-- ============================================================================ -- Copyright (C) 2003 by HUAWEI-3COM TECHNOLOGIES. All rights reserved. -- Description: This mib file is used for configuration of NAT. -- include :1.NAT pool -- 2.NAT out bound -- 3.NAT inside server -- 4.NAT agetime -- 5.NAT blacklist -- 6.NAT statistics information -- 7.NAT DNS -- Reference: -- Version: V1.2 -- History: -- V1.0 2004/09/17 created by xiaoshuchao -- V1.1 2005/06/01 Modified by liguanmin -- Modify the value range of the node h3cNATOutboundPoolIdx -- V1.2 2007/05/22 Modified by tangjiafeng -- Modify the value range of the node h3cNATSessionPeerPort -- ============================================================================ H3C-NAT-MIB DEFINITIONS ::= BEGIN IMPORTS h3cCommon FROM HUAWEI-3COM-OID-MIB ifIndex FROM RFC1213-MIB TimeTicks, IpAddress, Integer32, Counter32, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI RowStatus, DisplayString FROM SNMPv2-TC; h3cNat MODULE-IDENTITY LAST-UPDATED "200409170100Z" -- September 17, 2004 at 01:00 GMT ORGANIZATION "Huawei-3Com Technologies Co., Ltd." CONTACT-INFO "http://www.huawei-3com.com" DESCRIPTION "This MIB contains objects to manage configuration of NAT. There are no constraints on this MIB." REVISION "200501201518Z" -- January 20, 2005 at 15:18 GMT DESCRIPTION "The initial revision of this MIB module." ::= { h3cCommon 18 } -- -- Node definitions -- -- Global Variants h3cNATGlobalVars OBJECT IDENTIFIER ::= { h3cNat 1 } -- **************Global Variants*************** -- NAT Clear Session h3cNATClearSession OBJECT IDENTIFIER ::= { h3cNATGlobalVars 1 } h3cNATClearSessionSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14 | 255) MAX-ACCESS read-write STATUS current DESCRIPTION "The number of NAT board in which administrator wants to clear data of the session. In router, the value is 255 because no NAT board in it. This node only supports 'set' operation. The return value of 'get' operation is meaningless." ::= { h3cNATClearSession 1 } -- NAT blacklist UserConnectLimitPara h3cNATBLConnectLimitPara OBJECT IDENTIFIER ::= { h3cNATGlobalVars 2 } h3cNATBLConnectHighValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal connection amount. If the connection amount exceeds the value, the IP address will be added into blacklist. The IP address will not be removed from blacklist until the connection amount is less than the minimal connection amount." DEFVAL { 500 } ::= { h3cNATBLConnectLimitPara 1 } h3cNATBLConnectLowValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal connection amount." DEFVAL { 200 } ::= { h3cNATBLConnectLimitPara 2 } h3cNATBLConnectHighRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal connection rate(in second). If the connection rate exceed the value, the IP address will be added into blacklist. The IP address will not be removed from blacklist until the connection rate is less than the minimal connection rate." DEFVAL { 250 } ::= { h3cNATBLConnectLimitPara 3 } h3cNATBLConnectLowRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal connection rate(in second)." DEFVAL { 100 } ::= { h3cNATBLConnectLimitPara 4 } h3cNATBLSpecialConnectHighRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal special connection rate(in second). When administrator wants to control the speed of connection, he can selects the connection speed rate or special connection rate." DEFVAL { 250 } ::= { h3cNATBLConnectLimitPara 5 } h3cNATBLSpecialConnectLowRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal special connection rate(in second)." DEFVAL { 100 } ::= { h3cNATBLConnectLimitPara 6 } -- NAT blacklist property control Enable h3cNATBLCtrlEnable OBJECT IDENTIFIER ::= { h3cNATGlobalVars 3 } h3cNATBLConnectSumEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable or disable the connection amount control." DEFVAL { disable } ::= { h3cNATBLCtrlEnable 1 } h3cNATBLConnectRateEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable or disable the connection rate control." DEFVAL { disable } ::= { h3cNATBLCtrlEnable 2 } -- NAT NP aging-time h3cNATNPTimer OBJECT IDENTIFIER ::= { h3cNATGlobalVars 4 } h3cNATNPAgingTime OBJECT-TYPE SYNTAX INTEGER { fast(1), slow(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "There are two kinds of aging time in NP. One is fast and the other is slow. Administrator can select one or other. The defalult is fast." DEFVAL { fast } ::= { h3cNATNPTimer 1 } h3cNATMibObjects OBJECT IDENTIFIER ::= { h3cNat 2 } -- **************MibObjects*************** -- NAT address pool table h3cNATPoolInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATPoolInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT address pool table : The address in the pool is the IP address in the global network. The pool can span 255 IP addresses.All address pools configured by administrator are recorded in this table." ::= { h3cNATMibObjects 1 } h3cNATPoolInfoEntry OBJECT-TYPE SYNTAX H3cNATPoolInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT address pool table." INDEX { h3cNATPoolIdx } ::= { h3cNATPoolInfoTable 1 } H3cNATPoolInfoEntry ::= SEQUENCE { h3cNATPoolIdx Integer32, h3cNATPoolStartIpAddr IpAddress, h3cNATPoolEndIpAddr IpAddress, h3cNATPoolSlotNo INTEGER, h3cNATPoolRefCounter Integer32, h3cNATPoolRowStatus RowStatus } h3cNATPoolIdx OBJECT-TYPE SYNTAX Integer32 (1..320) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index of the address pool: The index uniquely indicates the address pool in the system, and its range is from 1 to 320. " ::= { h3cNATPoolInfoEntry 1 } h3cNATPoolStartIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The start IP address of address pool: It must be less than or equal to the end IP address." ::= { h3cNATPoolInfoEntry 2 } h3cNATPoolEndIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The end IP address of address pool: It must be more than or equal to the start IP address." ::= { h3cNATPoolInfoEntry 3 } h3cNATPoolSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board to which the address pool is bound. The address translation is processed by this NAT board . The relation between address pool and slotNo is n:1. When the address pool is not bound to the NAT board,the value is 255. " ::= { h3cNATPoolInfoEntry 4 } h3cNATPoolRefCounter OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The counter of reference. A address pool can be associated with more than one ACL and the counter of reference is recorded in this field. When the address pool is not associated with ACL, the value is 0." ::= { h3cNATPoolInfoEntry 5 } h3cNATPoolRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATPoolIdx, h3cNATPoolStartIpAddr and h3cNATPoolEndIpAddr were provided correctly, its value is changed 'active'." ::= { h3cNATPoolInfoEntry 6 } -- NAT Out bound Table h3cNATOutboundTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATOutboundEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT out bound table: through associating ACL number, address pool with NAT board, administrator can designate which inside IP address can be translated to global IP address in the pool and the translation is processed by which NAT board." ::= { h3cNATMibObjects 2 } h3cNATOutboundEntry OBJECT-TYPE SYNTAX H3cNATOutboundEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT out bound table." INDEX { ifIndex, h3cNATOutboundAclNo } ::= { h3cNATOutboundTable 1 } H3cNATOutboundEntry ::= SEQUENCE { h3cNATOutboundAclNo INTEGER, h3cNATOutboundPoolIdx INTEGER, h3cNATOutboundIsNoPat INTEGER, h3cNATOutboundSlotNo Integer32, h3cNATOutboundRowStatus RowStatus } h3cNATOutboundAclNo OBJECT-TYPE SYNTAX INTEGER (2000..3999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of ACL(Access Control List). When the packet accords with the rule in the ACL, its source IP address will be translated to IP address in Address pool." ::= { h3cNATOutboundEntry 1 } h3cNATOutboundPoolIdx OBJECT-TYPE SYNTAX INTEGER (0..320 | 2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The index of address pool in h3cNATPoolInfoTable. when administrator doesn't use the address pool and use the IP address of the interface as the address of global network, the value is 2147483647." ::= { h3cNATOutboundEntry 2 } h3cNATOutboundIsNoPat OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Whether to use no pat manner. The translation of no pat is that the translation doesn't use the port information of packet." DEFVAL { false } ::= { h3cNATOutboundEntry 3 } h3cNATOutboundSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { h3cNATOutboundEntry 4 } h3cNATOutboundRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATOutboundAclNo or h3cNATOutboundAclNo and h3cNATOutboundPoolIdx were provided correctly, its value is changed 'active'." ::= { h3cNATOutboundEntry 5 } -- NAT inside Server Table h3cNATServerTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT inside Server Table. Administrator can configure server in the private network which can provide service for people in the public network. The translation map is : (InsideIP , InsidePort--> GlobalIP, GlobalPort ) (InsideIP + 1 , InsidePort--> GlobalIP, GlobalPort + 1) (InsideIP + 2 , InsidePort--> GlobalIP, GlobalPort + 2) ... ... ... (InsideIP+n(=InsideIP2),InsidePort--> GlobalIP,GlobalPort+n(=GlobalPort2)) " ::= { h3cNATMibObjects 3 } h3cNATServerEntry OBJECT-TYPE SYNTAX H3cNATServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT inside server table." INDEX { ifIndex, h3cNATServerProType, h3cNATServerGlobalIP, h3cNATServerStartGlobalPort, h3cNATServerVpnIndex } ::= { h3cNATServerTable 1 } H3cNATServerEntry ::= SEQUENCE { h3cNATServerProType INTEGER, h3cNATServerGlobalIP IpAddress, h3cNATServerStartGlobalPort INTEGER, h3cNATServerEndGlobalPort INTEGER, h3cNATServerStartInsideIP IpAddress, h3cNATServerEndInsideIP IpAddress, h3cNATServerInsidePort INTEGER, h3cNATServerSlotNo Integer32, h3cNATServerVpnIndex Integer32, h3cNATServerAclNumber Integer32, h3cNATServerRowStatus RowStatus } h3cNATServerProType OBJECT-TYPE SYNTAX INTEGER (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of protocol: icmp(1), tcp(6), udp(17) and others." ::= { h3cNATServerEntry 1 } h3cNATServerGlobalIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The global IP address of Inside Server." ::= { h3cNATServerEntry 2 } h3cNATServerStartGlobalPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The start global port of Inside Server. When the port need not be configured, the value is 0." ::= { h3cNATServerEntry 3 } h3cNATServerEndGlobalPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The end global port of Inside Server. When administrator doesn't configure a series of inside server, the value is 0. If the value is not zero, the value of (GlobalPort2-GlobalPort) must be equal to (InsideIP2 - InsideIP)." ::= { h3cNATServerEntry 4 } h3cNATServerStartInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The start private IP address of Inside Server." ::= { h3cNATServerEntry 5 } h3cNATServerEndInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The end private IP address of Inside Server. When administrator doesn't configure a series of inside server, the value is 0.0.0.0." ::= { h3cNATServerEntry 6 } h3cNATServerInsidePort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The private port of Inside Server." ::= { h3cNATServerEntry 7 } h3cNATServerSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { h3cNATServerEntry 8 } h3cNATServerVpnIndex OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VPN index of server." ::= { h3cNATServerEntry 10 } h3cNATServerAclNumber OBJECT-TYPE SYNTAX Integer32 (1..10000) MAX-ACCESS read-create STATUS current DESCRIPTION "Number of basic or advanced acl." ::= { h3cNATServerEntry 11 } h3cNATServerRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATServerProType, h3cNATServerGlobalIP, h3cNATServerGlobalPort and h3cNATServerInsideIP were provided correctly, its value is changed 'active'." ::= { h3cNATServerEntry 12 } -- NAT Time out Table h3cNATTimeOutTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATTimeOutEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT Time out Table. When a connection is established, if there are not any actives in this connection between the time, it will be disconnected." ::= { h3cNATMibObjects 4 } h3cNATTimeOutEntry OBJECT-TYPE SYNTAX H3cNATTimeOutEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT Time out Table." INDEX { h3cNATTimeOutProtocol } ::= { h3cNATTimeOutTable 1 } H3cNATTimeOutEntry ::= SEQUENCE { h3cNATTimeOutProtocol INTEGER, h3cNATTimeOutTimeValue INTEGER } h3cNATTimeOutProtocol OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), pptp(4), dns(5), tcpFin(6), tcpSyn(7), ftpCtrl(8), ftpData(9) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of protocol." ::= { h3cNATTimeOutEntry 1 } h3cNATTimeOutTimeValue OBJECT-TYPE SYNTAX INTEGER (10..86400) MAX-ACCESS read-write STATUS current DESCRIPTION "The time of time out." ::= { h3cNATTimeOutEntry 2 } -- NAT blacklist Enable(start/stop) Table h3cNATBLEnableTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATBLEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT blacklist function Enable Table. In this table, administrator can decide whether to start the function of blacklist in the NAT board. When the function of blacklist can't be set for a NAT board, the number of NAT board is 256." ::= { h3cNATMibObjects 5 } h3cNATBLEnableEntry OBJECT-TYPE SYNTAX H3cNATBLEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT blacklist Enable Table." INDEX { h3cNATBLEnableSlotNo } ::= { h3cNATBLEnableTable 1 } H3cNATBLEnableEntry ::= SEQUENCE { h3cNATBLEnableSlotNo Integer32, h3cNATBLEnable INTEGER } h3cNATBLEnableSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board. When the function of blacklist can't be set for a NAT board, the value is 255." ::= { h3cNATBLEnableEntry 1 } h3cNATBLEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Start or stop of function of balcklist." DEFVAL { disable } ::= { h3cNATBLEnableEntry 2 } -- NAT special IP ConnectLimitPara Table h3cNATBLIPConnectLimitParaTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATBLIPConnectLimitParaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of connection control of special IP address. In this table, administrator can decide to adopt which manner to control the connection which IP address is the special IP address." ::= { h3cNATMibObjects 6 } h3cNATBLIPConnectLimitParaEntry OBJECT-TYPE SYNTAX H3cNATBLIPConnectLimitParaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of the table of connection control of special IP address." INDEX { h3cNATBLIPConnectLimitParaIP } ::= { h3cNATBLIPConnectLimitParaTable 1 } H3cNATBLIPConnectLimitParaEntry ::= SEQUENCE { h3cNATBLIPConnectLimitParaIP IpAddress, h3cNATBLIPConnectHighValue INTEGER, h3cNATBLIPConnectLowValue INTEGER, h3cNATBLIPUseSpecialConnectRate INTEGER, h3cNATBLIPConnectLimitRowStatus RowStatus } h3cNATBLIPConnectLimitParaIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The special IP address. The IP is private IP address." ::= { h3cNATBLIPConnectLimitParaEntry 1 } h3cNATBLIPConnectHighValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximal connection amount. It must be more than the minimal connection amount." DEFVAL { 500 } ::= { h3cNATBLIPConnectLimitParaEntry 2 } h3cNATBLIPConnectLowValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-create STATUS current DESCRIPTION "The minimal connection amount. It must be less than the maximal connection amount." DEFVAL { 200 } ::= { h3cNATBLIPConnectLimitParaEntry 3 } h3cNATBLIPUseSpecialConnectRate OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Whether to use the special connection rate control." DEFVAL { false } ::= { h3cNATBLIPConnectLimitParaEntry 4 } h3cNATBLIPConnectLimitRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATBLIPConnectHighValue, h3cNATBLIPConnectLowValue and h3cNATBLIPUseSpecialConnectRate were provided correctly, its value is changed 'active'." ::= { h3cNATBLIPConnectLimitParaEntry 5 } -- NAT blacklist Manager Table h3cNATBLManagerTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATBLManagerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The management table of blacklist. The table doesn't support 'getnext' operation." ::= { h3cNATMibObjects 7 } h3cNATBLManagerEntry OBJECT-TYPE SYNTAX H3cNATBLManagerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of management table of blacklist." INDEX { h3cNATBLIpAdress, h3cNATBLSlotNo } ::= { h3cNATBLManagerTable 1 } H3cNATBLManagerEntry ::= SEQUENCE { h3cNATBLIpAdress IpAddress, h3cNATBLSlotNo INTEGER, h3cNATBLConSum Integer32, h3cNATBLConSpd INTEGER } h3cNATBLIpAdress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address of entry of blacklist." ::= { h3cNATBLManagerEntry 1 } h3cNATBLSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board." ::= { h3cNATBLManagerEntry 2 } h3cNATBLConSum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The connection amount." ::= { h3cNATBLManagerEntry 3 } h3cNATBLConSpd OBJECT-TYPE SYNTAX INTEGER { red(1), yellow(2), green(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The state of connection rate: red(1) : the connection rate is above the upper limit. yellow(2): the connection rate is between the upper and lower limit. green(3) : the conneciton rate is below the lower limit." ::= { h3cNATBLManagerEntry 4 } -- NAT Statistics Info h3cNATStatTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The statistics information table of NAT module." ::= { h3cNATMibObjects 8 } h3cNATStatEntry OBJECT-TYPE SYNTAX H3cNATStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of statistics information table of NAT module." INDEX { h3cNATStatNATBoardNo } ::= { h3cNATStatTable 1 } H3cNATStatEntry ::= SEQUENCE { h3cNATStatNATBoardNo Integer32, h3cNATStatActiveTblCount Counter32, h3cNATStatActiveTblCountInNP Counter32, h3cNATStatActiveNatTblCount Counter32, h3cNATStatActiveSvrTblCount Counter32, h3cNATStatActivePoolTblCount Counter32, h3cNATStatNumOfUsedPort Counter32, h3cNATStatNumOfGoodPkt Counter32, h3cNATStatNumOfBadPkt Counter32, h3cNATStaticSessionCount Integer32, h3cNATFragmentSessionCount Integer32, h3cNATSequenceSessionCount Integer32, h3cNATLogCount Integer32 } h3cNATStatNATBoardNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { h3cNATStatEntry 1 } h3cNATStatActiveTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active PAT session count In software." ::= { h3cNATStatEntry 2 } h3cNATStatActiveTblCountInNP OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active PAT session count In NP." ::= { h3cNATStatEntry 3 } h3cNATStatActiveNatTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active NO-PAT session count." ::= { h3cNATStatEntry 4 } h3cNATStatActiveSvrTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active SERVER session count." ::= { h3cNATStatEntry 5 } h3cNATStatActivePoolTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active address pool session count." ::= { h3cNATStatEntry 6 } h3cNATStatNumOfUsedPort OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of used port in NP." ::= { h3cNATStatEntry 7 } h3cNATStatNumOfGoodPkt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of good packet in NP." ::= { h3cNATStatEntry 8 } h3cNATStatNumOfBadPkt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bad packet in NP." ::= { h3cNATStatEntry 9 } h3cNATStaticSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active STATIC session count." ::= { h3cNATStatEntry 10 } h3cNATFragmentSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active fragment packet session count." ::= { h3cNATStatEntry 11 } h3cNATSequenceSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active session table count hash by private IP." ::= { h3cNATStatEntry 12 } h3cNATLogCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Buffered Nat LOG table count." ::= { h3cNATStatEntry 13 } -- nat session h3cNATSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The nat session information table. There is the address translation information in the table. The sketch map of connection is pc1(private Net)------------------>NAT Device ------------------>Server(public Net) InsideIP, InsidePort---->translating to GlobalIP, GlobalPort------>PeerIP, PeerPort. " ::= { h3cNATMibObjects 9 } h3cNATSessionEntry OBJECT-TYPE SYNTAX H3cNATSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of session information table." INDEX { h3cNATSessionHashNumber, h3cNATSessionProtocol, h3cNATSessionInsideIP, h3cNATSessionInsidePort, h3cNATSessionPeerIP, h3cNATSessionPeerPort, h3cNATSessionVpnIndex } ::= { h3cNATSessionTable 1 } H3cNATSessionEntry ::= SEQUENCE { h3cNATSessionHashNumber Integer32, h3cNATSessionProtocol INTEGER, h3cNATSessionGlobalIP IpAddress, h3cNATSessionGlobalPort Integer32, h3cNATSessionInsideIP IpAddress, h3cNATSessionInsidePort Integer32, h3cNATSessionPeerIP IpAddress, h3cNATSessionPeerPort Integer32, h3cNATSessionVpnIndex Integer32, h3cNATSessionTTL Integer32, h3cNATSessionStatus Integer32, h3cNATSessionLeftTime TimeTicks } h3cNATSessionHashNumber OBJECT-TYPE SYNTAX Integer32 (1..300000) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The row number of the hash table." ::= { h3cNATSessionEntry 1 } h3cNATSessionProtocol OBJECT-TYPE SYNTAX INTEGER (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The protocol type of session." ::= { h3cNATSessionEntry 2 } h3cNATSessionGlobalIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The global IP of session. " ::= { h3cNATSessionEntry 3 } h3cNATSessionGlobalPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The global port of session." ::= { h3cNATSessionEntry 4 } h3cNATSessionInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Inside IP of session." ::= { h3cNATSessionEntry 5 } h3cNATSessionInsidePort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Inside port of session." ::= { h3cNATSessionEntry 6 } h3cNATSessionPeerIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The peer IP of session." ::= { h3cNATSessionEntry 7 } h3cNATSessionPeerPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The peer port of session." ::= { h3cNATSessionEntry 8 } h3cNATSessionVpnIndex OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VPN index of session." ::= { h3cNATSessionEntry 9 } h3cNATSessionTTL OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The TTL of session." ::= { h3cNATSessionEntry 10 } h3cNATSessionStatus OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The status of session." ::= { h3cNATSessionEntry 11 } h3cNATSessionLeftTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The Left time of session." ::= { h3cNATSessionEntry 12 } h3cNATStaticConfTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATStaticConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Static Nat configuration table." ::= { h3cNATMibObjects 10 } h3cNATStaticConfEntry OBJECT-TYPE SYNTAX H3cNATStaticConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure static Nat." INDEX { h3cNATStaticInsideIp } ::= { h3cNATStaticConfTable 1 } H3cNATStaticConfEntry ::= SEQUENCE { h3cNATStaticInsideIp IpAddress, h3cNATStaticGlobalIp IpAddress, h3cNATStaticRowStatus RowStatus } h3cNATStaticInsideIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Inside ip address." ::= { h3cNATStaticConfEntry 1 } h3cNATStaticGlobalIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Global Ip address." ::= { h3cNATStaticConfEntry 2 } h3cNATStaticRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATStaticInsideIp and h3cNATStaticGlobalIp were provided correctly, its value is changed 'active'." ::= { h3cNATStaticConfEntry 3 } h3cNATStaticEnableTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATStaticEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Active the static Nat on interface." ::= { h3cNATMibObjects 11 } h3cNATStaticEnableEntry OBJECT-TYPE SYNTAX H3cNATStaticEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Active the static Nat on interface." INDEX { ifIndex } ::= { h3cNATStaticEnableTable 1 } H3cNATStaticEnableEntry ::= SEQUENCE { h3cNATStaticEnable INTEGER } h3cNATStaticEnable OBJECT-TYPE SYNTAX INTEGER { disable(0), enable(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/disable the static Nat on the interface(h3cNatStaticEnableIfIndex). disable (0) enable (1) " ::= { h3cNATStaticEnableEntry 2 } h3cNATDnsMapTable OBJECT-TYPE SYNTAX SEQUENCE OF H3cNATDnsMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is used to set mapping of DNS." ::= { h3cNATMibObjects 12 } h3cNATDnsMapEntry OBJECT-TYPE SYNTAX H3cNATDnsMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of h3cNATDnsMapTable." INDEX { h3cNATDnsMapDomainName } ::= { h3cNATDnsMapTable 1 } H3cNATDnsMapEntry ::= SEQUENCE { h3cNATDnsMapDomainName DisplayString, h3cNATDnsMapGlobalIp IpAddress, h3cNATDnsMapGlobalPort Integer32, h3cNATDnsMapProtocolType INTEGER, h3cNATDnsMapLastUseTime TimeTicks, h3cNATDnsMapRowStatus RowStatus } h3cNATDnsMapDomainName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS not-accessible STATUS current DESCRIPTION "Domain name." ::= { h3cNATDnsMapEntry 1 } h3cNATDnsMapGlobalIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Global IP address." ::= { h3cNATDnsMapEntry 2 } h3cNATDnsMapGlobalPort OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION " Global port number." ::= { h3cNATDnsMapEntry 3 } h3cNATDnsMapProtocolType OBJECT-TYPE SYNTAX INTEGER { any(0), typeTCP(1), typeUDP(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "TCP Transmission Control Protocol. UDP User Datagram Protocol." ::= { h3cNATDnsMapEntry 4 } h3cNATDnsMapLastUseTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-create STATUS current DESCRIPTION "Its value is the time that the device uses from startup to last use 'Dns Map'record. If the value is 0,the device never use this record." ::= { h3cNATDnsMapEntry 5 } h3cNATDnsMapRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If h3cNATDnsMapDomainName, h3cNATDnsMapGlobalIp and h3cNATDnsMapGlobalPortor h3cNATDnsMapDomainName, h3cNATDnsMapGlobalIp, h3cNATDnsMapGlobalPort and h3cNATDnsMapProtocolType were provided correctly, its value is changed 'active'." ::= { h3cNATDnsMapEntry 6 } END