-- ============================================================================ -- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P. -- Description: This MIB file is used for configuration of NAT. -- include :1.NAT pool -- 2.NAT out bound -- 3.NAT inside server -- 4.NAT agetime -- 5.NAT blacklist -- 6.NAT statistics information -- 7.NAT DNS -- Reference: -- Version: V1.2 -- History: -- V1.0 2004/09/17 created by xiaoshuchao -- V1.1 2005/06/01 Modified by liguanmin -- Modify the value range of the node hpnicfNATOutboundPoolIdx -- V1.2 2007/05/22 Modified by tangjiafeng -- Modify the value range of the node hpnicfNATSessionPeerPort -- ============================================================================ HPN-ICF-NAT-MIB DEFINITIONS ::= BEGIN IMPORTS hpnicfCommon FROM HPN-ICF-OID-MIB ifIndex FROM RFC1213-MIB TimeTicks, IpAddress, Integer32, Counter32, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI RowStatus, DisplayString FROM SNMPv2-TC; hpnicfNat MODULE-IDENTITY LAST-UPDATED "200409170100Z" -- September 17, 2004 at 01:00 GMT ORGANIZATION "" CONTACT-INFO "" DESCRIPTION "This MIB contains objects to manage configuration of NAT. There are no constraints on this MIB." REVISION "200501201518Z" -- January 20, 2005 at 15:18 GMT DESCRIPTION "The initial revision of this MIB module." ::= { hpnicfCommon 18 } -- -- Node definitions -- -- Global Variants hpnicfNATGlobalVars OBJECT IDENTIFIER ::= { hpnicfNat 1 } -- **************Global Variants*************** -- NAT Clear Session hpnicfNATClearSession OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 1 } hpnicfNATClearSessionSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14 | 255) MAX-ACCESS read-write STATUS current DESCRIPTION "The number of NAT board in which administrator wants to clear data of the session. In router, the value is 255 because no NAT board in it. This node only supports 'set' operation. The return value of 'get' operation is meaningless." ::= { hpnicfNATClearSession 1 } -- NAT blacklist UserConnectLimitPara hpnicfNATBLConnectLimitPara OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 2 } hpnicfNATBLConnectHighValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal connection amount. If the connection amount exceeds the value, the IP address will be added into blacklist. The IP address will not be removed from blacklist until the connection amount is less than the minimal connection amount." DEFVAL { 500 } ::= { hpnicfNATBLConnectLimitPara 1 } hpnicfNATBLConnectLowValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal connection amount." DEFVAL { 200 } ::= { hpnicfNATBLConnectLimitPara 2 } hpnicfNATBLConnectHighRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal connection rate(in second). If the connection rate exceed the value, the IP address will be added into blacklist. The IP address will not be removed from blacklist until the connection rate is less than the minimal connection rate." DEFVAL { 250 } ::= { hpnicfNATBLConnectLimitPara 3 } hpnicfNATBLConnectLowRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal connection rate(in second)." DEFVAL { 100 } ::= { hpnicfNATBLConnectLimitPara 4 } hpnicfNATBLSpecialConnectHighRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximal special connection rate(in second). When administrator wants to control the speed of connection, he can selects the connection speed rate or special connection rate." DEFVAL { 250 } ::= { hpnicfNATBLConnectLimitPara 5 } hpnicfNATBLSpecialConnectLowRate OBJECT-TYPE SYNTAX INTEGER (20..21474836) MAX-ACCESS read-write STATUS current DESCRIPTION "The minimal special connection rate(in second)." DEFVAL { 100 } ::= { hpnicfNATBLConnectLimitPara 6 } -- NAT blacklist property control Enable hpnicfNATBLCtrlEnable OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 3 } hpnicfNATBLConnectSumEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable or disable the connection amount control." DEFVAL { disable } ::= { hpnicfNATBLCtrlEnable 1 } hpnicfNATBLConnectRateEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable or disable the connection rate control." DEFVAL { disable } ::= { hpnicfNATBLCtrlEnable 2 } -- NAT NP aging-time hpnicfNATNPTimer OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 4 } hpnicfNATNPAgingTime OBJECT-TYPE SYNTAX INTEGER { fast(1), slow(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "There are two kinds of aging time in NP. One is fast and the other is slow. Administrator can select one or other. The defalult is fast." DEFVAL { fast } ::= { hpnicfNATNPTimer 1 } hpnicfNATMibObjects OBJECT IDENTIFIER ::= { hpnicfNat 2 } -- **************MibObjects*************** -- NAT address pool table hpnicfNATPoolInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATPoolInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT address pool table : The address in the pool is the IP address in the global network. The pool can span 255 IP addresses.All address pools configured by administrator are recorded in this table." ::= { hpnicfNATMibObjects 1 } hpnicfNATPoolInfoEntry OBJECT-TYPE SYNTAX HpnicfNATPoolInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT address pool table." INDEX { hpnicfNATPoolIdx } ::= { hpnicfNATPoolInfoTable 1 } HpnicfNATPoolInfoEntry ::= SEQUENCE { hpnicfNATPoolIdx Integer32, hpnicfNATPoolStartIpAddr IpAddress, hpnicfNATPoolEndIpAddr IpAddress, hpnicfNATPoolSlotNo INTEGER, hpnicfNATPoolRefCounter Integer32, hpnicfNATPoolRowStatus RowStatus } hpnicfNATPoolIdx OBJECT-TYPE SYNTAX Integer32 (1..320) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index of the address pool: The index uniquely indicates the address pool in the system, and its range is from 1 to 320. " ::= { hpnicfNATPoolInfoEntry 1 } hpnicfNATPoolStartIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The start IP address of address pool: It must be less than or equal to the end IP address." ::= { hpnicfNATPoolInfoEntry 2 } hpnicfNATPoolEndIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The end IP address of address pool: It must be more than or equal to the start IP address." ::= { hpnicfNATPoolInfoEntry 3 } hpnicfNATPoolSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board to which the address pool is bound. The address translation is processed by this NAT board . The relation between address pool and slotNo is n:1. When the address pool is not bound to the NAT board,the value is 255. " ::= { hpnicfNATPoolInfoEntry 4 } hpnicfNATPoolRefCounter OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The counter of reference. A address pool can be associated with more than one ACL and the counter of reference is recorded in this field. When the address pool is not associated with ACL, the value is 0." ::= { hpnicfNATPoolInfoEntry 5 } hpnicfNATPoolRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATPoolIdx, hpnicfNATPoolStartIpAddr and hpnicfNATPoolEndIpAddr were provided correctly, its value is changed 'active'." ::= { hpnicfNATPoolInfoEntry 6 } -- NAT Out bound Table hpnicfNATOutboundTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATOutboundEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT out bound table: through associating ACL number, address pool with NAT board, administrator can designate which inside IP address can be translated to global IP address in the pool and the translation is processed by which NAT board." ::= { hpnicfNATMibObjects 2 } hpnicfNATOutboundEntry OBJECT-TYPE SYNTAX HpnicfNATOutboundEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT out bound table." INDEX { ifIndex, hpnicfNATOutboundAclNo } ::= { hpnicfNATOutboundTable 1 } HpnicfNATOutboundEntry ::= SEQUENCE { hpnicfNATOutboundAclNo INTEGER, hpnicfNATOutboundPoolIdx INTEGER, hpnicfNATOutboundIsNoPat INTEGER, hpnicfNATOutboundSlotNo Integer32, hpnicfNATOutboundRowStatus RowStatus } hpnicfNATOutboundAclNo OBJECT-TYPE SYNTAX INTEGER (2000..3999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of ACL(Access Control List). When the packet accords with the rule in the ACL, its source IP address will be translated to IP address in Address pool." ::= { hpnicfNATOutboundEntry 1 } hpnicfNATOutboundPoolIdx OBJECT-TYPE SYNTAX INTEGER (0..320 | 2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The index of address pool in hpnicfNATPoolInfoTable. when administrator doesn't use the address pool and use the IP address of the interface as the address of global network, the value is 2147483647." ::= { hpnicfNATOutboundEntry 2 } hpnicfNATOutboundIsNoPat OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Whether to use no pat manner. The translation of no pat is that the translation doesn't use the port information of packet." DEFVAL { false } ::= { hpnicfNATOutboundEntry 3 } hpnicfNATOutboundSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { hpnicfNATOutboundEntry 4 } hpnicfNATOutboundRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATOutboundAclNo or hpnicfNATOutboundAclNo and hpnicfNATOutboundPoolIdx were provided correctly, its value is changed 'active'." ::= { hpnicfNATOutboundEntry 5 } -- NAT inside Server Table hpnicfNATServerTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT inside Server Table. Administrator can configure server in the private network which can provide service for people in the public network. The translation map is : (InsideIP , InsidePort--> GlobalIP, GlobalPort ) (InsideIP + 1 , InsidePort--> GlobalIP, GlobalPort + 1) (InsideIP + 2 , InsidePort--> GlobalIP, GlobalPort + 2) ... ... ... (InsideIP+n(=InsideIP2),InsidePort--> GlobalIP,GlobalPort+n(=GlobalPort2)) " ::= { hpnicfNATMibObjects 3 } hpnicfNATServerEntry OBJECT-TYPE SYNTAX HpnicfNATServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT inside server table." INDEX { ifIndex, hpnicfNATServerProType, hpnicfNATServerGlobalIP, hpnicfNATServerStartGlobalPort, hpnicfNATServerVpnIndex } ::= { hpnicfNATServerTable 1 } HpnicfNATServerEntry ::= SEQUENCE { hpnicfNATServerProType INTEGER, hpnicfNATServerGlobalIP IpAddress, hpnicfNATServerStartGlobalPort INTEGER, hpnicfNATServerEndGlobalPort INTEGER, hpnicfNATServerStartInsideIP IpAddress, hpnicfNATServerEndInsideIP IpAddress, hpnicfNATServerInsidePort INTEGER, hpnicfNATServerSlotNo Integer32, hpnicfNATServerVpnIndex Integer32, hpnicfNATServerAclNumber Integer32, hpnicfNATServerRowStatus RowStatus } hpnicfNATServerProType OBJECT-TYPE SYNTAX INTEGER (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of protocol: icmp(1), tcp(6), udp(17) and others." ::= { hpnicfNATServerEntry 1 } hpnicfNATServerGlobalIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The global IP address of Inside Server." ::= { hpnicfNATServerEntry 2 } hpnicfNATServerStartGlobalPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The start global port of Inside Server. When the port need not be configured, the value is 0." ::= { hpnicfNATServerEntry 3 } hpnicfNATServerEndGlobalPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The end global port of Inside Server. When administrator doesn't configure a series of inside server, the value is 0. If the value is not zero, the value of (GlobalPort2-GlobalPort) must be equal to (InsideIP2 - InsideIP)." ::= { hpnicfNATServerEntry 4 } hpnicfNATServerStartInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The start private IP address of Inside Server." ::= { hpnicfNATServerEntry 5 } hpnicfNATServerEndInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The end private IP address of Inside Server. When administrator doesn't configure a series of inside server, the value is 0.0.0.0." ::= { hpnicfNATServerEntry 6 } hpnicfNATServerInsidePort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The private port of Inside Server." ::= { hpnicfNATServerEntry 7 } hpnicfNATServerSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { hpnicfNATServerEntry 8 } hpnicfNATServerVpnIndex OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VPN index of server." ::= { hpnicfNATServerEntry 10 } hpnicfNATServerAclNumber OBJECT-TYPE SYNTAX Integer32 (1..10000) MAX-ACCESS read-create STATUS current DESCRIPTION "Number of basic or advanced acl." ::= { hpnicfNATServerEntry 11 } hpnicfNATServerRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATServerProType, hpnicfNATServerGlobalIP, hpnicfNATServerGlobalPort and hpnicfNATServerInsideIP were provided correctly, its value is changed 'active'." ::= { hpnicfNATServerEntry 12 } -- NAT Time out Table hpnicfNATTimeOutTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATTimeOutEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT Time out Table. When a connection is established, if there are not any actives in this connection between the time, it will be disconnected." ::= { hpnicfNATMibObjects 4 } hpnicfNATTimeOutEntry OBJECT-TYPE SYNTAX HpnicfNATTimeOutEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT Time out Table." INDEX { hpnicfNATTimeOutProtocol } ::= { hpnicfNATTimeOutTable 1 } HpnicfNATTimeOutEntry ::= SEQUENCE { hpnicfNATTimeOutProtocol INTEGER, hpnicfNATTimeOutTimeValue INTEGER } hpnicfNATTimeOutProtocol OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), pptp(4), dns(5), tcpFin(6), tcpSyn(7), ftpCtrl(8), ftpData(9) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of protocol." ::= { hpnicfNATTimeOutEntry 1 } hpnicfNATTimeOutTimeValue OBJECT-TYPE SYNTAX INTEGER (10..86400) MAX-ACCESS read-write STATUS current DESCRIPTION "The time of time out." ::= { hpnicfNATTimeOutEntry 2 } -- NAT blacklist Enable(start/stop) Table hpnicfNATBLEnableTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATBLEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "NAT blacklist function Enable Table. In this table, administrator can decide whether to start the function of blacklist in the NAT board. When the function of blacklist can't be set for a NAT board, the number of NAT board is 256." ::= { hpnicfNATMibObjects 5 } hpnicfNATBLEnableEntry OBJECT-TYPE SYNTAX HpnicfNATBLEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of NAT blacklist Enable Table." INDEX { hpnicfNATBLEnableSlotNo } ::= { hpnicfNATBLEnableTable 1 } HpnicfNATBLEnableEntry ::= SEQUENCE { hpnicfNATBLEnableSlotNo Integer32, hpnicfNATBLEnable INTEGER } hpnicfNATBLEnableSlotNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board. When the function of blacklist can't be set for a NAT board, the value is 255." ::= { hpnicfNATBLEnableEntry 1 } hpnicfNATBLEnable OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Start or stop of function of balcklist." DEFVAL { disable } ::= { hpnicfNATBLEnableEntry 2 } -- NAT special IP ConnectLimitPara Table hpnicfNATBLIPConnectLimitParaTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATBLIPConnectLimitParaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of connection control of special IP address. In this table, administrator can decide to adopt which manner to control the connection which IP address is the special IP address." ::= { hpnicfNATMibObjects 6 } hpnicfNATBLIPConnectLimitParaEntry OBJECT-TYPE SYNTAX HpnicfNATBLIPConnectLimitParaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of the table of connection control of special IP address." INDEX { hpnicfNATBLIPConnectLimitParaIP } ::= { hpnicfNATBLIPConnectLimitParaTable 1 } HpnicfNATBLIPConnectLimitParaEntry ::= SEQUENCE { hpnicfNATBLIPConnectLimitParaIP IpAddress, hpnicfNATBLIPConnectHighValue INTEGER, hpnicfNATBLIPConnectLowValue INTEGER, hpnicfNATBLIPUseSpecialConnectRate INTEGER, hpnicfNATBLIPConnectLimitRowStatus RowStatus } hpnicfNATBLIPConnectLimitParaIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The special IP address. The IP is private IP address." ::= { hpnicfNATBLIPConnectLimitParaEntry 1 } hpnicfNATBLIPConnectHighValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximal connection amount. It must be more than the minimal connection amount." DEFVAL { 500 } ::= { hpnicfNATBLIPConnectLimitParaEntry 2 } hpnicfNATBLIPConnectLowValue OBJECT-TYPE SYNTAX INTEGER (20..20000) MAX-ACCESS read-create STATUS current DESCRIPTION "The minimal connection amount. It must be less than the maximal connection amount." DEFVAL { 200 } ::= { hpnicfNATBLIPConnectLimitParaEntry 3 } hpnicfNATBLIPUseSpecialConnectRate OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Whether to use the special connection rate control." DEFVAL { false } ::= { hpnicfNATBLIPConnectLimitParaEntry 4 } hpnicfNATBLIPConnectLimitRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATBLIPConnectHighValue, hpnicfNATBLIPConnectLowValue and hpnicfNATBLIPUseSpecialConnectRate were provided correctly, its value is changed 'active'." ::= { hpnicfNATBLIPConnectLimitParaEntry 5 } -- NAT blacklist Manager Table hpnicfNATBLManagerTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATBLManagerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The management table of blacklist. The table doesn't support 'getnext' operation." ::= { hpnicfNATMibObjects 7 } hpnicfNATBLManagerEntry OBJECT-TYPE SYNTAX HpnicfNATBLManagerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of management table of blacklist." INDEX { hpnicfNATBLIpAdress, hpnicfNATBLSlotNo } ::= { hpnicfNATBLManagerTable 1 } HpnicfNATBLManagerEntry ::= SEQUENCE { hpnicfNATBLIpAdress IpAddress, hpnicfNATBLSlotNo INTEGER, hpnicfNATBLConSum Integer32, hpnicfNATBLConSpd INTEGER } hpnicfNATBLIpAdress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address of entry of blacklist." ::= { hpnicfNATBLManagerEntry 1 } hpnicfNATBLSlotNo OBJECT-TYPE SYNTAX INTEGER (1..14) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board." ::= { hpnicfNATBLManagerEntry 2 } hpnicfNATBLConSum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The connection amount." ::= { hpnicfNATBLManagerEntry 3 } hpnicfNATBLConSpd OBJECT-TYPE SYNTAX INTEGER { red(1), yellow(2), green(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The state of connection rate: red(1) : the connection rate is above the upper limit. yellow(2): the connection rate is between the upper and lower limit. green(3) : the conneciton rate is below the lower limit." ::= { hpnicfNATBLManagerEntry 4 } -- NAT Statistics Info hpnicfNATStatTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The statistics information table of NAT module." ::= { hpnicfNATMibObjects 8 } hpnicfNATStatEntry OBJECT-TYPE SYNTAX HpnicfNATStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of statistics information table of NAT module." INDEX { hpnicfNATStatNATBoardNo } ::= { hpnicfNATStatTable 1 } HpnicfNATStatEntry ::= SEQUENCE { hpnicfNATStatNATBoardNo Integer32, hpnicfNATStatActiveTblCount Counter32, hpnicfNATStatActiveTblCountInNP Counter32, hpnicfNATStatActiveNatTblCount Counter32, hpnicfNATStatActiveSvrTblCount Counter32, hpnicfNATStatActivePoolTblCount Counter32, hpnicfNATStatNumOfUsedPort Counter32, hpnicfNATStatNumOfGoodPkt Counter32, hpnicfNATStatNumOfBadPkt Counter32, hpnicfNATStaticSessionCount Integer32, hpnicfNATFragmentSessionCount Integer32, hpnicfNATSequenceSessionCount Integer32, hpnicfNATLogCount Integer32 } hpnicfNATStatNATBoardNo OBJECT-TYPE SYNTAX Integer32 (1..14 | 255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of NAT board. In router, the value is 255 because no NAT board in it." ::= { hpnicfNATStatEntry 1 } hpnicfNATStatActiveTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active PAT session count In software." ::= { hpnicfNATStatEntry 2 } hpnicfNATStatActiveTblCountInNP OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active PAT session count In NP." ::= { hpnicfNATStatEntry 3 } hpnicfNATStatActiveNatTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active NO-PAT session count." ::= { hpnicfNATStatEntry 4 } hpnicfNATStatActiveSvrTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active SERVER session count." ::= { hpnicfNATStatEntry 5 } hpnicfNATStatActivePoolTblCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active address pool session count." ::= { hpnicfNATStatEntry 6 } hpnicfNATStatNumOfUsedPort OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of used port in NP." ::= { hpnicfNATStatEntry 7 } hpnicfNATStatNumOfGoodPkt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of good packet in NP." ::= { hpnicfNATStatEntry 8 } hpnicfNATStatNumOfBadPkt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bad packet in NP." ::= { hpnicfNATStatEntry 9 } hpnicfNATStaticSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active STATIC session count." ::= { hpnicfNATStatEntry 10 } hpnicfNATFragmentSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active fragment packet session count." ::= { hpnicfNATStatEntry 11 } hpnicfNATSequenceSessionCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Active session table count hash by private IP." ::= { hpnicfNATStatEntry 12 } hpnicfNATLogCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Buffered Nat LOG table count." ::= { hpnicfNATStatEntry 13 } -- nat session hpnicfNATSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The nat session information table. There is the address translation information in the table. The sketch map of connection is pc1(private Net)------------------>NAT Device ------------------>Server(public Net) InsideIP, InsidePort---->translating to GlobalIP, GlobalPort------>PeerIP, PeerPort. " ::= { hpnicfNATMibObjects 9 } hpnicfNATSessionEntry OBJECT-TYPE SYNTAX HpnicfNATSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of session information table." INDEX { hpnicfNATSessionHashNumber, hpnicfNATSessionProtocol, hpnicfNATSessionInsideIP, hpnicfNATSessionInsidePort, hpnicfNATSessionPeerIP, hpnicfNATSessionPeerPort, hpnicfNATSessionVpnIndex } ::= { hpnicfNATSessionTable 1 } HpnicfNATSessionEntry ::= SEQUENCE { hpnicfNATSessionHashNumber Integer32, hpnicfNATSessionProtocol INTEGER, hpnicfNATSessionGlobalIP IpAddress, hpnicfNATSessionGlobalPort Integer32, hpnicfNATSessionInsideIP IpAddress, hpnicfNATSessionInsidePort Integer32, hpnicfNATSessionPeerIP IpAddress, hpnicfNATSessionPeerPort Integer32, hpnicfNATSessionVpnIndex Integer32, hpnicfNATSessionTTL Integer32, hpnicfNATSessionStatus Integer32, hpnicfNATSessionLeftTime TimeTicks } hpnicfNATSessionHashNumber OBJECT-TYPE SYNTAX Integer32 (1..300000) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The row number of the hash table." ::= { hpnicfNATSessionEntry 1 } hpnicfNATSessionProtocol OBJECT-TYPE SYNTAX INTEGER (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The protocol type of session." ::= { hpnicfNATSessionEntry 2 } hpnicfNATSessionGlobalIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The global IP of session. " ::= { hpnicfNATSessionEntry 3 } hpnicfNATSessionGlobalPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The global port of session." ::= { hpnicfNATSessionEntry 4 } hpnicfNATSessionInsideIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Inside IP of session." ::= { hpnicfNATSessionEntry 5 } hpnicfNATSessionInsidePort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Inside port of session." ::= { hpnicfNATSessionEntry 6 } hpnicfNATSessionPeerIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The peer IP of session." ::= { hpnicfNATSessionEntry 7 } hpnicfNATSessionPeerPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The peer port of session." ::= { hpnicfNATSessionEntry 8 } hpnicfNATSessionVpnIndex OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VPN index of session." ::= { hpnicfNATSessionEntry 9 } hpnicfNATSessionTTL OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The TTL of session." ::= { hpnicfNATSessionEntry 10 } hpnicfNATSessionStatus OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The status of session." ::= { hpnicfNATSessionEntry 11 } hpnicfNATSessionLeftTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The Left time of session." ::= { hpnicfNATSessionEntry 12 } hpnicfNATStaticConfTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATStaticConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Static Nat configuration table." ::= { hpnicfNATMibObjects 10 } hpnicfNATStaticConfEntry OBJECT-TYPE SYNTAX HpnicfNATStaticConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure static Nat." INDEX { hpnicfNATStaticInsideIp } ::= { hpnicfNATStaticConfTable 1 } HpnicfNATStaticConfEntry ::= SEQUENCE { hpnicfNATStaticInsideIp IpAddress, hpnicfNATStaticGlobalIp IpAddress, hpnicfNATStaticRowStatus RowStatus } hpnicfNATStaticInsideIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Inside ip address." ::= { hpnicfNATStaticConfEntry 1 } hpnicfNATStaticGlobalIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Global Ip address." ::= { hpnicfNATStaticConfEntry 2 } hpnicfNATStaticRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATStaticInsideIp and hpnicfNATStaticGlobalIp were provided correctly, its value is changed 'active'." ::= { hpnicfNATStaticConfEntry 3 } hpnicfNATStaticEnableTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATStaticEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Active the static Nat on interface." ::= { hpnicfNATMibObjects 11 } hpnicfNATStaticEnableEntry OBJECT-TYPE SYNTAX HpnicfNATStaticEnableEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Active the static Nat on interface." INDEX { ifIndex } ::= { hpnicfNATStaticEnableTable 1 } HpnicfNATStaticEnableEntry ::= SEQUENCE { hpnicfNATStaticEnable INTEGER } hpnicfNATStaticEnable OBJECT-TYPE SYNTAX INTEGER { disable(0), enable(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/disable the static Nat on the interface(hpnicfNatStaticEnableIfIndex). disable (0) enable (1) " ::= { hpnicfNATStaticEnableEntry 2 } hpnicfNATDnsMapTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfNATDnsMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is used to set mapping of DNS." ::= { hpnicfNATMibObjects 12 } hpnicfNATDnsMapEntry OBJECT-TYPE SYNTAX HpnicfNATDnsMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of hpnicfNATDnsMapTable." INDEX { hpnicfNATDnsMapDomainName } ::= { hpnicfNATDnsMapTable 1 } HpnicfNATDnsMapEntry ::= SEQUENCE { hpnicfNATDnsMapDomainName DisplayString, hpnicfNATDnsMapGlobalIp IpAddress, hpnicfNATDnsMapGlobalPort Integer32, hpnicfNATDnsMapProtocolType INTEGER, hpnicfNATDnsMapLastUseTime TimeTicks, hpnicfNATDnsMapRowStatus RowStatus } hpnicfNATDnsMapDomainName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS not-accessible STATUS current DESCRIPTION "Domain name." ::= { hpnicfNATDnsMapEntry 1 } hpnicfNATDnsMapGlobalIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Global IP address." ::= { hpnicfNATDnsMapEntry 2 } hpnicfNATDnsMapGlobalPort OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION " Global port number." ::= { hpnicfNATDnsMapEntry 3 } hpnicfNATDnsMapProtocolType OBJECT-TYPE SYNTAX INTEGER { any(0), typeTCP(1), typeUDP(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "TCP Transmission Control Protocol. UDP User Datagram Protocol." ::= { hpnicfNATDnsMapEntry 4 } hpnicfNATDnsMapLastUseTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-create STATUS current DESCRIPTION "Its value is the time that the device uses from startup to last use 'Dns Map'record. If the value is 0,the device never use this record." ::= { hpnicfNATDnsMapEntry 5 } hpnicfNATDnsMapRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Only support 'destroy' and 'createAndGo'. If hpnicfNATDnsMapDomainName, hpnicfNATDnsMapGlobalIp and hpnicfNATDnsMapGlobalPortor hpnicfNATDnsMapDomainName, hpnicfNATDnsMapGlobalIp, hpnicfNATDnsMapGlobalPort and hpnicfNATDnsMapProtocolType were provided correctly, its value is changed 'active'." ::= { hpnicfNATDnsMapEntry 6 } END