ZHNFIREWALL
File:
ZHNFIREWALL.mib (12726 bytes)
Imported modules
Imported symbols
Defined Types
FirewallMgmtAccessServiceValues |
|
LAN Management Access Services that can be blocked from the
CPEs management network. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
http(1), https(2), ping(3), snmp(4), snmpTrap(5), ssh(6), telnet(7) |
|
FirewallMgmtAccessServiceActions |
|
LAN Management Access Service actions to perform for the
specified service. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
allow(1), deny(2), undefined(3) |
|
FirewallPortTypeValues |
|
LAN Port Forwarding actions supported. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
portRange(1), portRemap(2), dmz(3) |
|
FirewallPortProtocolValues |
|
LAN Port Forwarding protocols that can be filtered, per port. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
tcp(1), udp(2), tcpOrUdp(3), icmp(4), icmpv4(5), none(6) |
|
FirewallMgmtAccessEntry |
|
SEQUENCE |
|
|
|
|
firewallMgmtServiceIndex |
FirewallMgmtAccessServiceValues |
|
|
firewallMgmtService |
OCTET STRING |
|
|
firewallMgmtAction |
FirewallMgmtAccessServiceActions |
|
FirewallPortForwardingEntry |
|
SEQUENCE |
|
|
|
|
firewallPortForwardingIndex |
Unsigned32 |
|
|
firewallPortForwardingName |
OCTET STRING |
|
|
firewallPortType |
FirewallPortTypeValues |
|
|
firewallPortProtocol |
FirewallPortProtocolValues |
|
|
firewallPortPublicPortStart |
Unsigned32 |
|
|
firewallPortPublicPortEnd |
Unsigned32 |
|
|
firewallPortPrivatePort |
Unsigned32 |
|
|
firewallPortPrivateIPAddress |
IpAddress |
|
|
firewallPortForwardingRowStatus |
ZhoneRowStatus |
|
Defined Values
zhnFirewall |
1.3.6.1.4.1.5504.2.5.45 |
This file defines the private Enterprise MIB extensions
that define LAN Management Access Service Filters and Port
Forwarding objects supported by the Zhone CPEs. |
MODULE-IDENTITY |
|
|
|
firewallMgmtAccessEntry |
1.3.6.1.4.1.5504.2.5.45.1.1.1 |
Table of entries of LAN Management Access service filters. This
table is used to configure management access on the device. It
is useful in making the device management network by blocking
protocols or services that are highly susceptible to external
attacks. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
FirewallMgmtAccessEntry |
|
|
firewallMgmtServiceIndex |
1.3.6.1.4.1.5504.2.5.45.1.1.1.1 |
LAN Management Access Services Table index. Enumerated values:
Http (1),
Https (2),
Ping (3),
Snmp (4),
SnmpTrap (5),
Ssh (6),
Telnet (7)
|
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
FirewallMgmtAccessServiceValues |
|
|
firewallMgmtService |
1.3.6.1.4.1.5504.2.5.45.1.1.1.2 |
LAN Management Access Service description. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
|
|
firewallPortForwardingTable |
1.3.6.1.4.1.5504.2.5.45.1.2 |
Table of LAN Port Forwarding Rules. Note that the rules in this table
have no effect until the global firewall object (sysFirewallEnable)
is enabled. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
FirewallPortForwardingEntry |
|
firewallPortForwardingEntry |
1.3.6.1.4.1.5504.2.5.45.1.2.1 |
This table is used to configure port forwarding firewall rules for
the device. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
FirewallPortForwardingEntry |
|
|
firewallPortForwardingName |
1.3.6.1.4.1.5504.2.5.45.1.2.1.2 |
Descriptive name for a LAN Port Forwarding Rule. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
|
|
firewallPortType |
1.3.6.1.4.1.5504.2.5.45.1.2.1.3 |
Enumerated value of:
portRange (1), -- Range indicates that any traffic on those ports will be
-- sent to the private IP address.
portRemap (2), -- Remap indicates that any traffic on those ports will be
-- sent to the private IP address at the private port.
dmz (3) -- When DMZ is chosen it is the only rule allowed on that
-- interface. A DMZ rule is effectively the same as a Range
-- rule with all ports included. Range rules are more secure
-- than setting a DMZ rule, because Range rules allow specific
-- ports or groups of ports to be opened up.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
FirewallPortTypeValues |
|
|
firewallPortPublicPortEnd |
1.3.6.1.4.1.5504.2.5.45.1.2.1.6 |
Highest value port number for the range. This can be equal to
firewallPortPublicPortStart if there is only one port. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
firewallPortForwardingRowStatus |
1.3.6.1.4.1.5504.2.5.45.1.2.1.9 |
The SNMP RowStatus of the current row. The following objects must
be specified upon row creation:
firewallPortForwardingName
firewallPortPrivateIPAddress
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
ZhoneRowStatus |
|
|
zhnFirewallCompliance |
1.3.6.1.4.1.5504.2.5.45.3.2.1 |
The Compliance statement for SNMP entities which
manage the Zhone CPE LAN Firewall Management Access Services
and Port Forwarding Information |
Status: current |
Access: read-write |
MODULE-COMPLIANCE |
|
|
|
zhnFirewallMgmtAccessGroup |
1.3.6.1.4.1.5504.2.5.45.3.1.1 |
A collection of Zhone IP objects that describe the
LAN Management Access Services that can be filtered for
a particular LAN interface. |
Status: current |
Access: read-write |
OBJECT-GROUP |
|
|
|
zhnFirewallPortForwardingGroup |
1.3.6.1.4.1.5504.2.5.45.3.1.2 |
A collection of Zhone IP objects that describe the
LAN Port Forwarding Management rules for filtering
protocols and ports for a particular LAN interface. |
Status: current |
Access: read-write |
OBJECT-GROUP |
|
|
|