IP-ACCESS-LIST-MIB

File: IP-ACCESS-LIST-MIB.mib (12902 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC Cajun-ROOT

Imported symbols

MODULE-IDENTITY OBJECT-TYPE IpAddress
RowStatus TruthValue cjnMgmt

Defined Types

IpACListCtlEntry  
SEQUENCE    
  ipACListCtlName OCTET STRING
  ipACListCtlType INTEGER
  ipACListCtlStatus RowStatus

IpACRuleEntry  
SEQUENCE    
  ipACRuleName OCTET STRING
  ipACRuleSubIndex INTEGER
  ipACRuleOwner INTEGER
  ipACRuleSrcAddr IpAddress
  ipACRuleSrcAddrWild IpAddress
  ipACRuleSrcMask IpAddress
  ipACRuleSrcMaskWild IpAddress
  ipACRuleDstAddr IpAddress
  ipACRuleDstAddrWild IpAddress
  ipACRuleDstMask IpAddress
  ipACRuleDstMaskWild IpAddress
  ipACRuleOperation INTEGER
  ipACRuleProtocol INTEGER
  ipACRuleL4SrcPortMin INTEGER
  ipACRuleL4SrcPortMax INTEGER
  ipACRuleL4DestPortMin INTEGER
  ipACRuleL4DestPortMax INTEGER
  ipACRuleStatus RowStatus
  ipACRuleEstablished TruthValue
  ipACRuleLog TruthValue

Defined Values

cjnIpAListMgmt 1.3.6.1.4.1.1751.2.43.3.5
The IP Access List Table for the Cajun Router.
MODULE-IDENTITY    

ipACListCtlTable 1.3.6.1.4.1.1751.2.43.3.5.1
This table is used to add/delete access list. This table maintain a list of access lists in the system. Each access list is made up of a group of access rule. The access rules are stored in the ipACRuleTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpACListCtlEntry

ipACListCtlEntry 1.3.6.1.4.1.1751.2.43.3.5.1.1
The information concerning one of the IP access list.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpACListCtlEntry  

ipACListCtlName 1.3.6.1.4.1.1751.2.43.3.5.1.1.1
Entry Name. Access List Name. If this instance is a string that represent a number, the following rules applies: 1 to 99 - ipACListCtlType must set to standard 101 to 199 - ipACListCtlType must set to extended others - cannot be created If this instance is a string that does not represent a number, the ipACListCtlType must be set before ipACListCtlStatus becomes active.
Status: current Access: read-write
OBJECT-TYPE    
  OCTET STRING Size(1..25)  

ipACListCtlType 1.3.6.1.4.1.1751.2.43.3.5.1.1.2
Type of Access List: unset (0) standard (1) extended (2) This instance cannot be changed once ipACListCtlStatus becomes active. The value of this instance must compile with the rule listed in the ipACListCtlName instance.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..2  

ipACListCtlStatus 1.3.6.1.4.1.1751.2.43.3.5.1.1.3
For creation/deletion of IP access control statement. active (1) -- is set when both ipACListCtlName and ipACListCtlType is set. notInService (2) -- is set when ipACListCtlName or ipACListCtlType is not set. notReady (3) createAndGo (4) -- is set on creating new access list. createAndWait (5) destroy (6) -- is set on destroying an existed access list. The management should inspect the ipACRuleTable and delete all the related entries. An entry in the ipACRuleTable is related to this entry if ipACListCtlName equals ipACRuleName.
Status: current Access: read-write
OBJECT-TYPE    
  RowStatus  

ipACRuleTable 1.3.6.1.4.1.1751.2.43.3.5.2
This table is used to add/delete individual access rule statement in an access list.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpACRuleEntry

ipACRuleEntry 1.3.6.1.4.1.1751.2.43.3.5.2.1
The ipAccessRuleEntry control all the conditional fields and its parameters for an access rule.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpACRuleEntry  

ipACRuleName 1.3.6.1.4.1.1751.2.43.3.5.2.1.1
Entry Name. Access List Name. This object identifies which access list this access rule belongs to. This object shall identify the instance of the ipACListCtlEntry object.
Status: current Access: read-write
OBJECT-TYPE    
  OCTET STRING Size(1..25)  

ipACRuleSubIndex 1.3.6.1.4.1.1751.2.43.3.5.2.1.2
Entry sub index. Each access list entry may has multiple rules. This sub index identified each rule.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 1..128  

ipACRuleOwner 1.3.6.1.4.1.1751.2.43.3.5.2.1.3
The string identifies the media which was used to create/modify this access rule. Local indicates creation via web, cli or snmp. external indicates an external client (ie. CajunRules)
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER local(1), external(2)  

ipACRuleSrcAddr 1.3.6.1.4.1.1751.2.43.3.5.2.1.4
The IP address of the source address. A value of 0 in ipACListSrcMask indicates this is a DON'T CARE field.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleSrcAddrWild 1.3.6.1.4.1.1751.2.43.3.5.2.1.5
This field specifies the wildcard of the source IP address.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleSrcMask 1.3.6.1.4.1.1751.2.43.3.5.2.1.6
The instance is not writable if the corresponding ipACListCtlType is standard. The MASK address of the source address. A value of 0 indicates this field and ipACListSrcAddr are DON'T CARE
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleSrcMaskWild 1.3.6.1.4.1.1751.2.43.3.5.2.1.7
The instance is not writable if the corresponding ipACListCtlType is standard. This field specifies the wildcard of the source IP mask.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleDstAddr 1.3.6.1.4.1.1751.2.43.3.5.2.1.8
The instance is not writable if the corresponding ipACListCtlType is standard. The IP address of the destination address. A value of 0 in ipAccessListDstMask indicates this is a DON'T CARE field.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleDstAddrWild 1.3.6.1.4.1.1751.2.43.3.5.2.1.9
The instance is not writable if the corresponding ipACListCtlType is standard. This field specifies the wildcard of the destination IP address.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleDstMask 1.3.6.1.4.1.1751.2.43.3.5.2.1.10
The instance is not writable if the corresponding ipACListCtlType is standard. The MASK address of the destination address. A value of 0 indicates this field and ipACListDstAddr are DON'T CARE
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleDstMaskWild 1.3.6.1.4.1.1751.2.43.3.5.2.1.11
The instance is not writable if the corresponding ipACListCtlType is standard. This field specifies the wildcard of the destination IP mask.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

ipACRuleOperation 1.3.6.1.4.1.1751.2.43.3.5.2.1.12
How to operate the IP ACCESS CONTROL statement, on the receiving packet.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER filter(1), forwardPriority1(2), forwardPriority2(3), forwardPriority3(4), forwardPriority4(5), forwardPriority5(6), forwardPriority6(7), forwardPriority7(8), forwardPriority8(9), forwardNoChange(10)  

ipACRuleProtocol 1.3.6.1.4.1.1751.2.43.3.5.2.1.13
The instance is not writable if the corresponding ipACListCtlType is standard. Over which protocol does the IP ACCESS CONTROL statement activate. A value of 65536 is don't care. A value of 65537 means both TCP and UDP. Note: Cajun P550 does not allow ipACListProtocol equal to TCP or UDP because of hardware limitation. This limitation will be lift in the future.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65537  

ipACRuleL4SrcPortMin 1.3.6.1.4.1.1751.2.43.3.5.2.1.14
The instance is not writable if the corresponding ipACListCtlType is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536), this field and ipACListL4SrcPortMax specifies a range of source ports. This field specifies the lower bound of the port range for the access rule. A value of 65536 is don't care. This field has no meaning if ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536), and it should be 65536.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65536  

ipACRuleL4SrcPortMax 1.3.6.1.4.1.1751.2.43.3.5.2.1.15
The instance is not writable if the corresponding ipACListCtlType is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536), this field and ipACListL4SrcPortMin specifies a range of source ports. This field specifies the upper bound of the port range for the access rule. A value of 65536 is don't care. This field has no meaning if ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536), and it should be 65536.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65536  

ipACRuleL4DestPortMin 1.3.6.1.4.1.1751.2.43.3.5.2.1.16
The instance is not writable if the corresponding ipACListCtlType is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536), this field and ipACListL4DestPortMax specifies a range of destination ports. This field specifies the lower bound of the port range for the access rule. A value of 65536 is don't care. This field has no meaning if ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536), and it should be 65536.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65536  

ipACRuleL4DestPortMax 1.3.6.1.4.1.1751.2.43.3.5.2.1.17
The instance is not writable if the corresponding ipACListCtlType is standard. If ipACRuleProtocol is TCP(6), UDP(17), or TCP & UDP(65536), this field and ipACListL4DestPortMin specifies a range of destination ports. This field specifies the upper bound of the port range for the access rule. A value of 65536 is don't care. This field has no meaning if ipACRuleProtocol is not TCP(6), UDP(17), or TCP & UDP(65536), and it should be 65536.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 0..65536  

ipACRuleStatus 1.3.6.1.4.1.1751.2.43.3.5.2.1.18
For create/delete of a IP access rule statement. active (1) notInService (2) notReady (3) createAndGo (4) createAndWait (5) destroy (6) createAndWait and createAndGo is set on creating new access list. destory is set on destroying access rule. active is set when all the required instance is set in the entry.
Status: current Access: read-write
OBJECT-TYPE    
  RowStatus  

ipACRuleEstablished 1.3.6.1.4.1.1751.2.43.3.5.2.1.19
This field indicates an established TCP connection.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ipACRuleLog 1.3.6.1.4.1.1751.2.43.3.5.2.1.20
This field indicates whether the access-list should log information.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

cjnIpForwardCtlMgt 1.3.6.1.4.1.1751.2.43.3.6
OBJECT IDENTIFIER    

ipForwardCtlEnabled 1.3.6.1.4.1.1751.2.43.3.6.1
The object control the enable or disable the forwarding control mechanism in the system.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

ipForwardCtlACName 1.3.6.1.4.1.1751.2.43.3.6.2
This object identifies which access list to use for IP forward control. This object shall identify the instance of the ipACListCtlEntry object.
Status: current Access: read-write
OBJECT-TYPE    
  OCTET STRING Size(1..25)