ZHNFIREWALL

File: ZHNFIREWALL.mib (12726 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
Zhone-TC Zhone ZHNLANDEVICE

Imported symbols

MODULE-IDENTITY OBJECT-TYPE enterprises
Integer32 Unsigned32 IpAddress
Gauge32 MODULE-COMPLIANCE OBJECT-GROUP
TEXTUAL-CONVENTION MacAddress RowStatus
TruthValue ZhoneRowStatus zhoneWtn
lanDeviceIndex lanEthernetIndex

Defined Types

FirewallMgmtAccessServiceValues  
LAN Management Access Services that can be blocked from the CPEs management network.
TEXTUAL-CONVENTION    
  INTEGER http(1), https(2), ping(3), snmp(4), snmpTrap(5), ssh(6), telnet(7)  

FirewallMgmtAccessServiceActions  
LAN Management Access Service actions to perform for the specified service.
TEXTUAL-CONVENTION    
  INTEGER allow(1), deny(2), undefined(3)  

FirewallPortTypeValues  
LAN Port Forwarding actions supported.
TEXTUAL-CONVENTION    
  INTEGER portRange(1), portRemap(2), dmz(3)  

FirewallPortProtocolValues  
LAN Port Forwarding protocols that can be filtered, per port.
TEXTUAL-CONVENTION    
  INTEGER tcp(1), udp(2), tcpOrUdp(3), icmp(4), icmpv4(5), none(6)  

FirewallMgmtAccessEntry  
SEQUENCE    
  firewallMgmtServiceIndex FirewallMgmtAccessServiceValues
  firewallMgmtService OCTET STRING
  firewallMgmtAction FirewallMgmtAccessServiceActions

FirewallPortForwardingEntry  
SEQUENCE    
  firewallPortForwardingIndex Unsigned32
  firewallPortForwardingName OCTET STRING
  firewallPortType FirewallPortTypeValues
  firewallPortProtocol FirewallPortProtocolValues
  firewallPortPublicPortStart Unsigned32
  firewallPortPublicPortEnd Unsigned32
  firewallPortPrivatePort Unsigned32
  firewallPortPrivateIPAddress IpAddress
  firewallPortForwardingRowStatus ZhoneRowStatus

Defined Values

zhnFirewall 1.3.6.1.4.1.5504.2.5.45
This file defines the private Enterprise MIB extensions that define LAN Management Access Service Filters and Port Forwarding objects supported by the Zhone CPEs.
MODULE-IDENTITY    

zhnFirewallObjects 1.3.6.1.4.1.5504.2.5.45.1
OBJECT IDENTIFIER    

firewallMgmtAccessTable 1.3.6.1.4.1.5504.2.5.45.1.1
Table of LAN Management Access Service Filters
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    FirewallMgmtAccessEntry

firewallMgmtAccessEntry 1.3.6.1.4.1.5504.2.5.45.1.1.1
Table of entries of LAN Management Access service filters. This table is used to configure management access on the device. It is useful in making the device management network by blocking protocols or services that are highly susceptible to external attacks.
Status: current Access: not-accessible
OBJECT-TYPE    
  FirewallMgmtAccessEntry  

firewallMgmtServiceIndex 1.3.6.1.4.1.5504.2.5.45.1.1.1.1
LAN Management Access Services Table index. Enumerated values: Http (1), Https (2), Ping (3), Snmp (4), SnmpTrap (5), Ssh (6), Telnet (7)
Status: current Access: not-accessible
OBJECT-TYPE    
  FirewallMgmtAccessServiceValues  

firewallMgmtService 1.3.6.1.4.1.5504.2.5.45.1.1.1.2
LAN Management Access Service description.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING  

firewallMgmtAction 1.3.6.1.4.1.5504.2.5.45.1.1.1.3
LAN Management Access Service filtering action. Enumerated values: Allow (1), Deny (2), Undefined (3)
Status: current Access: read-write
OBJECT-TYPE    
  FirewallMgmtAccessServiceActions  

firewallPortForwardingTable 1.3.6.1.4.1.5504.2.5.45.1.2
Table of LAN Port Forwarding Rules. Note that the rules in this table have no effect until the global firewall object (sysFirewallEnable) is enabled.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    FirewallPortForwardingEntry

firewallPortForwardingEntry 1.3.6.1.4.1.5504.2.5.45.1.2.1
This table is used to configure port forwarding firewall rules for the device.
Status: current Access: not-accessible
OBJECT-TYPE    
  FirewallPortForwardingEntry  

firewallPortForwardingIndex 1.3.6.1.4.1.5504.2.5.45.1.2.1.1
LAN Port Forwarding Rules index.
Status: current Access: not-accessible
OBJECT-TYPE    
  Unsigned32  

firewallPortForwardingName 1.3.6.1.4.1.5504.2.5.45.1.2.1.2
Descriptive name for a LAN Port Forwarding Rule.
Status: current Access: read-write
OBJECT-TYPE    
  OCTET STRING  

firewallPortType 1.3.6.1.4.1.5504.2.5.45.1.2.1.3
Enumerated value of: portRange (1), -- Range indicates that any traffic on those ports will be -- sent to the private IP address. portRemap (2), -- Remap indicates that any traffic on those ports will be -- sent to the private IP address at the private port. dmz (3) -- When DMZ is chosen it is the only rule allowed on that -- interface. A DMZ rule is effectively the same as a Range -- rule with all ports included. Range rules are more secure -- than setting a DMZ rule, because Range rules allow specific -- ports or groups of ports to be opened up.
Status: current Access: read-write
OBJECT-TYPE    
  FirewallPortTypeValues  

firewallPortProtocol 1.3.6.1.4.1.5504.2.5.45.1.2.1.4
Enumerated value of: tcp (1), udp (2), tcpOrUdp (3), icmp (4), icmpv4 (5), none (6)
Status: current Access: read-write
OBJECT-TYPE    
  FirewallPortProtocolValues  

firewallPortPublicPortStart 1.3.6.1.4.1.5504.2.5.45.1.2.1.5
Lowest value port number for the range.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

firewallPortPublicPortEnd 1.3.6.1.4.1.5504.2.5.45.1.2.1.6
Highest value port number for the range. This can be equal to firewallPortPublicPortStart if there is only one port.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

firewallPortPrivatePort 1.3.6.1.4.1.5504.2.5.45.1.2.1.7
The port number with which to send the traffic.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

firewallPortPrivateIPAddress 1.3.6.1.4.1.5504.2.5.45.1.2.1.8
The port IP Address with which to send the traffic.
Status: current Access: read-write
OBJECT-TYPE    
  IpAddress  

firewallPortForwardingRowStatus 1.3.6.1.4.1.5504.2.5.45.1.2.1.9
The SNMP RowStatus of the current row. The following objects must be specified upon row creation: firewallPortForwardingName firewallPortPrivateIPAddress
Status: current Access: read-write
OBJECT-TYPE    
  ZhoneRowStatus  

zhnFirewallConformance 1.3.6.1.4.1.5504.2.5.45.3
OBJECT IDENTIFIER    

zhnFirewallGroups 1.3.6.1.4.1.5504.2.5.45.3.1
OBJECT IDENTIFIER    

zhnFirewallCompliances 1.3.6.1.4.1.5504.2.5.45.3.2
OBJECT IDENTIFIER    

zhnFirewallCompliance 1.3.6.1.4.1.5504.2.5.45.3.2.1
The Compliance statement for SNMP entities which manage the Zhone CPE LAN Firewall Management Access Services and Port Forwarding Information
Status: current Access: read-write
MODULE-COMPLIANCE    

zhnFirewallMgmtAccessGroup 1.3.6.1.4.1.5504.2.5.45.3.1.1
A collection of Zhone IP objects that describe the LAN Management Access Services that can be filtered for a particular LAN interface.
Status: current Access: read-write
OBJECT-GROUP    

zhnFirewallPortForwardingGroup 1.3.6.1.4.1.5504.2.5.45.3.1.2
A collection of Zhone IP objects that describe the LAN Port Forwarding Management rules for filtering protocols and ports for a particular LAN interface.
Status: current Access: read-write
OBJECT-GROUP