IpAddress, ipNatPrRemoteMask IpAddress, ipNatPrExtAddr IpAddress, ipNatPrExtMask IpAddress, ipNatPrExtPort INTEGER, ipNatPrExtPortRange INTEGER, ipNatPrIntAddr IpAddress, ipNatPrIntPort INTEGER } ipNatPrIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the interface index, for which the table entry shall be valid. If set to 0, the entry will be valid for all interfaces configured to use NAT." ::= { ipNatPresetEntry 1 } ipNatPrProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), tcp(6), udp(17), gre(47), esp(50), ah(51), ospf(89), ipinip(94), l2tp(115), delete(256) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the protocol, for which the table entry shall be valid." ::= { ipNatPresetEntry 2 } ipNatPrRemoteAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrRemoteMask the the set of IP addresses of remote hosts initiating the connection. The table entry will be valid for an incoming call, when the IP adress of the remote host initiating the connection lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for any remote host." ::= { ipNatPresetEntry 3 } ipNatPrRemoteMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrRemoteAddr the the set of IP addresses of remote hosts initiating the connection. The table entry will be valid for an incoming call, when the IP adress of the remote host initiating the connection lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for any remote host." ::= { ipNatPresetEntry 4 } ipNatPrExtAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrExtMask the the set of called IP addresses, for which the table entry shall be valid. The entry is valid, if the called IP address of an incoming calls setup packet lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for any called IP address." ::= { ipNatPresetEntry 5 } ipNatPrExtMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrExtAddr the the set of called IP addresses, for which the table entry shall be valid. The entry is valid, if the called IP address of an incoming calls setup packet lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for any called IP address." ::= { ipNatPresetEntry 6 } ipNatPrExtPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrExtPortRange the range of portnumbers for incoming call, for which the table entry shall be valid. If both objects are set to -1, the entry is valid for all portnumbers. If ipNatPrPortRange is set to -1, the entry is only valid, when the called portnumber of an incoming call is equal to ipNatPrExtPort. Otherwise, the entry is valid, if the called portnumber lies in the range ExtPort .. ExtPortRange." ::= { ipNatPresetEntry 7 } ipNatPrExtPortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatPrExtPort the range of portnumbers for incoming call, for which the table entry shall be valid. If both objects are set to -1, the entry is valid for all portnumbers. If ipNatPrPortRange is set to -1, the entry is only valid, when the called portnumber of an incoming call is equal to ipNatPrExtPort. Otherwise, the entry is valid, if the called portnumber lies in the range ExtPort .. ExtPortRange." ::= { ipNatPresetEntry 8 } ipNatPrIntAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the internal target hosts IP address for incoming calls matching the table entry. An incoming call matching this entry will be routed to the internal server specified by this object. If this object is set to 0.0.0.0 the target host will be the original target host in the incoming calls setup packet. No translation of the IP-addresses take place in this case. " ::= { ipNatPresetEntry 9 } ipNatPrIntPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the internal target hosts port-number for incoming calls matching the table entry. If this object is set to -1, the target portnumber will be taken from the original incoming calls setup packet. No translation of the portnumber will take place in this case. If the set of portnumbers for this table entry is a range instead of a single portnumber, this object will specify the base of the target range of portnumbers. The internal portnumber will be constructed as follows: new-target-port := old-target-port - ipNatPrExtPort + ipNatPrIntPort " ::= { ipNatPresetEntry 10 } ipSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSessionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" ::= { biboip 7 } ipSessionEntry OBJECT-TYPE SYNTAX IpSessionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipSessionProtocol, ipSessionSrcAddr, ipSessionSrcPort, ipSessionDstAddr, ipSessionDstPort } ::= { ipSessionTable 1 } IpSessionEntry ::= SEQUENCE { ipSessionSrcAddr IpAddress, ipSessionSrcPort INTEGER, ipSessionDstAddr IpAddress, ipSessionDstPort INTEGER, ipSessionOutPkts Counter, ipSessionOutOctets Counter, ipSessionInPkts Counter, ipSessionInOctets Counter, ipSessionProtocol INTEGER, ipSessionAge TimeTicks, ipSessionIdle TimeTicks, ipSessionSrcIfIndex INTEGER, ipSessionDstIfIndex INTEGER } ipSessionSrcAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 1 } ipSessionSrcPort OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 2 } ipSessionDstAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 3 } ipSessionDstPort OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 4 } ipSessionOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 5 } ipSessionOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 6 } ipSessionInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 7 } ipSessionInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 8 } ipSessionProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), ggp(3), tcp(6), egp(8), pup(12), udp(17), hmp(20), xns-idp(22), rdp(27), rsvp(46), gre(47), esp(50), ah(51), igrp(88), ospf(89), l2tp(115) } ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 9 } ipSessionAge OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 10 } ipSessionIdle OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 11 } ipSessionSrcIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 12 } ipSessionDstIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "" ::= { ipSessionEntry 13 } ipImportTable OBJECT-TYPE SYNTAX SEQUENCE OF IpImportEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "This table specifies how routes from one routing protocol are imported into another routing protocol. The dummy protocol default-route allows the generation of a default route for the routing domain. Not all combinations of source and destination protocols might be valid or implemented." ::= { biboip 12 } ipImportEntry OBJECT-TYPE SYNTAX IpImportEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipImportSrcProto, ipImportDstProto } ::= { ipImportTable 1 } IpImportEntry ::= SEQUENCE { ipImportSrcProto INTEGER, ipImportDstProto INTEGER, ipImportMetric1 INTEGER, ipImportType INTEGER, ipImportAddr IpAddress, ipImportMask IpAddress, ipImportIfIndex INTEGER } ipImportSrcProto OBJECT-TYPE SYNTAX INTEGER { default-route(1), direct(2), static(3), rip(4), ospf(5), special(6), radius(7) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes the protocol that generated the route and inserted it into the routing table." ::= { ipImportEntry 1 } ipImportDstProto OBJECT-TYPE SYNTAX INTEGER { delete(1), rip(2), ospf(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes the destination protocol into that the routes should be imported." ::= { ipImportEntry 2 } ipImportMetric1 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the metric in the context of the destination protocol the imported routes should get. If set to -1 these routes get a protocol specific default metric." ::= { ipImportEntry 3 } ipImportType OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object might define protocol specific properties of the imported routes in the context of the destination protocol." ::= { ipImportEntry 4 } ipImportAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipImportMask the range of IP addresses for which the table entry should be valid. The entry is valid if the destination IP address of the route lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for destination." ::= { ipImportEntry 5 } ipImportMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipImportAddr the range of IP addresses for which the table entry should be valid. The entry is valid if the destination IP address of the route lies in the range specified by both objects. If both objects are set to 0.0.0.0, the table entry will be valid for destination." ::= { ipImportEntry 6 } ipImportEffect OBJECT-TYPE SYNTAX INTEGER { import (1), doNotImport(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the effect this row should have. If set to import, the importation from ipImportSrcProto to ipImportDstProto takes place. If set to doNotImport the importation is prevented." ::= { ipImportEntry 7 } ipImportIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the interface index of the interface for which the entry should be valid. If set to 0 it will be valid for all interfaces." ::= { ipImportEntry 8 } ipPriorityTable OBJECT-TYPE SYNTAX SEQUENCE OF IpPriorityEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "This table defines the order, in which routes from different protocols are being used to determine the destination of an ip packet. The table will contain an entry for each type of routing protocol including STATIC and DIRECT routes. A priority-value can be configured for each of those protocols to get an order between the different protocols. The table contains a fixed number of entries. Only the priority may be configured." ::= { biboip 13 } ipPriorityEntry OBJECT-TYPE SYNTAX IpPriorityEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipPriorityProto } ::= { ipPriorityTable 1 } IpPriorityEntry ::= SEQUENCE { ipPriorityProto INTEGER, ipPriorityValue INTEGER } ipPriorityProto OBJECT-TYPE SYNTAX INTEGER { direct(1), static(2), rip(3), -- RIP routes ospf(4), -- OSPF intra and inter area routes ospf-ext(5) -- OSPF type 1 and 2 external routes } ACCESS read-only STATUS mandatory DESCRIPTION "This object specifies the routig-protocol, for which the entry is valid." ::= { ipPriorityEntry 1 } ipPriorityValue OBJECT-TYPE SYNTAX INTEGER (0..63) ACCESS read-write STATUS mandatory DESCRIPTION "This object contains the priority-value for a specific routing protocol. Low values mean high precedence." ::= { ipPriorityEntry 2 } ipFilterTable OBJECT-TYPE SYNTAX SEQUENCE OF IpFilterEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipFilterTable defines filters that describe subsets of IP packets. The filter matches if all conditions defined are true when comparing with the header of an IP packet." ::= { biboip 15 } ipFilterEntry OBJECT-TYPE SYNTAX IpFilterEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipFilterProtocol } ::= { ipFilterTable 1 } IpFilterEntry ::= SEQUENCE { ipFilterIndex INTEGER, ipFilterDescr DisplayString, ipFilterProtocol INTEGER, ipFilterSrcAddr IpAddress, ipFilterSrcMask IpAddress, ipFilterSrcPort INTEGER, ipFilterSrcPortRange INTEGER, ipFilterDstAddr IpAddress, ipFilterDstMask IpAddress, ipFilterDstPort INTEGER, ipFilterDstPortRange INTEGER, ipFilterTcpConnState INTEGER, ipFilterIcmpType INTEGER, ipFilterTos INTEGER, ipFilterTosMask INTEGER } ipFilterIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "This object uniquely references this filter. The index value is generated automatically." ::= { ipFilterEntry 1 } ipFilterDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-write STATUS mandatory DESCRIPTION "A textual string describing this filter." ::= { ipFilterEntry 2 } ipFilterProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), ggp(3), ip(4), tcp(6), egp(8), igp(9), pup(12), chaos(16), udp(17), hmp(20), xns-idp(22), rdp(27), rsvp(46), gre(47), esp(50), ah(51), tlsp(56), skip(57), kryptolan(65), iso-ip(80), igrp(88), ospf(89), ipip(94), ipx-in-ip(111), vrrp(112), l2tp(115), delete(255), dont-verify(256) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the value of the protocol field in the ip header for all IP-datagrams belonging to the set. If this object is set to dont-verify, the value of the protocol field is not specified and can take any value." ::= { ipFilterEntry 3 } ipFilterSrcAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipFilterSrcMask the set of IP addresses of datagrams that belong to the subset defined by this entry. If both objects are set to 0.0.0.0 the source-addresses for the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 4 } ipFilterSrcMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipFilterSrcAddr the set of IP addresses of datagrams that belong to the subset defined by this entry. If both objects are set to 0.0.0.0 the source-addresses for the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 5 } ipFilterSrcPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterSrcPortRange the range of source portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the source portnumber is not specified and can take any value." ::= { ipFilterEntry 6 } ipFilterSrcPortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterDstPort the range of source portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the source portnumber is not specified and can take any value." ::= { ipFilterEntry 7 } ipFilterDstAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterDstMask the range of the target-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the target- addresses for the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 8 } ipFilterDstMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterDstAddr the range of the target-addresses of the IP-datagrams belonging to the set. If both objects are set to 0.0.0.0 the target- addresses for the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 9 } ipFilterDstPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterDstPortRange the range of target-portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the target portnumber is not specified and can take any value." ::= { ipFilterEntry 10 } ipFilterDstPortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterDstPort the range of target-portnumbers of the IP-datagrams belonging to the set. All portnumbers between and including the two objects are within the range. If both objects are the to -1, the value of the target portnumber is not specified and can take any value." ::= { ipFilterEntry 11 } ipFilterTcpConnState OBJECT-TYPE SYNTAX INTEGER { dont-verify(1), established(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes the state of the TCP connection associated with the packets belonging to the set. If this object is set to established, the value of the TCP flags of incoming packets is checked. Packets with flags that initiate TCP connections are excluded from the set. If this object is set to dont-verify, the TCP flags are not checked and can be any value." ::= { ipFilterEntry 12 } ipFilterIcmpType OBJECT-TYPE SYNTAX INTEGER { dont-verify(31), echoRep(1), destUnreach(4), srcQuench(5), redirect(6), echo(9), timeExcds(12), parmProb(13), timestamp(14), timestampRep(15), addrMask(16), addrMaskRep(17) } ACCESS read-write STATUS mandatory DESCRIPTION "This object describes the ICMP type of the packets belonging to the set. If this object is set to dont-verify, the value of the ICMP type field is not specified and can take any value." ::= { ipFilterEntry 13 } ipFilterTos OBJECT-TYPE SYNTAX INTEGER (0..255) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterTosMask the range of the Type of Service field (TOS) in the IP-header of the IP-datagrams belonging to the set. A TOS value is considered within the range, when the following equation is valid: (tos & ipFilterTosMask) == (ipFilterTos & ipFilterTosMask) If both objects are set to 0 the TOS value of the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 14 } ipFilterTosMask OBJECT-TYPE SYNTAX INTEGER (0..255) ACCESS read-write STATUS mandatory DESCRIPTION "This object describes together with ipFilterTos the range of the Type of Service field (TOS) in the IP-header of the IP-datagrams belonging to the set. A TOS value is considered within the range, when the following equation is valid: (tos & ipFilterTosMask) == (ipFilterTos & ipFilterTosMask) If both objects are set to 0 the TOS value of the datagrams in the set is not specified and can take any value." ::= { ipFilterEntry 15 } ipRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF IpRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipRuleTable defines access rules for checking incoming IP packets. The rules are processed in order, i.e. each rule has a link to the next rule. The set of rules is processed until a match occurs, that means the rule's associated filter matches and the specified action is performed (either accept or deny a packet). The last rule is implicitly a deny rule. The set of rules to be processed can be defined for each interface" ::= { biboip 16 } ipRuleEntry OBJECT-TYPE SYNTAX IpRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipRuleFilterIndex } ::= { ipRuleTable 1 } IpRuleEntry ::= SEQUENCE { ipRuleIndex INTEGER, ipRuleFilterIndex INTEGER, ipRuleAction INTEGER, ipRuleNextRuleIndex INTEGER } ipRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Unique rule index." ::= { ipRuleEntry 1 } ipRuleFilterIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "References the rule's associated filter." ::= { ipRuleEntry 2 } ipRuleAction OBJECT-TYPE SYNTAX INTEGER { allow(1), -- allow if filter matches allow-if-not(2),-- allow if filter not matches deny(3), -- deny if filter matches deny-if-not(4), -- deny if filter not matches ignore(5), -- ignore rule and skip to next rule delete(6) -- delete the entry from the table } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the action to be performed if the rule's associated filter matches. If set to ignore the filter is not consulted and the next rule is processed immediately." ::= { ipRuleEntry 3 } ipRuleNextRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Specifies the next rule to be processed if the rule's associated filter does not match. The value 0 is used to mark the end of the rule set." ::= { ipRuleEntry 4 } ipNatOutTable OBJECT-TYPE SYNTAX SEQUENCE OF IpNatOutEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "This table specifies the IP address translation for outgoing sessions. If no matching entry is found the IP address is set to the IP address defined on the interface configured for NAT. If a matching entry is found, the source IP address of outgoing IP packets is set to the value of ipNatOutExtAddr. This table is only used if the outgoing address translation is activated (ipExtIfNatOutXlat). Entries in the table are created and removed manually by network management." ::= { biboip 18 } ipNatOutEntry OBJECT-TYPE SYNTAX IpNatOutEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipNatOutIfIndex, ipNatOutIntAddr, ipNatOutExtAddr } ::= { ipNatOutTable 1 } IpNatOutEntry ::= SEQUENCE { ipNatOutIfIndex INTEGER, ipNatOutProtocol INTEGER, ipNatOutRemoteAddr IpAddress, ipNatOutRemoteMask IpAddress, ipNatOutExtAddr IpAddress, ipNatOutRemotePort INTEGER, ipNatOutRemotePortRange INTEGER, ipNatOutIntAddr IpAddress, ipNatOutIntMask IpAddress, ipNatOutIntPort INTEGER, ipNatOutExtPort INTEGER } ipNatOutIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the interface index, for which the table entry shall be valid. If set to 0, the entry will be valid for all interfaces configured to use NAT." ::= { ipNatOutEntry 1 } ipNatOutProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), tcp(6), udp(17), gre(47), esp(50), ah(51), l2tp(115), any(255), delete(256) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the protocol, for which the table entry shall be valid." ::= { ipNatOutEntry 2 } ipNatOutRemoteAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutRemoteMask the set of target IP addresses for which the table entry is valid. If both objects are set to 0.0.0.0, the table entry will be valid for any target IP address." ::= { ipNatOutEntry 3 } ipNatOutRemoteMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutRemoteAddr the set of target IP addresses for which the table entry is valid. If both objects are set to 0.0.0.0, the table entry will be valid for any target IP address." ::= { ipNatOutEntry 4 } ipNatOutExtAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the external IP address to which the internal IP address is mapped." ::= { ipNatOutEntry 5 } ipNatOutRemotePort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutRemotePortRange the range of portnumbers for outgoing calls, for which the table entry shall be valid. If both objects are set to -1, the entry is valid for all portnumbers. If ipNatOutPortRange is set to -1, the entry is only valid, when the portnumber of an outgoing call is equal to ipNatOutRemotePort. Otherwise, the entry is valid, if the called portnumber lies in the range RemotePort .. RemotePortRange." ::= { ipNatOutEntry 6 } ipNatOutRemotePortRange OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutRemotePort the range of portnumbers for outgoing calls, for which the table entry shall be valid. If both objects are set to -1, the entry is valid for all portnumbers. If ipNatOutPortRange is set to -1, the entry is only valid, when the portnumber of an outgoing call is equal to ipNatOutRemotePort. Otherwise, the entry is valid, if the called portnumber lies in the range RemotePort .. RemotePortRange." ::= { ipNatOutEntry 7 } ipNatOutIntAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutIntMask the internal hosts IP address for outgoing calls matching the table entry. If both objects are set to 0.0.0.0, the table entry will be valid for any source IP address." ::= { ipNatOutEntry 8 } ipNatOutIntMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipNatOutIntAddr the internal hosts IP address for outgoing calls matching the table entry. If both objects are set to 0.0.0.0, the table entry will be valid for any source IP address." ::= { ipNatOutEntry 9 } ipNatOutIntPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the internal source port for which the table entry shall be valid. If this object is set to -1, any internal source port matches this entry." ::= { ipNatOutEntry 10 } ipNatOutExtPort OBJECT-TYPE SYNTAX INTEGER (-1..65535) ACCESS read-write STATUS mandatory DESCRIPTION "This object may be used to specify a fixed external source port to which the internal source port is mapped. If this object is set to -1, the port is mapped to the next free source port available." ::= { ipNatOutEntry 11 } ipHostsAliveTable OBJECT-TYPE SYNTAX SEQUENCE OF IpHostsAliveEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "This table specifies the watched IP addresses. Entries in the table are created and removed manually by network management." ::= { biboip 19 } ipHostsAliveEntry OBJECT-TYPE SYNTAX IpHostsAliveEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipHostsAliveIPAddress } ::= { ipHostsAliveTable 1 } IpHostsAliveEntry ::= SEQUENCE { ipHostsAliveGroup INTEGER, ipHostsAliveIPAddress IpAddress, ipHostsAliveState INTEGER, ipHostsAliveInterval INTEGER, ipHostsAliveDownAction INTEGER, ipHostsAliveFirstIfIndex INTEGER, ipHostsAliveRange INTEGER } ipHostsAliveGroup OBJECT-TYPE SYNTAX INTEGER (0..9) ACCESS read-write STATUS mandatory DESCRIPTION "The group of the watched IP-Addresses" ::= { ipHostsAliveEntry 1 } ipHostsAliveIPAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The watched IP-Address" ::= { ipHostsAliveEntry 2 } ipHostsAliveState OBJECT-TYPE SYNTAX INTEGER { alive(1), down(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The State of the watched IP-Address" ::= { ipHostsAliveEntry 3 } ipHostsAliveInterval OBJECT-TYPE SYNTAX INTEGER (1..65536) ACCESS read-write STATUS mandatory DESCRIPTION "This is the timeinterval for state verification" ::= { ipHostsAliveEntry 4 } ipHostsAliveDownAction OBJECT-TYPE SYNTAX INTEGER { up(1), down(2), delete(3) } ACCESS read-write STATUS mandatory DESCRIPTION "This action must be perform, if the hosts do not answer " ::= { ipHostsAliveEntry 5 } ipHostsAliveFirstIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The first ifc" ::= { ipHostsAliveEntry 6 } ipHostsAliveRange OBJECT-TYPE SYNTAX INTEGER (0..65536) ACCESS read-write STATUS mandatory DESCRIPTION "The range of all ifcus" ::= { ipHostsAliveEntry 7 } ipBodRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF IpBodRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipBodRuleTable defines access rules for checking incoming IP packets. The rules are processed in order, i.e. each rule has a link to the next rule. The set of rules is processed until a match occurs, that means the rule's associated filter matches and the specified action is performed (either request or deny additional bandwidth). The last rule is implicitly a deny rule. The set of rules to be processed can be defined for each interface." ::= { biboip 21 } ipBodRuleEntry OBJECT-TYPE SYNTAX IpBodRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipBodRuleFilterIndex } ::= { ipBodRuleTable 1 } IpBodRuleEntry ::= SEQUENCE { ipBodRuleIndex INTEGER, ipBodRuleFilterIndex INTEGER, ipBodRuleAction INTEGER, ipBodRuleDirection INTEGER, ipBodRuleNextRuleIndex INTEGER, ipBodRuleIdleTime INTEGER } ipBodRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Unique rule index." ::= { ipBodRuleEntry 1 } ipBodRuleFilterIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "References the rule's associated filter." ::= { ipBodRuleEntry 2 } ipBodRuleAction OBJECT-TYPE SYNTAX INTEGER { invoke(1), -- invoke bandwidth if filter matches invoke-if-not(2), -- invoke if filter not matches deny(3), -- deny BOD if filter matches deny-if-not(4), -- deny BOD if filter not matches ignore(5), -- ignore rule and skip to next rule delete(6) -- delete the entry from the table } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the action to be performed if the rule's associated filter matches. If set to ignore the filter is not consulted and the next rule is processed immediately." ::= { ipBodRuleEntry 3 } ipBodRuleDirection OBJECT-TYPE SYNTAX INTEGER { outgoing(1), -- used for outgoing packets only incoming(2), -- used for incoming packets only both(3) -- used for both directions } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the direction of the packets for which the rule is processed." ::= { ipBodRuleEntry 4 } ipBodRuleChannels OBJECT-TYPE SYNTAX INTEGER (0..8) ACCESS read-write STATUS mandatory DESCRIPTION "The number of B-channels to invoke if the rule's associated filter matches." ::= { ipBodRuleEntry 5 } ipBodRuleNextRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Specifies the next rule to be processed if the rule's associated filter does not match. The value 0 is used to mark the end of the rule set." ::= { ipBodRuleEntry 6 } ipBodRuleIdleTime OBJECT-TYPE SYNTAX INTEGER (-1..3600) ACCESS read-write STATUS mandatory DESCRIPTION "Specifies the time in seconds the interface-specific shorthold interval (see biboPPPTable) is extended if the rule's associated filter matches. When set to zero this setting is ignored. When set to -1 matching packets are sent piggyback, they are not considered for shorthold mode." ::= { ipBodRuleEntry 7 } ipQoSTable OBJECT-TYPE SYNTAX SEQUENCE OF IpQoSEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipQosTable defines the classifier rules that are applied to IP traffic arriving this interface in a particular direction. The rules are processed in order, i.e. each rule has a link to the next rule. The set of rules is processed until a match occurs, that means the rule's associated filter matches and the specified action is performed (set the IP headers TOS field, specify a service class for QoS). The set of these rules to be processed can be defined for each interface." ::= { biboip 22 } ipQoSEntry OBJECT-TYPE SYNTAX IpQoSEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "" INDEX { ipQoSFilterIndex } ::= { ipQoSTable 1 } IpQoSEntry ::= SEQUENCE { ipQoSIndex INTEGER, ipQoSFilterIndex INTEGER, ipQoSNextRuleIndex INTEGER, ipQoSAction INTEGER, ipQoSTos INTEGER, -- ipQoSClassOfService INTEGER, ipQosTosSetRate INTEGER, ipQosTosSetBurst INTEGER, -- ipQosTosSetExceedAction INTEGER, ipQoSServiceClass INTEGER, ipQoSClassId INTEGER, ipQoSDirection INTEGER } ipQoSIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Unique rule index." ::= { ipQoSEntry 1 } ipQoSFilterIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "References the associated filter (see IpFilterTable)." ::= { ipQoSEntry 2 } ipQoSNextRuleIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Specifies the next classifier rule to be processed if the rule's associated filter does not match. The value 0 is used to mark the end of the rule set." ::= { ipQoSEntry 3 } ipQoSAction OBJECT-TYPE SYNTAX INTEGER { classify(1), -- filter matches, set TOS & classify packet classify-if-not(2), -- classify if filter not matches disabled(3), -- ignore rule and skip to next rule delete(4) -- delete the entry from the table } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the action to be performed if the associated filter matches. If set to ignore the filter is not consulted and the next rule is processed immediately, possible values: classify(1) = filter matches, set TOS & classify packet classify-if-not(2) = classify if filter doesn't match disabled(3) = ignore rule and skip to next rule delete(4) = delete the entry from the table." ::= { ipQoSEntry 4 } ipQoSTos OBJECT-TYPE SYNTAX INTEGER (0..255) ACCESS read-write STATUS mandatory DESCRIPTION "Value for TOS field inside IP header to be set." ::= { ipQoSEntry 5 } -- ipQoSClassOfService OBJECT-TYPE -- SYNTAX INTEGER (1..255) -- ACCESS read-write -- STATUS mandatory -- -- DESCRIPTION -- "Specifies the class of service used for the congestion -- management, priorization and traffic shapping. If set to -- 256 (high priority service class) the related traffic -- will be always handled first." -- ::= { ipQoSEntry 6 } -- ipQoSTosSetRate OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-write STATUS mandatory DESCRIPTION "Maximum amount of packets per second that should be TOS changed." ::= { ipQoSEntry 7 } ipQoSTosSetBurst OBJECT-TYPE SYNTAX INTEGER (0..65535) ACCESS read-write STATUS mandatory DESCRIPTION "Maximum amount of packets per second additional to the ipQosSetRate that could be TOS changed." ::= { ipQoSEntry 8 } -- ipQoSTosSetExceedAction OBJECT-TYPE -- SYNTAX INTEGER { -- none(1), -- map-to-default(2), -- remark-tos(3), -- drop(4) -- } -- ACCESS read-write -- STATUS mandatory -- -- DESCRIPTION -- "This object specifies the action to be done if the maximum -- amount of TOS changed IP packets per second is reached. -- When set to none(1) exceeding packets are attached to the -- class defined by ipQoSClassId, when set to map-to-default(2) -- these packets will be attached to the default class." -- ::= { ipQoSEntry 10 } -- ipQoSServiceClass OBJECT-TYPE SYNTAX INTEGER { normal(1), high-priority(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipQoSClassId the class of service used for the congestion management, priorization and traffic shapping. If set to high-priority(2) (high priority service class) the related traffic will be always handled first and ipQoSClassId is ignored." ::= { ipQoSEntry 11 } ipQoSClassId OBJECT-TYPE SYNTAX INTEGER (1..255) ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies together with ipQoSServiceClass (normal(1) only) the class of service used for congestion avoidance, congestion management, priorization and traffic shapping. Note that this ID is not used to give a nominal priority to the related IP traffic." ::= { ipQoSEntry 12 } ipQoSDirection OBJECT-TYPE SYNTAX INTEGER { outgoing(1), -- used for outgoing packets only incoming(2), -- used for incoming packets only both(3) -- used for both directions } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the direction for witch this classifier rule applies on this interface, possible values: outgoing(1) = used for outgoing packets only incoming(2) = used for incoming packets only both(3) = used for both directions." ::= { ipQoSEntry 13 } END -- of BIANCA-BRICK definitions