DEVFILTER-MIB

File: DEVFILTER-MIB.mib (23231 bytes)

Imported modules

RFC1155-SMI SNMPv2-SMI SNMPv2-TC
ANIROOT-MIB

Imported symbols

IpAddress OBJECT-TYPE MODULE-IDENTITY
Integer32 MacAddress DisplayString
RowStatus device

Defined Types

AniDevFilterEntry  
SEQUENCE    
  aniDevFilterIfIndex INTEGER
  aniDevFilterIdentifier Integer32
  aniDevFilterName DisplayString
  aniDevFilterPriority Integer32
  aniDevFilterActivationState INTEGER
  aniDevFilterPermission INTEGER
  aniDevFilterIpProtocol Integer32
  aniDevFilterIpSaddr IpAddress
  aniDevFilterIpSmask IpAddress
  aniDevFilterIpDaddr IpAddress
  aniDevFilterIpDmask IpAddress
  aniDevFilterIpSourceStart INTEGER
  aniDevFilterIpSourceEnd INTEGER
  aniDevFilterIpDestStart INTEGER
  aniDevFilterIpDestEnd INTEGER
  aniDevFilterIpOptions Integer32
  aniDevFilterIpSecOptions INTEGER
  aniDevFilterIcmpMsgType INTEGER
  aniDevFilterIcmpSubcode INTEGER
  aniDevFilterTcpFlags Integer32
  aniDevFilterDestMacMask OCTET STRING
  aniDevFilterSourceMac MacAddress
  aniDevFilterEnetType DisplayString
  aniDevFilterLlcDSAP DisplayString
  aniDevFilterLlcSSAP DisplayString
  aniDevFilterLlcControl DisplayString
  aniDevFilterLocalCode DisplayString
  aniDevFilterRowStatus RowStatus
  aniDevFilterUserPriorityHi INTEGER
  aniDevFilterUserPriorityLo INTEGER
  aniDevFilterVlanIdStart INTEGER
  aniDevFilterVlanIdEnd INTEGER

AniDevFilterIfEntry  
SEQUENCE    
  aniDevFilterIfIdentifier INTEGER
  aniDevFilterIfFlag INTEGER

Defined Values

aniDevFilter 1.3.6.1.4.1.4325.2.8
This group provides Filter related information for BSU or SU.
MODULE-IDENTITY    

aniDevFilterTable 1.3.6.1.4.1.4325.2.8.1
This table allows the user to view the configured IP Filters.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    AniDevFilterEntry

aniDevFilterEntry 1.3.6.1.4.1.4325.2.8.1.1
An entry containing objects for each IP Filter configured.
Status: current Access: not-accessible
OBJECT-TYPE    
  AniDevFilterEntry  

aniDevFilterIfIndex 1.3.6.1.4.1.4325.2.8.1.1.1
The Interface Type. On SU, only ethernet(1) and wireless-port1(2) are valid. On BSU, ethernet(1) and all configured wireless interfaces -- wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid, that is, filtering should be allowed on these wireless interfaces only if they are configured.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER ethernet(1), wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7)  

aniDevFilterIdentifier 1.3.6.1.4.1.4325.2.8.1.1.2
A unique number which identifies the filtering rule.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..255  

aniDevFilterName 1.3.6.1.4.1.4325.2.8.1.1.3
A name which identifies the filtering rule.
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString Size(0..31)  

aniDevFilterPriority 1.3.6.1.4.1.4325.2.8.1.1.4
The priority for the filtering rule. It should be unique. A higher number means higher priority.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..255  

aniDevFilterActivationState 1.3.6.1.4.1.4325.2.8.1.1.5
The state of the filtering rule.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER inactive(1), active(2)  

aniDevFilterPermission 1.3.6.1.4.1.4325.2.8.1.1.6
The permissions for the filtering rule.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER block(1), pass(2)  

aniDevFilterIpProtocol 1.3.6.1.4.1.4325.2.8.1.1.7
The IP protocol value. List of well known IP Protocols: Protocol Value -------- ----- ICMP 1 IGMP 2 TCP 6 EGP 8 UDP 17 IPIP 94 RSVP 46 GRE 47 TCP or UDP 257 Apart from the above protocols, the user can also specify other values.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..257  

aniDevFilterIpSaddr 1.3.6.1.4.1.4325.2.8.1.1.8
The source IP address for this Filter. IP Source Address and Subnet Mask go in a pair. So if aniDevFilterIpSaddr is configured, then aniDevFilterIpSmask should be configured as well and vice versa.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

aniDevFilterIpSmask 1.3.6.1.4.1.4325.2.8.1.1.9
The Subnet mask for the source IP Address. IP Source Address and Subnet Mask go in a pair. So if aniDevFilterIpSaddr is configured, then aniDevFilterIpSmask should be configured as well and vice versa.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

aniDevFilterIpDaddr 1.3.6.1.4.1.4325.2.8.1.1.10
The destination IP address for this Filter. IP Destination Address and Subnet Mask go in a pair. So if aniDevFilterIpDaddr is configured, then aniDevFilterIpDmask should be configured as well and vice versa.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

aniDevFilterIpDmask 1.3.6.1.4.1.4325.2.8.1.1.11
The Subnet mask for the destination IP Address. IP Destination Address and Subnet Mask go in a pair. So if aniDevFilterIpDaddr is configured, then aniDevFilterIpDmask should be configured as well and vice versa.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

aniDevFilterIpSourceStart 1.3.6.1.4.1.4325.2.8.1.1.12
The lowest bound value for the source port number. List of Some Well Known Ports: Application Port ----------- ---- Ftp Data 20 Ftp Control 21 HTTP 80 IMAP2 143 SNMP 161 POP3 110 SMTP 25 Telnet 23 TFTP 69 BootP Server 67 BootP Client 68 Gopher 70 Finger 79 BGP 179 In addition to the list, the user can enter any other value as well. This field is valid only if the aniDevFilterIpProtocol field is set to TCP, UDP, (TCP or UDP) or not specified by the user. aniIpFilterIpSourceEnd should be >= aniIpFilterIpSourceStart. Whenever aniIpFilterIpSourceEnd is configured, aniIpFilterIpSourceStart should be configured as well.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65535  

aniDevFilterIpSourceEnd 1.3.6.1.4.1.4325.2.8.1.1.13
The highest bound value for the source port number. Refer to the Well known ports list under aniIpFilterIpSourceStart description. In addition to the list, the user can enter any other value as well. This field is valid only if the aniDevFilterIpProtocol is set to TCP, UDP, (TCP or UDP) or not specified by the user. aniDevFilterIpSourceEnd should be >= aniDevFilterIpSourceStart. Whenever aniDevFilterIpSourceEnd is configured, aniDevFilterIpSourceStart should be configured as well.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65535  

aniDevFilterIpDestStart 1.3.6.1.4.1.4325.2.8.1.1.14
The lowest bound value for the destination port number. Refer to the Well known ports list under aniIpFilterIpSourceStart description. In addition to the list, the user can enter any other value as well. This field is valid only if the aniDevFilterIpProtocol is set to TCP, UDP, (TCP or UDP) or not specified by the user. aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart. Whenever aniDevFilterIpDestStart is configured, aniDevFilterIpDestEnd should be configured as well.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65535  

aniDevFilterIpDestEnd 1.3.6.1.4.1.4325.2.8.1.1.15
The highest bound value for the destination port number. Refer to the Well known ports list under aniIpFilterIpSourceStart description. In addition to the list, the user can enter any other value as well. This field is valid only if the aniDevFilterIpProtocol is set to TCP, UDP, (TCP or UDP) or not specified by the user. aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart. Whenever aniDevFilterIpDestStart is configured, aniDevFilterIpDestEnd should be configured as well.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65535  

aniDevFilterIpOptions 1.3.6.1.4.1.4325.2.8.1.1.16
The Mask value for the IP Options. No Operation (0x000001) Route Record (0x000002) Time Stamp (0x000040) MTU Probe (0x000008) MTU Reply (0x000010) Trace Route (0x000080) Address Extension (0x004000) Loose Source Route (0x000200) Strict Source Route (0x002000) Extended Security (0x000400) Security (0x000100) Commercial Security (0x000800) Experimental Measurement (0x000004) Experimental Flow Control (0x040000) Experimental Access Control (0x008000) Stream Id (0x001000) IMI Traffic Descriptor (0x010000)
Status: current Access: read-write
OBJECT-TYPE    
  Integer32  

aniDevFilterIpSecOptions 1.3.6.1.4.1.4325.2.8.1.1.17
The IP Security Value.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER top-secret(1), secret(2), confidential(3), unclassified(4)  

aniDevFilterIcmpMsgType 1.3.6.1.4.1.4325.2.8.1.1.18
The Message Type for ICMP Protocol. This field is valid only if the aniDevFilterIpProtocol is set to ICMP or not specified by the user. Valid Range: ICMP Message Type SubCode ------------ ---- ---- Echo reply 0 ------------------------------------------------------------ Destination Unreachable 3 0 = net unreachable; 1 = host unreachable; 2 = protocol unreachable; 3 = port unreachable; 4 = fragmentation needed and DF set; 5 = source route failed. ------------------------------------------------------------ Source Quench 4 ------------------------------------------------------------ Redirect 5 0 = Redirect datagrams for the Network. 1 = Redirect datagrams for the Host. 2 = Redirect datagrams for the Type of Service and Network. 3 = Redirect datagrams for the Type of Service and Host. ------------------------------------------------------------ Echo 8 ------------------------------------------------------------ Time Exceeded Message 11 0 = time to live exceeded in transit; 1 = fragment reassembly time exceeded. ------------------------------------------------------------ Parameter Problem 12 0 = pointer indicates the error. ------------------------------------------------------------ Timestamp message 13 ------------------------------------------------------------ Timestamp reply message 14 ------------------------------------------------------------ Information Request 15 ------------------------------------------------------------ Information Reply 16 ------------------------------------------------------------ Address Mask request 17 ------------------------------------------------------------ Address Mask reply 18 ------------------------------------------------------------
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER  

aniDevFilterIcmpSubcode 1.3.6.1.4.1.4325.2.8.1.1.19
The Subcode for ICMP Protocol. This field is valid only if the aniDevFilterIpProtocol is set to ICMP or not specified by the user. If this field is specified then aniDevFilterIcmpMsgType should already be specified. The values allowed for ICMP Code depend on aniDevFilterIcmpMsgType. Refer to the description under aniDevFilterIcmpMsgType for a detail list of values.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER  

aniDevFilterTcpFlags 1.3.6.1.4.1.4325.2.8.1.1.20
The TCP Flags. The valid range: Urgent (0x20) Acknowledgement (0x10) Push (0x08) Reset (0x04) Sync (0x02) Sync-Ack (0x12) Finish (0x01) Finish-Ack (0x11) This field is valid only if the aniDevFilterIpProtocol is set to ICMP or not specified by the user.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32  

aniDevFilterDestMacMask 1.3.6.1.4.1.4325.2.8.1.1.21
The MAC address and mask value for destination.
Status: current Access: read-write
OBJECT-TYPE    
  OCTET STRING Size(0..12)  

aniDevFilterSourceMac 1.3.6.1.4.1.4325.2.8.1.1.22
The MAC Address of the source.
Status: current Access: read-write
OBJECT-TYPE    
  MacAddress  

aniDevFilterEnetType 1.3.6.1.4.1.4325.2.8.1.1.23
The Ethernet type value in the ethernet header. The maximum length of the ethernet packet is 1500 (0x5DC). The value of the ethernet type must be greater than 1500. Appicable for Ethernet Version II frame type. If this type is being used then, DSAP (LLC Header), SSAP (LLC Header), Control Byte (LLC Header) and Local Code (SNAP) cannot be used and vice-versa. Valid Range: 0x5DD to 0xFFFF List of Ethernet Types: ----------------------------------------------------------- 0x800 DOD Internet Protocol (IP) ----------------------------------------------------------- 0x806 Address Resolution Protocol (ARP) (for IP and for CHAOS)
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString  

aniDevFilterLlcDSAP 1.3.6.1.4.1.4325.2.8.1.1.24
The DSAP (Destination Service Access Point) value in LLC Header. Valid Range: 0 to 0xFF Applicable for IEEE 802.3 Frame Format only.
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString  

aniDevFilterLlcSSAP 1.3.6.1.4.1.4325.2.8.1.1.25
The SSAP (Source Service Access Point) value in LLC Header. Valid Range: 0 to 0xFF Applicable for IEEE 802.3 Frame Format only.
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString  

aniDevFilterLlcControl 1.3.6.1.4.1.4325.2.8.1.1.26
The Control Byte of the LLC Header. Valid Range: 0 to 0xFF Applicable for IEEE 802.3 Frame Format only.
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString  

aniDevFilterLocalCode 1.3.6.1.4.1.4325.2.8.1.1.27
The Local Code for SNAP ethernet type. Applicable for IEEE 802.3 Frame Format only. DSAP should be set to 0xAA, SSAP should be set to 0xAA, Control Byte should be set to 0x03. Valid range: 0 - 0xFFFF. List of Ethernet Types: -------------------------------------------------------- 0x800 DOD Internet Protocol (IP) -------------------------------------------------------- 0x806 Address Resolution Protocol (ARP) (for IP and for CHAOS)
Status: current Access: read-write
OBJECT-TYPE    
  DisplayString  

aniDevFilterRowStatus 1.3.6.1.4.1.4325.2.8.1.1.28
This represents the state of an entry within the table. It is used to manage creation and deletion of rows. The values include: active(1) notInService(2) notReady(3) createAndGo(4) createAndWait(5) destroy(6) When a Get request is sent, this object returns either active(1), notInService(2) or notReady(3) depending on the state of this row. A new row can be Created using either createAndGo(4) or createAndWait(5). For Deleting a row, this field should be set to destroy(6).
Status: current Access: read-write
OBJECT-TYPE    
  RowStatus  

aniDevFilterUserPriorityHi 1.3.6.1.4.1.4325.2.8.1.1.29
The high priority byte of the user priority. The user priority specifies the matching parameters for the IEEE 802.1P user_priority bits. An Ethernet packet with IEEE 802.1P user_priority value 'priority' matches these parameters if pri-low <= priority <= pri_high.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..7  

aniDevFilterUserPriorityLo 1.3.6.1.4.1.4325.2.8.1.1.30
The low priority byte of the user priority. The user priority specifies the matching parameters for the IEEE 802.1P user_priority bits. An Ethernet packet with IEEE 802.1P user_priority value 'priority' matches these parameters if pri-low <= priority <= pri_high.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..7  

aniDevFilterVlanIdStart 1.3.6.1.4.1.4325.2.8.1.1.31
The lower limit for the VLAN ID. This value is used to specify the lower limit in the range. Any IEEE 802.1P packet from a customer's VLAN that falls into the range matches the rule. aniDevFilterVlanIdStart and aniDevFilterVlanIdEnd must be defined in a pair.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..4095  

aniDevFilterVlanIdEnd 1.3.6.1.4.1.4325.2.8.1.1.32
The upper limit for the VLAN ID. This value is used to specify the upper limit in the range. Any IEEE 802.1P packet from a customer's VLAN that falls into the range matches the rule. aniUSClassifierVlanIdStart and aniUSClassifierVlanIdEnd must be defined in a pair.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..4095  

aniDevFilterIfTable 1.3.6.1.4.1.4325.2.8.2
This table allows the user to enable/disable Filtering per interface basis.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    AniDevFilterIfEntry

aniDevFilterIfEntry 1.3.6.1.4.1.4325.2.8.2.1
An entry containing objects for each IP Filter interface configured.
Status: current Access: not-accessible
OBJECT-TYPE    
  AniDevFilterIfEntry  

aniDevFilterIfIdentifier 1.3.6.1.4.1.4325.2.8.2.1.1
The Interface Type. On SU, only ethernet(1) and wireless-port1(2) are valid. On BSU, ethernet(1) and all configured wireless interfaces -- wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid, that is, filtering should be allowed on these wireless interfaces only if they are configured.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER ethernet(1), wireless-port1(2), wireless-port2(3), wireless-port3(4), wireless-port4(5), wireless-port5(6), wireless-port6(7)  

aniDevFilterIfFlag 1.3.6.1.4.1.4325.2.8.2.1.2
The flag to enable or disable filtering on a particular interface. The default value depends on whether a rule is configured on the particular interface or not. When a rule is configured on the interface, this flag will be set to enable(1) automatically. If no rule is configured, this flag should be disabled by default.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER enable(1), disable(2)