IP-ACCESS-LIST-MIB
File:
IP-ACCESS-LIST-MIB.mib (12902 bytes)
Imported modules
Imported symbols
Defined Types
IpACListCtlEntry |
|
SEQUENCE |
|
|
|
|
ipACListCtlName |
OCTET STRING |
|
|
ipACListCtlType |
INTEGER |
|
|
ipACListCtlStatus |
RowStatus |
|
IpACRuleEntry |
|
SEQUENCE |
|
|
|
|
ipACRuleName |
OCTET STRING |
|
|
ipACRuleSubIndex |
INTEGER |
|
|
ipACRuleOwner |
INTEGER |
|
|
ipACRuleSrcAddr |
IpAddress |
|
|
ipACRuleSrcAddrWild |
IpAddress |
|
|
ipACRuleSrcMask |
IpAddress |
|
|
ipACRuleSrcMaskWild |
IpAddress |
|
|
ipACRuleDstAddr |
IpAddress |
|
|
ipACRuleDstAddrWild |
IpAddress |
|
|
ipACRuleDstMask |
IpAddress |
|
|
ipACRuleDstMaskWild |
IpAddress |
|
|
ipACRuleOperation |
INTEGER |
|
|
ipACRuleProtocol |
INTEGER |
|
|
ipACRuleL4SrcPortMin |
INTEGER |
|
|
ipACRuleL4SrcPortMax |
INTEGER |
|
|
ipACRuleL4DestPortMin |
INTEGER |
|
|
ipACRuleL4DestPortMax |
INTEGER |
|
|
ipACRuleStatus |
RowStatus |
|
|
ipACRuleEstablished |
TruthValue |
|
|
ipACRuleLog |
TruthValue |
|
Defined Values
cjnIpAListMgmt |
1.3.6.1.4.1.1751.2.43.3.5 |
The IP Access List Table for the Cajun Router. |
MODULE-IDENTITY |
|
|
|
ipACListCtlTable |
1.3.6.1.4.1.1751.2.43.3.5.1 |
This table is used to add/delete access list.
This table maintain a list of access lists in the
system. Each access list is made up of a group of access
rule. The access rules are stored in the ipACRuleTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
IpACListCtlEntry |
|
ipACListCtlEntry |
1.3.6.1.4.1.1751.2.43.3.5.1.1 |
The information concerning one of the IP access list. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpACListCtlEntry |
|
|
ipACListCtlName |
1.3.6.1.4.1.1751.2.43.3.5.1.1.1 |
Entry Name. Access List Name.
If this instance is a string that represent a number,
the following rules applies:
1 to 99 - ipACListCtlType must set to standard
101 to 199 - ipACListCtlType must set to extended
others - cannot be created
If this instance is a string that does not represent a number,
the ipACListCtlType must be set before ipACListCtlStatus becomes
active. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(1..25) |
|
ipACListCtlType |
1.3.6.1.4.1.1751.2.43.3.5.1.1.2 |
Type of Access List:
unset (0)
standard (1)
extended (2)
This instance cannot be changed once ipACListCtlStatus becomes
active. The value of this instance must compile with the rule
listed in the ipACListCtlName instance. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..2 |
|
ipACListCtlStatus |
1.3.6.1.4.1.1751.2.43.3.5.1.1.3 |
For creation/deletion of IP access control statement.
active (1) -- is set when both ipACListCtlName and ipACListCtlType is set.
notInService (2) -- is set when ipACListCtlName or ipACListCtlType is not set.
notReady (3)
createAndGo (4) -- is set on creating new access list.
createAndWait (5)
destroy (6) -- is set on destroying an existed access list.
The management should inspect the ipACRuleTable and delete all the related entries.
An entry in the ipACRuleTable is related to this entry if ipACListCtlName equals ipACRuleName. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ipACRuleTable |
1.3.6.1.4.1.1751.2.43.3.5.2 |
This table is used to add/delete individual access rule statement
in an access list. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
IpACRuleEntry |
|
ipACRuleEntry |
1.3.6.1.4.1.1751.2.43.3.5.2.1 |
The ipAccessRuleEntry control all the conditional fields and its
parameters for an access rule. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpACRuleEntry |
|
|
ipACRuleName |
1.3.6.1.4.1.1751.2.43.3.5.2.1.1 |
Entry Name. Access List Name. This object identifies which access list this
access rule belongs to. This object shall identify the instance
of the ipACListCtlEntry object. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(1..25) |
|
ipACRuleSubIndex |
1.3.6.1.4.1.1751.2.43.3.5.2.1.2 |
Entry sub index. Each access list entry may has multiple rules.
This sub index identified each rule. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..128 |
|
ipACRuleOwner |
1.3.6.1.4.1.1751.2.43.3.5.2.1.3 |
The string identifies the media which was used to create/modify
this access rule. Local indicates creation via web, cli or snmp.
external indicates an external client (ie. CajunRules) |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
local(1), external(2) |
|
ipACRuleSrcAddr |
1.3.6.1.4.1.1751.2.43.3.5.2.1.4 |
The IP address of the source address. A value of 0 in
ipACListSrcMask indicates this is a DON'T CARE field. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleSrcAddrWild |
1.3.6.1.4.1.1751.2.43.3.5.2.1.5 |
This field specifies the wildcard of the source IP address. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleSrcMask |
1.3.6.1.4.1.1751.2.43.3.5.2.1.6 |
The instance is not writable if the corresponding ipACListCtlType
is standard. The MASK address of the source address. A value of
0 indicates this field and ipACListSrcAddr are DON'T CARE |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleSrcMaskWild |
1.3.6.1.4.1.1751.2.43.3.5.2.1.7 |
The instance is not writable if the corresponding ipACListCtlType
is standard. This field specifies the wildcard of the source IP mask. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleDstAddr |
1.3.6.1.4.1.1751.2.43.3.5.2.1.8 |
The instance is not writable if the corresponding ipACListCtlType
is standard. The IP address of the destination address. A value of 0 in
ipAccessListDstMask indicates this is a DON'T CARE field. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleDstAddrWild |
1.3.6.1.4.1.1751.2.43.3.5.2.1.9 |
The instance is not writable if the corresponding ipACListCtlType
is standard. This field specifies the wildcard of the destination IP address. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleDstMask |
1.3.6.1.4.1.1751.2.43.3.5.2.1.10 |
The instance is not writable if the corresponding ipACListCtlType
is standard. The MASK address of the destination address. A value of 0 indicates
this field and ipACListDstAddr are DON'T CARE |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleDstMaskWild |
1.3.6.1.4.1.1751.2.43.3.5.2.1.11 |
The instance is not writable if the corresponding ipACListCtlType
is standard. This field specifies the wildcard of the destination IP mask. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ipACRuleOperation |
1.3.6.1.4.1.1751.2.43.3.5.2.1.12 |
How to operate the IP ACCESS CONTROL statement,
on the receiving packet. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
filter(1), forwardPriority1(2), forwardPriority2(3), forwardPriority3(4), forwardPriority4(5), forwardPriority5(6), forwardPriority6(7), forwardPriority7(8), forwardPriority8(9), forwardNoChange(10) |
|
ipACRuleProtocol |
1.3.6.1.4.1.1751.2.43.3.5.2.1.13 |
The instance is not writable if the corresponding ipACListCtlType
is standard. Over which protocol does the IP ACCESS CONTROL statement activate.
A value of 65536 is don't care. A value of 65537 means both TCP and UDP.
Note: Cajun P550 does not allow ipACListProtocol equal to TCP or UDP
because of hardware limitation. This limitation will be lift in the future. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65537 |
|
ipACRuleL4SrcPortMin |
1.3.6.1.4.1.1751.2.43.3.5.2.1.14 |
The instance is not writable if the corresponding ipACListCtlType
is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536),
this field and ipACListL4SrcPortMax specifies a range of source ports.
This field specifies the lower bound of the port range for the access
rule. A value of 65536 is don't care. This field has no meaning if
ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536),
and it should be 65536. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65536 |
|
ipACRuleL4SrcPortMax |
1.3.6.1.4.1.1751.2.43.3.5.2.1.15 |
The instance is not writable if the corresponding ipACListCtlType
is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536),
this field and ipACListL4SrcPortMin specifies a range of source ports.
This field specifies the upper bound of the port range for the access
rule. A value of 65536 is don't care. This field has no meaning if
ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536),
and it should be 65536. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65536 |
|
ipACRuleL4DestPortMin |
1.3.6.1.4.1.1751.2.43.3.5.2.1.16 |
The instance is not writable if the corresponding ipACListCtlType
is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536),
this field and ipACListL4DestPortMax specifies a range of destination ports.
This field specifies the lower bound of the port range for the access
rule. A value of 65536 is don't care. This field has no meaning if
ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536),
and it should be 65536. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65536 |
|
ipACRuleL4DestPortMax |
1.3.6.1.4.1.1751.2.43.3.5.2.1.17 |
The instance is not writable if the corresponding ipACListCtlType
is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536),
this field and ipACListL4DestPortMin specifies a range of destination ports.
This field specifies the upper bound of the port range for the access
rule. A value of 65536 is don't care. This field has no meaning if
ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536),
and it should be 65536. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65536 |
|
ipACRuleStatus |
1.3.6.1.4.1.1751.2.43.3.5.2.1.18 |
For create/delete of a IP access rule statement.
active (1)
notInService (2)
notReady (3)
createAndGo (4)
createAndWait (5)
destroy (6)
createAndWait and createAndGo is set on creating new access list.
destory is set on destroying access rule.
active is set when all the required instance is set in the entry. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ipACRuleEstablished |
1.3.6.1.4.1.1751.2.43.3.5.2.1.19 |
This field indicates an established TCP connection. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ipACRuleLog |
1.3.6.1.4.1.1751.2.43.3.5.2.1.20 |
This field indicates whether the access-list should log information. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ipForwardCtlEnabled |
1.3.6.1.4.1.1751.2.43.3.6.1 |
The object control the enable or disable the forwarding control
mechanism in the system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
ipForwardCtlACName |
1.3.6.1.4.1.1751.2.43.3.6.2 |
This object identifies which access list to use for IP forward
control. This object shall identify the instance of the
ipACListCtlEntry object. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(1..25) |
|