IPF-MIB
File:
IPF-MIB.mib (11362 bytes)
Imported modules
Imported symbols
Defined Types
IpfParseEntryType |
|
SEQUENCE |
|
|
|
|
ipfParseEntryStatus |
INTEGER |
|
|
ipfParseEntryNumber |
INTEGER |
|
|
ipfParseEntryText |
DisplayString |
|
|
ipfParseEntryError |
DisplayString |
|
IpfCurrRuleType |
|
SEQUENCE |
|
|
|
|
ipfCurrRuleStatus |
INTEGER |
|
|
ipfCurrRuleNumber |
INTEGER |
|
|
ipfCurrRuleText |
DisplayString |
|
|
ipfCurrRuleFlags |
INTEGER |
|
|
ipfCurrRuleHits |
INTEGER |
|
|
ipfCurrRuleBytes |
INTEGER |
|
NatCurrRuleType |
|
SEQUENCE |
|
|
|
|
natCurrRuleStatus |
INTEGER |
|
|
natCurrRuleNumber |
INTEGER |
|
|
natCurrRuleText |
DisplayString |
|
|
natCurrRuleHits |
INTEGER |
|
|
natCurrRulePend |
INTEGER |
|
Defined Values
sbe |
1.3.6.1.4.1.1055 |
OBJECT IDENTIFIER |
|
|
|
ipf |
1.3.6.1.4.1.1055.5 |
OBJECT IDENTIFIER |
|
|
|
ipfMIBVersion |
1.3.6.1.4.1.1055.5.1 |
Version number of the IPF MIB. This number will be
bumped up whenever there is a change in this MIB.
Backward compatibility is a must.
The current value = 1 |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfVersion |
1.3.6.1.4.1.1055.5.2 |
Version number of the IPF. This number will be
bumped up whenever there is a new release of IPF.
Especially important if the FDL syntax changes or
when keywords are added. (Deletion not recommended
unless backward compatibility is not an issue.)
The current value = 1 |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfState |
1.3.6.1.4.1.1055.5.3 |
Whether IP-Filtering is active or not. The factory
default is INACTIVE. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
inactive(1), active(2) |
|
ipfCommand |
1.3.6.1.4.1.1055.5.4 |
UPDATE - the rule set is updated. Use the new rules.
If there are any parse errors, the UPDATE
operation would fail.
If there are no parse errors, the parse
buffer is emptied. ie. parserRules (see below)
will be an empty table.
DISABLE - disable all IP-Filter & NAT activities
ENABLE - enable IP-Filter & NAT activities with the current
set of rules.
DELETE - discard the set of rules from the parse buffer.
ie. parserRules (see below) will be an empty
table.
CLEAR - discard the loaded rules. ie. the ipfCurrRules and
natCurrRules (see below) will be empty tables.
NOTE: A get or get next operation is meaningless on
this variable and hence the value returned is always 42. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
update(1), disable(2), enable(3), delete(4), clear(5) |
|
ipfDefAction |
1.3.6.1.4.1.1055.5.5 |
The default action of IP-Filter when a packet does not
match any rules. The factory default is to block. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
block(1), pass(2) |
|
ipfParseTable |
1.3.6.1.4.1.1055.5.6 |
Parse buffer. Rules are accumulated here before
being applied using an ipfCommand - UPDATE |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
IpfParseEntryType |
|
ipfParseEntry |
1.3.6.1.4.1.1055.5.6.2 |
An IP-Filter or NAT ParseEntry |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpfParseEntryType |
|
|
ipfParseEntryStatus |
1.3.6.1.4.1.1055.5.6.2.1 |
Indication of whether or not a valid entry.
NOTE: A row cannot be modified. You can
create or delete a row, but not modify.
NOTE: Parsing is done when the status changes
to valid. The ipfParseEntryError field (see below)
would contain any parse errors. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
valid(1), create-request(2), under-creation(3), invalid(4) |
|
ipfParseEntryNumber |
1.3.6.1.4.1.1055.5.6.2.2 |
Indicates the rule sequence number. The rules are
inserted in the ascending sequence number order.
NOTE: A set operation will fail if the attempt is
to modify the rule number. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfParseEntryText |
1.3.6.1.4.1.1055.5.6.2.3 |
Text string corresponding to a rule. The rule
specification language is described else where.
NOTE: A set operation will fail if the row is
not under creation. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..256) |
|
ipfParseEntryError |
1.3.6.1.4.1.1055.5.6.2.4 |
The parse error. This field is available if the
ipfParseEntryStatus field above has a value = valid |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..256) |
|
ipfCurrRules |
1.3.6.1.4.1.1055.5.7 |
The set of rules currently used by IP-Filter |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
IpfCurrRuleType |
|
ipfCurrRuleStatus |
1.3.6.1.4.1.1055.5.7.2.1 |
Returns valid(1) always - dummy entry |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
valid(1), create-request(2), under-creation(3), invalid(4) |
|
ipfCurrRuleNumber |
1.3.6.1.4.1.1055.5.7.2.2 |
Indicates the rule sequence number |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfCurrRuleText |
1.3.6.1.4.1.1055.5.7.2.3 |
Text string corresponding to a rule. The rule
specification language is described else where. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..256) |
|
ipfCurrRuleFlags |
1.3.6.1.4.1.1055.5.7.2.4 |
A bit mapped flags field. Defined values are:
FR_BLOCK 0x0001
FR_PASS 0x0002
FR_OUTQUE 0x0004
FR_INQUE 0x0008
FR_LOG 0x0010 /* Log */
FR_LOGB 0x0021 /* Log-fail */
FR_LOGP 0x0022 /* Log-pass */
FR_LOGBODY 0x0040 /* Log the body */
FR_LOGFIRST 0x0080
FR_RETRST 0x0100
FR_RETICMP 0x0200
FR_NOMATCH 0x0400
FR_ACCOUNT 0x0800 /* count packet bytes */
FR_KEEPFRAG 0x1000
FR_KEEPSTATE 0x2000
FR_INACTIVE 0x4000
FR_QUICK 0x8000 |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfCurrRuleHits |
1.3.6.1.4.1.1055.5.7.2.5 |
Number of times this rule was hit - ie. matched.
NOTE: Doesn't mean passed or blocked, it just means
this rule evaluated as a match for the packet |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
ipfCurrRuleBytes |
1.3.6.1.4.1.1055.5.7.2.6 |
Number of bytes of data seen by this rule.
Same as Hits - but in terms of bytes of data. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
natCurrRules |
1.3.6.1.4.1.1055.5.8 |
The set of rules currently used by NAT |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
NatCurrRuleType |
|
natCurrRuleStatus |
1.3.6.1.4.1.1055.5.8.2.1 |
Returns valid(1) always - dummy entry |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
valid(1), create-request(2), under-creation(3), invalid(4) |
|
natCurrRuleNumber |
1.3.6.1.4.1.1055.5.8.2.2 |
Indicates the rule sequence number |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
natCurrRuleText |
1.3.6.1.4.1.1055.5.8.2.3 |
Text string corresponding to a rule. The rule
specification language is described else where. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..256) |
|
natCurrRuleHits |
1.3.6.1.4.1.1055.5.8.2.4 |
Indicates the number of packets mapped by this rule |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
natCurrRulePend |
1.3.6.1.4.1.1055.5.8.2.5 |
Indicates the number of packets mapped by this rule |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|