DEVFILTER-MIB
File:
DEVFILTER-MIB.mib (23231 bytes)
Imported modules
Imported symbols
Defined Types
AniDevFilterEntry |
|
SEQUENCE |
|
|
|
|
aniDevFilterIfIndex |
INTEGER |
|
|
aniDevFilterIdentifier |
Integer32 |
|
|
aniDevFilterName |
DisplayString |
|
|
aniDevFilterPriority |
Integer32 |
|
|
aniDevFilterActivationState |
INTEGER |
|
|
aniDevFilterPermission |
INTEGER |
|
|
aniDevFilterIpProtocol |
Integer32 |
|
|
aniDevFilterIpSaddr |
IpAddress |
|
|
aniDevFilterIpSmask |
IpAddress |
|
|
aniDevFilterIpDaddr |
IpAddress |
|
|
aniDevFilterIpDmask |
IpAddress |
|
|
aniDevFilterIpSourceStart |
INTEGER |
|
|
aniDevFilterIpSourceEnd |
INTEGER |
|
|
aniDevFilterIpDestStart |
INTEGER |
|
|
aniDevFilterIpDestEnd |
INTEGER |
|
|
aniDevFilterIpOptions |
Integer32 |
|
|
aniDevFilterIpSecOptions |
INTEGER |
|
|
aniDevFilterIcmpMsgType |
INTEGER |
|
|
aniDevFilterIcmpSubcode |
INTEGER |
|
|
aniDevFilterTcpFlags |
Integer32 |
|
|
aniDevFilterDestMacMask |
OCTET STRING |
|
|
aniDevFilterSourceMac |
MacAddress |
|
|
aniDevFilterEnetType |
DisplayString |
|
|
aniDevFilterLlcDSAP |
DisplayString |
|
|
aniDevFilterLlcSSAP |
DisplayString |
|
|
aniDevFilterLlcControl |
DisplayString |
|
|
aniDevFilterLocalCode |
DisplayString |
|
|
aniDevFilterRowStatus |
RowStatus |
|
|
aniDevFilterUserPriorityHi |
INTEGER |
|
|
aniDevFilterUserPriorityLo |
INTEGER |
|
|
aniDevFilterVlanIdStart |
INTEGER |
|
|
aniDevFilterVlanIdEnd |
INTEGER |
|
AniDevFilterIfEntry |
|
SEQUENCE |
|
|
|
|
aniDevFilterIfIdentifier |
INTEGER |
|
|
aniDevFilterIfFlag |
INTEGER |
|
Defined Values
aniDevFilter |
1.3.6.1.4.1.4325.2.8 |
This group provides Filter related information for BSU or SU.
|
MODULE-IDENTITY |
|
|
|
aniDevFilterTable |
1.3.6.1.4.1.4325.2.8.1 |
This table allows the user to view the configured IP
Filters.
|
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
AniDevFilterEntry |
|
aniDevFilterEntry |
1.3.6.1.4.1.4325.2.8.1.1 |
An entry containing objects for each IP Filter
configured.
|
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
AniDevFilterEntry |
|
|
aniDevFilterIfIndex |
1.3.6.1.4.1.4325.2.8.1.1.1 |
The Interface Type.
On SU, only ethernet(1) and wireless-port1(2) are valid.
On BSU, ethernet(1) and all configured wireless interfaces
-- wireless-port1(2), wireless-port2(3), wireless-port3(4),
wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid,
that is, filtering should be allowed on these wireless
interfaces only if they are configured.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
ethernet(1), wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7) |
|
aniDevFilterIdentifier |
1.3.6.1.4.1.4325.2.8.1.1.2 |
A unique number which identifies the filtering rule.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
0..255 |
|
aniDevFilterName |
1.3.6.1.4.1.4325.2.8.1.1.3 |
A name which identifies the filtering rule.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..31) |
|
aniDevFilterPriority |
1.3.6.1.4.1.4325.2.8.1.1.4 |
The priority for the filtering rule. It should be unique.
A higher number means higher priority.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
0..255 |
|
aniDevFilterActivationState |
1.3.6.1.4.1.4325.2.8.1.1.5 |
The state of the filtering rule.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
inactive(1), active(2) |
|
aniDevFilterPermission |
1.3.6.1.4.1.4325.2.8.1.1.6 |
The permissions for the filtering rule.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
block(1), pass(2) |
|
aniDevFilterIpProtocol |
1.3.6.1.4.1.4325.2.8.1.1.7 |
The IP protocol value.
List of well known IP Protocols:
Protocol Value
-------- -----
ICMP 1
IGMP 2
TCP 6
EGP 8
UDP 17
IPIP 94
RSVP 46
GRE 47
TCP or UDP 257
Apart from the above protocols, the user can also specify
other values.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
0..257 |
|
aniDevFilterIpSaddr |
1.3.6.1.4.1.4325.2.8.1.1.8 |
The source IP address for this Filter.
IP Source Address and Subnet Mask go in a pair.
So if aniDevFilterIpSaddr is configured, then
aniDevFilterIpSmask should be configured as well and
vice versa.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
aniDevFilterIpSmask |
1.3.6.1.4.1.4325.2.8.1.1.9 |
The Subnet mask for the source IP Address.
IP Source Address and Subnet Mask go in a pair.
So if aniDevFilterIpSaddr is configured, then
aniDevFilterIpSmask should be configured as well and
vice versa.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
aniDevFilterIpDaddr |
1.3.6.1.4.1.4325.2.8.1.1.10 |
The destination IP address for this Filter.
IP Destination Address and Subnet Mask go in a pair.
So if aniDevFilterIpDaddr is configured, then
aniDevFilterIpDmask should be configured as well and
vice versa.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
aniDevFilterIpDmask |
1.3.6.1.4.1.4325.2.8.1.1.11 |
The Subnet mask for the destination IP Address.
IP Destination Address and Subnet Mask go in a pair.
So if aniDevFilterIpDaddr is configured, then
aniDevFilterIpDmask should be configured as well and
vice versa.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
aniDevFilterIpSourceStart |
1.3.6.1.4.1.4325.2.8.1.1.12 |
The lowest bound value for the source port number.
List of Some Well Known Ports:
Application Port
----------- ----
Ftp Data 20
Ftp Control 21
HTTP 80
IMAP2 143
SNMP 161
POP3 110
SMTP 25
Telnet 23
TFTP 69
BootP Server 67
BootP Client 68
Gopher 70
Finger 79
BGP 179
In addition to the list, the user can enter any other
value as well.
This field is valid only if the aniDevFilterIpProtocol
field is set to TCP, UDP, (TCP or UDP) or not specified by the user.
aniIpFilterIpSourceEnd should be >=
aniIpFilterIpSourceStart.
Whenever aniIpFilterIpSourceEnd is configured,
aniIpFilterIpSourceStart should be configured as well.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
aniDevFilterIpSourceEnd |
1.3.6.1.4.1.4325.2.8.1.1.13 |
The highest bound value for the source port number.
Refer to the Well known ports list under
aniIpFilterIpSourceStart description.
In addition to the list, the user can enter any other
value as well.
This field is valid only if the aniDevFilterIpProtocol is
set to TCP, UDP, (TCP or UDP) or not specified by the user.
aniDevFilterIpSourceEnd should be >= aniDevFilterIpSourceStart.
Whenever aniDevFilterIpSourceEnd is configured,
aniDevFilterIpSourceStart should be configured as well.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
aniDevFilterIpDestStart |
1.3.6.1.4.1.4325.2.8.1.1.14 |
The lowest bound value for the destination port number.
Refer to the Well known ports list under
aniIpFilterIpSourceStart description.
In addition to the list, the user can enter any other
value as well.
This field is valid only if the aniDevFilterIpProtocol
is set to TCP, UDP, (TCP or UDP) or not specified by the user.
aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart.
Whenever aniDevFilterIpDestStart is configured,
aniDevFilterIpDestEnd should be configured as well.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
aniDevFilterIpDestEnd |
1.3.6.1.4.1.4325.2.8.1.1.15 |
The highest bound value for the destination port number.
Refer to the Well known ports list under
aniIpFilterIpSourceStart description.
In addition to the list, the user can enter any other
value as well.
This field is valid only if the aniDevFilterIpProtocol
is set to TCP, UDP, (TCP or UDP) or not specified by the user.
aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart.
Whenever aniDevFilterIpDestStart is configured,
aniDevFilterIpDestEnd should be configured as well.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
aniDevFilterIpOptions |
1.3.6.1.4.1.4325.2.8.1.1.16 |
The Mask value for the IP Options.
No Operation (0x000001)
Route Record (0x000002)
Time Stamp (0x000040)
MTU Probe (0x000008)
MTU Reply (0x000010)
Trace Route (0x000080)
Address Extension (0x004000)
Loose Source Route (0x000200)
Strict Source Route (0x002000)
Extended Security (0x000400)
Security (0x000100)
Commercial Security (0x000800)
Experimental Measurement (0x000004)
Experimental Flow Control (0x040000)
Experimental Access Control (0x008000)
Stream Id (0x001000)
IMI Traffic Descriptor (0x010000)
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
aniDevFilterIpSecOptions |
1.3.6.1.4.1.4325.2.8.1.1.17 |
The IP Security Value.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
top-secret(1), secret(2), confidential(3), unclassified(4) |
|
aniDevFilterIcmpMsgType |
1.3.6.1.4.1.4325.2.8.1.1.18 |
The Message Type for ICMP Protocol.
This field is valid only if the aniDevFilterIpProtocol
is set to ICMP or not specified by the user.
Valid Range:
ICMP Message Type SubCode
------------ ---- ----
Echo reply 0
------------------------------------------------------------
Destination
Unreachable 3 0 = net unreachable;
1 = host unreachable;
2 = protocol unreachable;
3 = port unreachable;
4 = fragmentation needed and DF set;
5 = source route failed.
------------------------------------------------------------
Source Quench 4
------------------------------------------------------------
Redirect 5 0 = Redirect datagrams for the Network.
1 = Redirect datagrams for the Host.
2 = Redirect datagrams for the Type of
Service and Network.
3 = Redirect datagrams for the Type of
Service and Host.
------------------------------------------------------------
Echo 8
------------------------------------------------------------
Time Exceeded
Message 11 0 = time to live exceeded in transit;
1 = fragment reassembly time exceeded.
------------------------------------------------------------
Parameter
Problem 12 0 = pointer indicates the error.
------------------------------------------------------------
Timestamp
message 13
------------------------------------------------------------
Timestamp
reply message 14
------------------------------------------------------------
Information
Request 15
------------------------------------------------------------
Information
Reply 16
------------------------------------------------------------
Address Mask
request 17
------------------------------------------------------------
Address Mask
reply 18
------------------------------------------------------------
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
aniDevFilterIcmpSubcode |
1.3.6.1.4.1.4325.2.8.1.1.19 |
The Subcode for ICMP Protocol.
This field is valid only if the aniDevFilterIpProtocol is
set to ICMP or not specified by the user.
If this field is specified then aniDevFilterIcmpMsgType
should already be specified. The values allowed for ICMP Code
depend on aniDevFilterIcmpMsgType.
Refer to the description under aniDevFilterIcmpMsgType for a
detail list of values.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
aniDevFilterTcpFlags |
1.3.6.1.4.1.4325.2.8.1.1.20 |
The TCP Flags.
The valid range:
Urgent (0x20)
Acknowledgement (0x10)
Push (0x08)
Reset (0x04)
Sync (0x02)
Sync-Ack (0x12)
Finish (0x01)
Finish-Ack (0x11)
This field is valid only if the aniDevFilterIpProtocol
is set to ICMP or not specified by the user.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
aniDevFilterDestMacMask |
1.3.6.1.4.1.4325.2.8.1.1.21 |
The MAC address and mask value for destination.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(0..12) |
|
aniDevFilterEnetType |
1.3.6.1.4.1.4325.2.8.1.1.23 |
The Ethernet type value in the ethernet header.
The maximum length of the ethernet packet is 1500 (0x5DC).
The value of the ethernet type must be greater than 1500.
Appicable for Ethernet Version II frame type. If this type
is being used then, DSAP (LLC Header), SSAP (LLC Header),
Control Byte (LLC Header) and Local Code (SNAP) cannot be
used and vice-versa.
Valid Range: 0x5DD to 0xFFFF
List of Ethernet Types:
-----------------------------------------------------------
0x800 DOD Internet Protocol (IP)
-----------------------------------------------------------
0x806 Address Resolution Protocol (ARP)
(for IP and for CHAOS)
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
aniDevFilterLlcDSAP |
1.3.6.1.4.1.4325.2.8.1.1.24 |
The DSAP (Destination Service Access Point) value
in LLC Header.
Valid Range: 0 to 0xFF
Applicable for IEEE 802.3 Frame Format only.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
aniDevFilterLlcSSAP |
1.3.6.1.4.1.4325.2.8.1.1.25 |
The SSAP (Source Service Access Point) value
in LLC Header.
Valid Range: 0 to 0xFF
Applicable for IEEE 802.3 Frame Format only.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
aniDevFilterLlcControl |
1.3.6.1.4.1.4325.2.8.1.1.26 |
The Control Byte of the LLC Header.
Valid Range: 0 to 0xFF
Applicable for IEEE 802.3 Frame Format only.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
aniDevFilterLocalCode |
1.3.6.1.4.1.4325.2.8.1.1.27 |
The Local Code for SNAP ethernet type.
Applicable for IEEE 802.3 Frame Format only.
DSAP should be set to 0xAA, SSAP should be set to 0xAA,
Control Byte should be set to 0x03.
Valid range: 0 - 0xFFFF.
List of Ethernet Types:
--------------------------------------------------------
0x800 DOD Internet Protocol (IP)
--------------------------------------------------------
0x806 Address Resolution Protocol (ARP)
(for IP and for CHAOS)
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
aniDevFilterRowStatus |
1.3.6.1.4.1.4325.2.8.1.1.28 |
This represents the state of an entry within the
table. It is used to manage creation and deletion of rows.
The values include:
active(1)
notInService(2)
notReady(3)
createAndGo(4)
createAndWait(5)
destroy(6)
When a Get request is sent, this object returns either
active(1), notInService(2) or notReady(3) depending on
the state of this row.
A new row can be Created using either createAndGo(4) or
createAndWait(5).
For Deleting a row, this field should be set to destroy(6).
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
aniDevFilterUserPriorityHi |
1.3.6.1.4.1.4325.2.8.1.1.29 |
The high priority byte of the user priority.
The user priority specifies the matching
parameters for the IEEE 802.1P user_priority
bits. An Ethernet packet with IEEE 802.1P
user_priority value 'priority' matches these
parameters if pri-low <= priority <= pri_high.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..7 |
|
aniDevFilterUserPriorityLo |
1.3.6.1.4.1.4325.2.8.1.1.30 |
The low priority byte of the user priority.
The user priority specifies the matching
parameters for the IEEE 802.1P user_priority
bits. An Ethernet packet with IEEE 802.1P
user_priority value 'priority' matches these
parameters if pri-low <= priority <= pri_high.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..7 |
|
aniDevFilterVlanIdStart |
1.3.6.1.4.1.4325.2.8.1.1.31 |
The lower limit for the VLAN ID.
This value is used to specify the lower limit in the
range. Any IEEE 802.1P packet from a customer's VLAN
that falls into the range matches the rule.
aniDevFilterVlanIdStart and aniDevFilterVlanIdEnd
must be defined in a pair.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..4095 |
|
aniDevFilterVlanIdEnd |
1.3.6.1.4.1.4325.2.8.1.1.32 |
The upper limit for the VLAN ID.
This value is used to specify the upper limit in the
range. Any IEEE 802.1P packet from a customer's VLAN
that falls into the range matches the rule.
aniUSClassifierVlanIdStart and aniUSClassifierVlanIdEnd
must be defined in a pair.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..4095 |
|
aniDevFilterIfTable |
1.3.6.1.4.1.4325.2.8.2 |
This table allows the user to enable/disable Filtering
per interface basis.
|
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
AniDevFilterIfEntry |
|
aniDevFilterIfEntry |
1.3.6.1.4.1.4325.2.8.2.1 |
An entry containing objects for each IP Filter
interface configured.
|
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
AniDevFilterIfEntry |
|
|
aniDevFilterIfIdentifier |
1.3.6.1.4.1.4325.2.8.2.1.1 |
The Interface Type.
On SU, only ethernet(1) and wireless-port1(2) are valid.
On BSU, ethernet(1) and all configured wireless interfaces
-- wireless-port1(2), wireless-port2(3), wireless-port3(4),
wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid,
that is, filtering should be allowed on these wireless
interfaces only if they are configured.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
ethernet(1), wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7) |
|
aniDevFilterIfFlag |
1.3.6.1.4.1.4325.2.8.2.1.2 |
The flag to enable or disable filtering on
a particular interface.
The default value depends on whether a rule is configured
on the particular interface or not. When a rule is configured
on the interface, this flag will be set to enable(1)
automatically. If no rule is configured, this flag should
be disabled by default.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enable(1), disable(2) |
|