HM2-NAT-MIB
File:
HM2-NAT-MIB.mib (55906 bytes)
Imported modules
Imported symbols
Defined Types
Hm2DnatRuleEntry |
|
SEQUENCE |
|
|
|
|
hm2DnatRuleIndex |
Integer32 |
|
|
hm2DnatSourceAddress |
DisplayString |
|
|
hm2DnatSourcePort |
DisplayString |
|
|
hm2DnatTargetAddress |
DisplayString |
|
|
hm2DnatTargetPort |
DisplayString |
|
|
hm2DnatNewTargetAddress |
DisplayString |
|
|
hm2DnatNewTargetPort |
DisplayString |
|
|
hm2DnatProto |
INTEGER |
|
|
hm2DnatRuleParams |
DisplayString |
|
|
hm2DnatLog |
TruthValue |
|
|
hm2DnatTrap |
TruthValue |
|
|
hm2DnatRowStatus |
RowStatus |
|
|
hm2DnatDescription |
DisplayString |
|
Hm2DnatRuleIfMappingEntry |
|
SEQUENCE |
|
|
|
|
hm2DnatIfmRuleIndex |
Integer32 |
|
|
hm2DnatIfmDirection |
INTEGER |
|
|
hm2DnatIfmPriority |
Unsigned32 |
|
|
hm2DnatIfmInterface |
InterfaceIndex |
|
|
hm2DnatIfmRowStatus |
RowStatus |
|
Hm2DnatStatsRuleTableEntry |
|
SEQUENCE |
|
|
|
|
hm2DnatStatsPckCount |
Counter64 |
|
|
hm2DnatStatsPckSize |
Counter64 |
|
|
hm2DnatStatsLastApplied |
HmTimeSeconds1970 |
|
Hm21to1RuleEntry |
|
SEQUENCE |
|
|
|
|
hm21to1RuleIndex |
Integer32 |
|
|
hm21to1TargetAddress |
DisplayString |
|
|
hm21to1NewTargetAddress |
DisplayString |
|
|
hm21to1RuleParams |
DisplayString |
|
|
hm21to1Log |
TruthValue |
|
|
hm21to1Trap |
TruthValue |
|
|
hm21to1RowStatus |
RowStatus |
|
|
hm21to1Description |
DisplayString |
|
|
hm21to1IngressIntf |
InterfaceIndexOrZero |
|
|
hm21to1EgressIntf |
InterfaceIndexOrZero |
|
|
hm21to1Priority |
Unsigned32 |
|
|
hm21to1StorageType |
StorageType |
|
Hm2OtoStatsRuleTableEntry |
|
SEQUENCE |
|
|
|
|
hm21to1StatsPckCount |
Counter64 |
|
|
hm21to1StatsPckSize |
Counter64 |
|
|
hm21to1StatsLastApplied |
HmTimeSeconds1970 |
|
Hm2MasqRuleEntry |
|
SEQUENCE |
|
|
|
|
hm2MasqRuleIndex |
Integer32 |
|
|
hm2MasqSourceAddress |
DisplayString |
|
|
hm2MasqSourcePort |
DisplayString |
|
|
hm2MasqProto |
INTEGER |
|
|
hm2MasqRuleParams |
DisplayString |
|
|
hm2MasqLog |
TruthValue |
|
|
hm2MasqTrap |
TruthValue |
|
|
hm2MasqRowStatus |
RowStatus |
|
|
hm2MasqDescription |
DisplayString |
|
|
hm2MasqIpsecExempt |
TruthValue |
|
Hm2MasqRuleIfMappingEntry |
|
SEQUENCE |
|
|
|
|
hm2MasqIfmRuleIndex |
Integer32 |
|
|
hm2MasqIfmDirection |
INTEGER |
|
|
hm2MasqIfmPriority |
Unsigned32 |
|
|
hm2MasqIfmInterface |
InterfaceIndex |
|
|
hm2MasqIfmRowStatus |
RowStatus |
|
Hm2MasqStatsRuleTableEntry |
|
SEQUENCE |
|
|
|
|
hm2MasqStatsPckCount |
Counter64 |
|
|
hm2MasqStatsPckSize |
Counter64 |
|
|
hm2MasqStatsLastApplied |
HmTimeSeconds1970 |
|
Hm2DoubleNatRuleEntry |
|
SEQUENCE |
|
|
|
|
hm2DonatRuleIndex |
Integer32 |
|
|
hm2DonatLocalInternalIp |
DisplayString |
|
|
hm2DonatLocalExternalIp |
DisplayString |
|
|
hm2DonatRemoteInternalIp |
DisplayString |
|
|
hm2DonatRemoteExternalIp |
DisplayString |
|
|
hm2DonatRuleParams |
DisplayString |
|
|
hm2DonatLog |
TruthValue |
|
|
hm2DonatTrap |
TruthValue |
|
|
hm2DonatRowStatus |
RowStatus |
|
|
hm2DonatDescription |
DisplayString |
|
Hm2DonatRuleIfMappingEntry |
|
SEQUENCE |
|
|
|
|
hm2DonatIfmRuleIndex |
Integer32 |
|
|
hm2DonatIfmDirection |
INTEGER |
|
|
hm2DonatIfmPriority |
Unsigned32 |
|
|
hm2DonatIfmInterface |
InterfaceIndex |
|
|
hm2DonatIfmRowStatus |
RowStatus |
|
Hm2DonatStatsRuleTableEntry |
|
SEQUENCE |
|
|
|
|
hm2DonatStatsPckCount |
Counter64 |
|
|
hm2DonatStatsPckSize |
Counter64 |
|
|
hm2DonatStatsLastApplied |
HmTimeSeconds1970 |
|
Defined Values
hm2NatMib |
1.3.6.1.4.1.248.11.80 |
This MIB defines the SNMP interface for Hirschmann DNAT/SNAT/
Double NAT/1:1 NAT implementations
Copyright (C) |
MODULE-IDENTITY |
|
|
|
hm2DnatMaxRules |
1.3.6.1.4.1.248.11.80.1.1.2 |
Maximum number of allowed rules for DNAT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm2MasqMaxRules |
1.3.6.1.4.1.248.11.80.1.1.4 |
Maximum number of allowed rules for Masquerading. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm2DoubleNatMaxRules |
1.3.6.1.4.1.248.11.80.1.1.5 |
Maximum number of allowed rules for Double NAT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm2NatResetStatistics |
1.3.6.1.4.1.248.11.80.1.1.6 |
Setting this value to action(2) will reset the statistics of
the whole NAT module. It will be set to noop(1) automatically
after reset. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmActionValue |
|
|
hm2DnatRuleAppliedTrap |
1.3.6.1.4.1.248.11.80.0.1 |
A rule of DNAT was applied. The rule is
identified by the given rule index of the rule table. |
Status: current |
Access: read-write |
NOTIFICATION-TYPE |
|
|
|
hm2DnatRuleAppliedAndLoggedTrap |
1.3.6.1.4.1.248.11.80.0.2 |
A rule of DNAT was applied and logged according to
the current logging mechanism. The rule is identified by the
given rule index of the rule table. |
Status: current |
Access: read-write |
NOTIFICATION-TYPE |
|
|
|
hm2Dnat |
1.3.6.1.4.1.248.11.80.1.2 |
OBJECT IDENTIFIER |
|
|
|
hm2DnatRuleCount |
1.3.6.1.4.1.248.11.80.1.2.1.1.1 |
Number of current DNAT rules |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm2DnatRulePendingActions |
1.3.6.1.4.1.248.11.80.1.2.1.1.3 |
This value describes, whether the DNAT rule table was modified
but not yet written to the firewall implementation (set to
true). After writing all modifications to the firewall, the
value switches automatically back to false. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DnatCommitPendingActions |
1.3.6.1.4.1.248.11.80.1.2.1.1.4 |
Setting this value to action(2) writes not yet committed changes
to the firewall (DNAT and Interface Mapping Table). After
writing all modifications, the value switches automatically
back to noop(1). |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmActionValue |
|
|
hm2DnatRuleTable |
1.3.6.1.4.1.248.11.80.1.2.1.2.1 |
The list of DNAT rules for this firewall. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
Hm2DnatRuleEntry |
|
hm2DnatRuleEntry |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1 |
DNAT rule entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DnatRuleEntry |
|
|
hm2DnatRuleIndex |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.1 |
Rule index of this DNAT rule. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..255 |
|
hm2DnatSourceAddress |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.3 |
Source address of packets to be NATed. Can be:
- Single address (a.b.c.d),
- address range in CIDR notation (a.b.c.d/n)
- the name of a Netobject ()
- 'any' for no filtering at all
- a prepending '!' selects the complement set |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DnatSourcePort |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.4 |
The source port of the packet to reroute. Allowed formats are:
- keyword 'any' for no filtering or a protocol without ports
- single port ('10')
- port range with first and last port separated by hyphen
('10-15')
- comma separated list of ports ('1235,25,123')
- combination of the points above ('10,25-30,125,1993')
The number of named ports (1 for each individual port, 2 for port
ranges) must not exceed 15. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..50) |
|
hm2DnatTargetAddress |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.5 |
Destination address of packets to be NATed. Can be:
- Single address (a.b.c.d),
- address range in CIDR notation (a.b.c.d/n)
- the name of a Netobject ()
- 'any' for no filtering at all
- a prepending '!' selects the complement set |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DnatTargetPort |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.6 |
The target port of the packet to reroute. Allowed formats are:
- keyword 'any'
- single port ('10')
- port range with first and last port separated by hyphen
('10-15')
- comma separated list of ports ('1235,25,123')
- combination of the points above ('10,25-30,125,1993')
The number of named ports (1 for each individual port, 2 for port
ranges) must not exceed 15. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..50) |
|
hm2DnatNewTargetAddress |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.7 |
The IP address of the machine to reroute packets to. Must be a single
IP address (a.b.c.d). |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DnatNewTargetPort |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.8 |
The port to reroute packets to. Must be a single port or 'any'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..50) |
|
hm2DnatProto |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.9 |
The IP protocol (RFC 791) for protocol-independent
filtering. The following values are currently
supported:
o icmp(1): Internet Control Message Protocol (RFC 792)
o igmp(2): Internet Group Management Protocol
o ipip(3): IP in IP tunneling (RFC 1853)
o tcp(4): Transmission Control Protocol (RFC 793)
o udp(5): User Datagram Protocol (RFC 768)
o esp(6): IPsec Encapsulated Security Payload (RFC 2406)
o ah(7): IPsec Authentication Header (RFC 2402)
o icmpv6(8): Internet Control Message Protocol for IPv6
o any(9): apply to all protocols |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
icmp(1), igmp(2), ipip(3), tcp(4), udp(5), esp(6), ah(7), icmpv6(8), any(9) |
|
hm2DnatRuleParams |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.10 |
Additional parameters to this rule as string.
Currently only the value 'none' is valid.
Reserved for future use. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
hm2DnatLog |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.11 |
Set to true if application of this rule shall be logged. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DnatTrap |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.12 |
Set to true if application of this rule shall send a trap. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DnatRowStatus |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.13 |
This is a standard row status value:
- active(1): The rule is active. Note that until committed, the rule
will not be applied.
- notInService(2): The rule is inactive because of user action.
- notReady(3):The rule is inactive because it has an incomplete
configuration.
- createAndGo(4): Create the rule with default parameters
activated.
- createAndWait(5): Create the rule inactive.
- destroy(6): Delete the rule. You cannot delete a rule with
interface mappings to it. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2DnatDescription |
1.3.6.1.4.1.248.11.80.1.2.1.2.1.1.14 |
User defined textual description related to this rule. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..32) |
|
hm2DnatRuleIfMappingEntry |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1 |
Entry in rule interface mapping table. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DnatRuleIfMappingEntry |
|
|
hm2DnatIfmRuleIndex |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1.1 |
The index of the DNAT rule this mapping entry is assigned to. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..2048 |
|
hm2DnatIfmDirection |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1.2 |
For DNAT, this can only be set to ingress, which is the interface on
which a packet that is to be forwarded will arrive. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
ingress(1), egress(2), both(3) |
|
hm2DnatIfmPriority |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1.3 |
The priority is the sorting key for rules in the chain to this
interface. They don't need to be unique per interface, but in
that case, no clear order can be assumed.
Priorities are processed in ascending order (0 highest
priority). |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm2DnatIfmInterface |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1.4 |
The interface this mapping entry is assigned to. This has to be either
an hm2AgentSwitchIpInterfaceIfIndex or an hm2AgentSwitchIpVlanIfIndex.
Note that for physical interfaces this only works if the corresponding
hm2AgentSwitchIpInterfaceRoutingMode is set to enable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InterfaceIndex |
|
|
hm2DnatIfmRowStatus |
1.3.6.1.4.1.248.11.80.1.2.1.2.2.1.5 |
The RowStatus value for this entry with the usual meanings:
- active(1): The interface mapping is in place
- notInService(2): The interface mapping is not in place because the
user said so
- notReady(3): The interface mapping is not in place because the
agent said so
- createAndGo(4): Create this mapping with the default priority and
activate it.
- createAndWait(5): Create this mapping deactivated.
- destroy(6): Destroy this interface mapping. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2DnatStatsTotalPck |
1.3.6.1.4.1.248.11.80.1.2.2.1.1 |
Total number of packets processed by the DNAT firewall. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2DnatStatsTotalPckSize |
1.3.6.1.4.1.248.11.80.1.2.2.1.2 |
Total number of bytes processed by the DNAT firewall. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2DnatStatsRuleTableEntry |
1.3.6.1.4.1.248.11.80.1.2.2.2.1.1 |
Statistics table entry for DNAT. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DnatStatsRuleTableEntry |
|
|
hm21to1RuleAppliedTrap |
1.3.6.1.4.1.248.11.80.0.5 |
A rule of 1:1 NAT was applied. The rule is
identified by the given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm21to1RuleAppliedAndLoggedTrap |
1.3.6.1.4.1.248.11.80.0.6 |
A rule of 1:1 NAT was applied and logged according
the current logging mechanism. The rule is identified by the
given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm21to1 |
1.3.6.1.4.1.248.11.80.1.4 |
OBJECT IDENTIFIER |
|
|
|
hm21to1RuleCount |
1.3.6.1.4.1.248.11.80.1.4.1.1 |
Number of current 1:1 NAT rules. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm21to1RulePendingActions |
1.3.6.1.4.1.248.11.80.1.4.1.3 |
This value describes, whether the 1:1 NAT rule table was
modified but not yet written to the firewall implementation
(set to true). After writing all modifications to the firewall,
the value switches automatically back to false. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm21to1CommitPendingActions |
1.3.6.1.4.1.248.11.80.1.4.1.4 |
Setting this value to action(2) writes not yet committed changes
to the firewall (1:1 NAT and Interface Mapping Table). After
writing all modifications, the value switches automatically
back to noop(1). |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmActionValue |
|
|
hm21to1Alg |
1.0.1.3.6.1.4.1.248.11.80.1.4.1.5 |
Global bitmask for application level gateway of all the 1:1 NAT rules. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
BITS |
ftp(0), icmp(1) |
|
hm21to1RuleTable |
1.3.6.1.4.1.248.11.80.1.4.2.1 |
The list of 1:1 NAT rules for this firewall. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
Hm21to1RuleEntry |
|
hm21to1RuleEntry |
1.3.6.1.4.1.248.11.80.1.4.2.1.1 |
1:1 NAT rule entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm21to1RuleEntry |
|
|
hm21to1RuleIndex |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.1 |
Rule index of this 1:1 NAT rule. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..256 |
|
hm21to1TargetAddress |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.2 |
Destination address of packets to be NATed. Can be:
- Single address (a.b.c.d),
- address range in CIDR notation (a.b.c.d/n)
- the name of a Netobject ()
- 'any' for no filtering at all |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm21to1NewTargetAddress |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.3 |
New Destination address of packets to be NATed. Can be:
- Single address (a.b.c.d),
- address range in CIDR notation (a.b.c.d/n)
- the name of a Netobject ()
- 'any' for no filtering at all |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm21to1RuleParams |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.4 |
Additional parameters to this rule as string.
Currently only the value 'none' is valid.
Reserved for future use. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
hm21to1Log |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.5 |
Set to true if application of this rule shall be logged. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm21to1Trap |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.6 |
Set to true if application of this rule shall send a trap. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm21to1RowStatus |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.7 |
This is a standard row status value:
- active(1): The rule is active. Note that until committed, the rule
will not be applied.
- notInService(2): The rule is inactive because of user action.
- notReady(3):The rule is inactive because it has an incomplete
configuration.
- createAndGo(4): Create the rule with default parameters
activated.
- createAndWait(5): Create the rule inactive.
- destroy(6): Delete the rule. You cannot delete a rule with
interface mappings to it. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm21to1Description |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.8 |
User defined textual description related to this rule. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..32) |
|
hm21to1IngressIntf |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.9 |
The index of the interface on which packets going to the target address
will arrive. This has to be either an hm2AgentSwitchIpInterfaceIfIndex
or an hm2AgentSwitchIpVlanIfIndex. Note that for physical interfaces
this only works if the corresponding
hm2AgentSwitchIpInterfaceRoutingMode is set to enable. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
InterfaceIndexOrZero |
|
|
hm21to1EgressIntf |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.10 |
The index of the interface from which the new target address can be
reached. This has to be either an hm2AgentSwitchIpInterfaceIfIndex
or an hm2AgentSwitchIpVlanIfIndex. Note that for physical interfaces
this only works if the corresponding
hm2AgentSwitchIpInterfaceRoutingMode is set to enable. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
InterfaceIndexOrZero |
|
|
hm21to1Priority |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.11 |
The priority is the sorting key for rules in the chain to this
interface. They don't need to be unique per interface, but in that case,
no clear order can be assumed.
Priorities are processed in ascending order (0 highest priority). |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm21to1StorageType |
1.3.6.1.4.1.248.11.80.1.4.2.1.1.12 |
The storage type for this row. Rows having the value
'volatile' are not saved. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
StorageType |
|
|
hm21to1StatsTotalPck |
1.3.6.1.4.1.248.11.80.1.4.3.1.1 |
Total number of packets processed by 1:1 NAT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm21to1StatsRuleTableEntry |
1.3.6.1.4.1.248.11.80.1.4.3.2.1.1 |
Statistics table entry for 1:1 NAT. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2OtoStatsRuleTableEntry |
|
|
hm21to1StatsPckCount |
1.3.6.1.4.1.248.11.80.1.4.3.2.1.1.1 |
Number of packets matched by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm21to1StatsPckSize |
1.3.6.1.4.1.248.11.80.1.4.3.2.1.1.2 |
Number of bytes processed by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2MasqRuleAppliedTrap |
1.3.6.1.4.1.248.11.80.0.7 |
A rule of masquerading was applied. The rule is
identified by the given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm2MasqRuleAppliedAndLoggedTrap |
1.3.6.1.4.1.248.11.80.0.8 |
A rule of masquerading was applied and logged according
the current logging mechanism. The rule is identified by the
given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm2MasqRuleCount |
1.3.6.1.4.1.248.11.80.1.5.1.1 |
Number of current masquerading rules. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
hm2MasqRulePendingActions |
1.3.6.1.4.1.248.11.80.1.5.1.3 |
This value describes, whether the masquerading rule table was
modified but not yet written to the firewall implementation
(set to true). After writing all modifications to the firewall,
the value switches automatically back to false. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2MasqCommitPendingActions |
1.3.6.1.4.1.248.11.80.1.5.1.4 |
Setting this value to action(2) writes not yet committed changes
to the firewall (DNAT and Interface Mapping Table). After
writing all modifications, the value switches automatically
back to noop(1). |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmActionValue |
|
|
hm2MasqRuleTable |
1.3.6.1.4.1.248.11.80.1.5.2.1 |
The list of masquerading rules for this firewall. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
Hm2MasqRuleEntry |
|
hm2MasqRuleEntry |
1.3.6.1.4.1.248.11.80.1.5.2.1.1 |
Masquerading rule entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2MasqRuleEntry |
|
|
hm2MasqRuleIndex |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.1 |
Rule index of this masquerading rule. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..128 |
|
hm2MasqSourceAddress |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.2 |
The source address of the packets to reroute. Allowed formats are:
- keyword 'any'
- IP address ('10.0.0.1')
- IP address range ('10.0.0.0/8')
- a prepending '!' selects the complement set
|
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2MasqSourcePort |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.3 |
The source port of the packet to reroute. Allowed formats are:
- keyword 'any'
- single ('10')
- range with first and last separated by hyphen
('10-15')
- comma separated list of s ('1235,25,123')
- combination of the points above ('10,25-30,125,1993')
The number of named ports (1 for each individual port, 2 for port
ranges) must not exceed 15. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..50) |
|
hm2MasqProto |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.4 |
The IP protocol (RFC 791) for protocol-independent
filtering. The following values are currently
supported:
o tcp(4): transmission control protocol (RFC 793)
o udp(5): user datagram protocol (RFC 768)
o any(9): apply to all protocols |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
tcp(4), udp(5), any(9) |
|
hm2MasqRuleParams |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.5 |
Additional parameters to this rule as string.
Currently only the value 'none' is valid.
Reserved for future use. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
hm2MasqLog |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.6 |
Set to true if application of this rule shall be logged. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2MasqTrap |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.7 |
Set to true if application of this rule shall send a trap. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2MasqRowStatus |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.8 |
This is a standard row status value:
- active(1): The rule is active. Note that until committed, the rule
will not be applied.
- notInService(2): The rule is inactive because of user action.
- notReady(3):The rule is inactive because it has an incomplete
configuration.
- createAndGo(4): Create the rule with default parameters
activated.
- createAndWait(5): Create the rule inactive.
- destroy(6): Delete the rule. You cannot delete a rule with
interface mappings to it. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2MasqDescription |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.9 |
User defined textual description related to this rule. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..32) |
|
hm2MasqIpsecExempt |
1.3.6.1.4.1.248.11.80.1.5.2.1.1.10 |
Set to true if application of this rule should ignore IPsec traffic. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2MasqRuleIfMappingEntry |
1.3.6.1.4.1.248.11.80.1.5.2.2.1 |
Entry in rule interface mapping table. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2MasqRuleIfMappingEntry |
|
|
hm2MasqIfmRuleIndex |
1.3.6.1.4.1.248.11.80.1.5.2.2.1.1 |
The index of the 1:1 NAT rule this mapping entry is assigned
to. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..2048 |
|
hm2MasqIfmDirection |
1.3.6.1.4.1.248.11.80.1.5.2.2.1.2 |
For masquerading, this can only be set to egress which is the interface
packets will be masqueraded to. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
ingress(1), egress(2), both(3) |
|
hm2MasqIfmPriority |
1.3.6.1.4.1.248.11.80.1.5.2.2.1.3 |
The priority is the sorting key for rules in the chain to this
interface. They don't need to be unique per interface, but in that case,
no clear order can be assumed.
Priorities are processed in ascending order (0 highest priority). |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm2MasqIfmInterface |
1.3.6.1.4.1.248.11.80.1.5.2.2.1.4 |
The interface this mapping entry is assigned to. This has to be either
an hm2AgentSwitchIpInterfaceIfIndex or an hm2AgentSwitchIpVlanIfIndex.
Note that for physical interfaces this only works if the corresponding
hm2AgentSwitchIpInterfaceRoutingMode is set to enable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InterfaceIndex |
|
|
hm2MasqIfmRowStatus |
1.3.6.1.4.1.248.11.80.1.5.2.2.1.5 |
The RowStatus value for this entry with the usual meanings:
- active(1): The interface mapping is in place
- notInService(2): The interface mapping is not in place because the
user said so
- notReady(3): The interface mapping is not in place because the
agent said so
- createAndGo(4): Create this mapping with the default priority and
activate it.
- createAndWait(5): Create this mapping deactivated.
- destroy(6): Destroy this interface mapping. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2MasqStatsTotalPck |
1.3.6.1.4.1.248.11.80.1.5.3.1.1 |
Total number of packets processed by Masquerading |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2MasqStatsRuleTableEntry |
1.3.6.1.4.1.248.11.80.1.5.3.2.1.1 |
Statistics table entry for masquerading. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2MasqStatsRuleTableEntry |
|
|
hm2MasqStatsPckCount |
1.3.6.1.4.1.248.11.80.1.5.3.2.1.1.1 |
Number of packets matched by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2MasqStatsPckSize |
1.3.6.1.4.1.248.11.80.1.5.3.2.1.1.2 |
Number of bytes processed by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2DonatRuleAppliedTrap |
1.3.6.1.4.1.248.11.80.0.9 |
A rule of double NAT was applied. The rule is
identified by the given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm2DonatRuleAppliedAndLoggedTrap |
1.3.6.1.4.1.248.11.80.0.10 |
A rule of double NAT was applied and logged according
the current logging mechanism. The rule is identified by the
given rule index of the rule table. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
hm2DoubleNatRulePendingActions |
1.3.6.1.4.1.248.11.80.1.6.1.3 |
This value describes, whether the double NAT rule table was
modified but not yet written to the firewall implementation
(set to true). After writing all modifications to the firewall,
the value switches automatically back to false. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DoubleNatCommitPendingActions |
1.3.6.1.4.1.248.11.80.1.6.1.4 |
Setting this value to action(2) writes not yet committed changes
to the firewall (double NAT and interface mapping table). After
writing all modifications, the value switches automatically
back to noop(1). |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmActionValue |
|
|
hm2DoubleNatRuleEntry |
1.3.6.1.4.1.248.11.80.1.6.2.1.1 |
Entry within double NAT rule table. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DoubleNatRuleEntry |
|
|
hm2DonatRuleIndex |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.1 |
Index of the rule within table. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..255 |
|
hm2DonatLocalInternalIp |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.2 |
The real IP address of the first net/machine you want to double NAT.
Allowed formats are:
- keyword 'any'
- IP address ('10.0.0.1')
- IP address range ('10.0.0.0/8') |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DonatLocalExternalIp |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.3 |
The IP address where you want the first net/machine to be reachable
from the second net/machine.
Allowed formats are:
- keyword 'any'
- IP address ('10.0.0.1')
- IP address range ('10.0.0.0/8') |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DonatRemoteInternalIp |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.4 |
The real IP address of the second net/machine you want to double NAT.
Allowed formats are:
- keyword 'any'
- IP address ('10.0.0.1')
- IP address range ('10.0.0.0/8') |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DonatRemoteExternalIp |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.5 |
The IP address where you want the second net/machine to be reachable
from the first net/machine.
Allowed formats are:
- keyword 'any'
- IP address ('10.0.0.1')
- IP address range ('10.0.0.0/8') |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..20) |
|
hm2DonatRuleParams |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.6 |
Additional parameters to this rule as string.
Currently only the value 'none' is valid.
Reserved for future use. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
hm2DonatLog |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.7 |
Set to true if application of this rule shall be logged. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DonatTrap |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.8 |
Set to true if application of this rule shall send a trap. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
hm2DonatRowStatus |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.9 |
This is a standard row status value:
- active(1): The rule is active. Note that until committed, the rule
will not be applied.
- notInService(2): The rule is inactive because of user action.
- notReady(3):The rule is inactive because it has an incomplete
configuration.
- createAndGo(4): Create the rule with default parameters
activated.
- createAndWait(5): Create the rule inactive.
- destroy(6): Delete the rule. You cannot delete a rule with
interface mappings to it. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2DonatDescription |
1.3.6.1.4.1.248.11.80.1.6.2.1.1.10 |
User defined textual description related to this rule. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..32) |
|
hm2DonatRuleIfMappingEntry |
1.3.6.1.4.1.248.11.80.1.6.2.2.1 |
Entry in rule interface mapping table. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DonatRuleIfMappingEntry |
|
|
hm2DonatIfmRuleIndex |
1.3.6.1.4.1.248.11.80.1.6.2.2.1.1 |
The index of the double NAT rule this mapping entry is assigned
to. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Integer32 |
1..2048 |
|
hm2DonatIfmDirection |
1.3.6.1.4.1.248.11.80.1.6.2.2.1.2 |
Meanings:
- ingress(1): The first net/machine can be reached through this
interface
- egress(2): The second net/machine can be reached through this
interface
- both(3): Both machines/nets can be reached through this interface |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
ingress(1), egress(2), both(3) |
|
hm2DonatIfmPriority |
1.3.6.1.4.1.248.11.80.1.6.2.2.1.3 |
The priority is the sorting key for rules in the chain to this
interface. They don't need to be unique per interface, but in that case,
no clear order can be assumed.
Priorities are processed in ascending order (0 highest priority). |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm2DonatIfmInterface |
1.3.6.1.4.1.248.11.80.1.6.2.2.1.4 |
The interface this mapping entry is assigned to. This has to be either
an hm2AgentSwitchIpInterfaceIfIndex or an hm2AgentSwitchIpVlanIfIndex.
Note that for physical interfaces this only works if the corresponding
hm2AgentSwitchIpInterfaceRoutingMode is set to enable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InterfaceIndex |
|
|
hm2DonatIfmRowStatus |
1.3.6.1.4.1.248.11.80.1.6.2.2.1.5 |
The RowStatus value for this entry with the usual meanings:
- active(1): The interface mapping is in place
- notInService(2): The interface mapping is not in place because the
user said so
- notReady(3): The interface mapping is not in place because the
agent said so
- createAndGo(4): Create this mapping with the default priority and
activate it.
- createAndWait(5): Create this mapping deactivated.
- destroy(6): Destroy this interface mapping. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
hm2DonatStatsTotalPck |
1.3.6.1.4.1.248.11.80.1.6.3.1.1 |
Total number of packets processed by double NAT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2DonatStatsRuleTableEntry |
1.3.6.1.4.1.248.11.80.1.6.3.2.1.1 |
Statistics table entry for double NAT. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DonatStatsRuleTableEntry |
|
|
hm2DonatStatsPckCount |
1.3.6.1.4.1.248.11.80.1.6.3.2.1.1.1 |
Number of packets matched by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2DonatStatsPckSize |
1.3.6.1.4.1.248.11.80.1.6.3.2.1.1.2 |
Number of bytes processed by this rule. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
hm2NatCompliance |
1.3.6.1.4.1.248.11.80.2.1.1 |
The compliance statement for an SNMP entity which
implements the Hirschmann NAT MIB. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
hm2NatGeneralGroup |
1.3.6.1.4.1.248.11.80.2.2.1 |
A collection of all Hirschmann objects provided by the Firewall
module. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
hm2NatNotificationsGroup |
1.3.6.1.4.1.248.11.80.2.2.2 |
A collection of all Hirschmann notifications provided by the
NAT module. |
Status: current |
Access: read-only |
NOTIFICATION-GROUP |
|
|
|