IPF-MIB

File: IPF-MIB.mib (11362 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC

Imported symbols

OBJECT-TYPE enterprises DisplayString

Defined Types

IpfParseEntryType  
SEQUENCE    
  ipfParseEntryStatus INTEGER
  ipfParseEntryNumber INTEGER
  ipfParseEntryText DisplayString
  ipfParseEntryError DisplayString

IpfCurrRuleType  
SEQUENCE    
  ipfCurrRuleStatus INTEGER
  ipfCurrRuleNumber INTEGER
  ipfCurrRuleText DisplayString
  ipfCurrRuleFlags INTEGER
  ipfCurrRuleHits INTEGER
  ipfCurrRuleBytes INTEGER

NatCurrRuleType  
SEQUENCE    
  natCurrRuleStatus INTEGER
  natCurrRuleNumber INTEGER
  natCurrRuleText DisplayString
  natCurrRuleHits INTEGER
  natCurrRulePend INTEGER

Defined Values

sbe 1.3.6.1.4.1.1055
OBJECT IDENTIFIER    

ipf 1.3.6.1.4.1.1055.5
OBJECT IDENTIFIER    

ipfMIBVersion 1.3.6.1.4.1.1055.5.1
Version number of the IPF MIB. This number will be bumped up whenever there is a change in this MIB. Backward compatibility is a must. The current value = 1
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfVersion 1.3.6.1.4.1.1055.5.2
Version number of the IPF. This number will be bumped up whenever there is a new release of IPF. Especially important if the FDL syntax changes or when keywords are added. (Deletion not recommended unless backward compatibility is not an issue.) The current value = 1
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfState 1.3.6.1.4.1.1055.5.3
Whether IP-Filtering is active or not. The factory default is INACTIVE.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER inactive(1), active(2)  

ipfCommand 1.3.6.1.4.1.1055.5.4
UPDATE - the rule set is updated. Use the new rules. If there are any parse errors, the UPDATE operation would fail. If there are no parse errors, the parse buffer is emptied. ie. parserRules (see below) will be an empty table. DISABLE - disable all IP-Filter & NAT activities ENABLE - enable IP-Filter & NAT activities with the current set of rules. DELETE - discard the set of rules from the parse buffer. ie. parserRules (see below) will be an empty table. CLEAR - discard the loaded rules. ie. the ipfCurrRules and natCurrRules (see below) will be empty tables. NOTE: A get or get next operation is meaningless on this variable and hence the value returned is always 42.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER update(1), disable(2), enable(3), delete(4), clear(5)  

ipfDefAction 1.3.6.1.4.1.1055.5.5
The default action of IP-Filter when a packet does not match any rules. The factory default is to block.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER block(1), pass(2)  

ipfParseTable 1.3.6.1.4.1.1055.5.6
Parse buffer. Rules are accumulated here before being applied using an ipfCommand - UPDATE
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpfParseEntryType

ipfParseEntry 1.3.6.1.4.1.1055.5.6.2
An IP-Filter or NAT ParseEntry
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  IpfParseEntryType  

ipfParseEntryStatus 1.3.6.1.4.1.1055.5.6.2.1
Indication of whether or not a valid entry. NOTE: A row cannot be modified. You can create or delete a row, but not modify. NOTE: Parsing is done when the status changes to valid. The ipfParseEntryError field (see below) would contain any parse errors.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER valid(1), create-request(2), under-creation(3), invalid(4)  

ipfParseEntryNumber 1.3.6.1.4.1.1055.5.6.2.2
Indicates the rule sequence number. The rules are inserted in the ascending sequence number order. NOTE: A set operation will fail if the attempt is to modify the rule number.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfParseEntryText 1.3.6.1.4.1.1055.5.6.2.3
Text string corresponding to a rule. The rule specification language is described else where. NOTE: A set operation will fail if the row is not under creation.
Status: mandatory Access: read-write
OBJECT-TYPE    
  DisplayString Size(0..256)  

ipfParseEntryError 1.3.6.1.4.1.1055.5.6.2.4
The parse error. This field is available if the ipfParseEntryStatus field above has a value = valid
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..256)  

ipfCurrRules 1.3.6.1.4.1.1055.5.7
The set of rules currently used by IP-Filter
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpfCurrRuleType

ipfCurrRule 1.3.6.1.4.1.1055.5.7.2
An IP-Filter rule.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  IpfCurrRuleType  

ipfCurrRuleStatus 1.3.6.1.4.1.1055.5.7.2.1
Returns valid(1) always - dummy entry
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER valid(1), create-request(2), under-creation(3), invalid(4)  

ipfCurrRuleNumber 1.3.6.1.4.1.1055.5.7.2.2
Indicates the rule sequence number
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfCurrRuleText 1.3.6.1.4.1.1055.5.7.2.3
Text string corresponding to a rule. The rule specification language is described else where.
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..256)  

ipfCurrRuleFlags 1.3.6.1.4.1.1055.5.7.2.4
A bit mapped flags field. Defined values are: FR_BLOCK 0x0001 FR_PASS 0x0002 FR_OUTQUE 0x0004 FR_INQUE 0x0008 FR_LOG 0x0010 /* Log */ FR_LOGB 0x0021 /* Log-fail */ FR_LOGP 0x0022 /* Log-pass */ FR_LOGBODY 0x0040 /* Log the body */ FR_LOGFIRST 0x0080 FR_RETRST 0x0100 FR_RETICMP 0x0200 FR_NOMATCH 0x0400 FR_ACCOUNT 0x0800 /* count packet bytes */ FR_KEEPFRAG 0x1000 FR_KEEPSTATE 0x2000 FR_INACTIVE 0x4000 FR_QUICK 0x8000
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfCurrRuleHits 1.3.6.1.4.1.1055.5.7.2.5
Number of times this rule was hit - ie. matched. NOTE: Doesn't mean passed or blocked, it just means this rule evaluated as a match for the packet
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

ipfCurrRuleBytes 1.3.6.1.4.1.1055.5.7.2.6
Number of bytes of data seen by this rule. Same as Hits - but in terms of bytes of data.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

natCurrRules 1.3.6.1.4.1.1055.5.8
The set of rules currently used by NAT
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    NatCurrRuleType

natCurrRule 1.3.6.1.4.1.1055.5.8.2
A NAT rule.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  NatCurrRuleType  

natCurrRuleStatus 1.3.6.1.4.1.1055.5.8.2.1
Returns valid(1) always - dummy entry
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER valid(1), create-request(2), under-creation(3), invalid(4)  

natCurrRuleNumber 1.3.6.1.4.1.1055.5.8.2.2
Indicates the rule sequence number
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

natCurrRuleText 1.3.6.1.4.1.1055.5.8.2.3
Text string corresponding to a rule. The rule specification language is described else where.
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..256)  

natCurrRuleHits 1.3.6.1.4.1.1055.5.8.2.4
Indicates the number of packets mapped by this rule
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

natCurrRulePend 1.3.6.1.4.1.1055.5.8.2.5
Indicates the number of packets mapped by this rule
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER