|
Packit Service |
9ccfef |
MIDCOM-MIB DEFINITIONS ::= BEGIN
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
IMPORTS
|
|
Packit Service |
9ccfef |
MODULE-IDENTITY, OBJECT-TYPE,
|
|
Packit Service |
9ccfef |
NOTIFICATION-TYPE, Unsigned32,
|
|
Packit Service |
9ccfef |
Counter32, Gauge32, mib-2
|
|
Packit Service |
9ccfef |
FROM SNMPv2-SMI -- RFC 2578
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
TEXTUAL-CONVENTION, TruthValue,
|
|
Packit Service |
9ccfef |
StorageType, RowStatus
|
|
Packit Service |
9ccfef |
FROM SNMPv2-TC -- RFC 2579
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MODULE-COMPLIANCE, OBJECT-GROUP,
|
|
Packit Service |
9ccfef |
NOTIFICATION-GROUP
|
|
Packit Service |
9ccfef |
FROM SNMPv2-CONF -- RFC 2580
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
SnmpAdminString
|
|
Packit Service |
9ccfef |
FROM SNMP-FRAMEWORK-MIB -- RFC 3411
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
InetAddressType, InetAddress,
|
|
Packit Service |
9ccfef |
InetPortNumber,
|
|
Packit Service |
9ccfef |
InetAddressPrefixLength
|
|
Packit Service |
9ccfef |
FROM INET-ADDRESS-MIB -- RFC 4001
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
InterfaceIndexOrZero
|
|
Packit Service |
9ccfef |
FROM IF-MIB -- RFC 2863
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
NatBindIdOrZero
|
|
Packit Service |
9ccfef |
FROM NAT-MIB; -- RFC 4008
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomMIB MODULE-IDENTITY
|
|
Packit Service |
9ccfef |
LAST-UPDATED "200708091011Z" -- August 09, 2007
|
|
Packit Service |
9ccfef |
ORGANIZATION "IETF Middlebox Communication Working Group"
|
|
Packit Service |
9ccfef |
CONTACT-INFO
|
|
Packit Service |
9ccfef |
"WG charter:
|
|
Packit Service |
9ccfef |
http://www.ietf.org/html.charters/midcom-charter.html
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Mailing Lists:
|
|
Packit Service |
9ccfef |
General Discussion: midcom@ietf.org
|
|
Packit Service |
9ccfef |
To Subscribe: midcom-request@ietf.org
|
|
Packit Service |
9ccfef |
In Body: subscribe your_email_address
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Co-editor:
|
|
Packit Service |
9ccfef |
Juergen Quittek
|
|
Packit Service |
9ccfef |
NEC Europe Ltd.
|
|
Packit Service |
9ccfef |
Kurfuersten-Anlage 36
|
|
Packit Service |
9ccfef |
69115 Heidelberg
|
|
Packit Service |
9ccfef |
Germany
|
|
Packit Service |
9ccfef |
Tel: +49 6221 4342-115
|
|
Packit Service |
9ccfef |
Email: quittek@nw.neclab.eu
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Co-editor:
|
|
Packit Service |
9ccfef |
Martin Stiemerling
|
|
Packit Service |
9ccfef |
NEC Europe Ltd.
|
|
Packit Service |
9ccfef |
Kurfuersten-Anlage 36
|
|
Packit Service |
9ccfef |
69115 Heidelberg
|
|
Packit Service |
9ccfef |
Germany
|
|
Packit Service |
9ccfef |
Tel: +49 6221 4342-113
|
|
Packit Service |
9ccfef |
Email: stiemerling@nw.neclab.eu
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Co-editor:
|
|
Packit Service |
9ccfef |
Pyda Srisuresh
|
|
Packit Service |
9ccfef |
Kazeon Systems, Inc.
|
|
Packit Service |
9ccfef |
1161 San Antonio Rd.
|
|
Packit Service |
9ccfef |
Mountain View, CA 94043
|
|
Packit Service |
9ccfef |
U.S.A.
|
|
Packit Service |
9ccfef |
Tel: +1 408 836-4773
|
|
Packit Service |
9ccfef |
Email: srisuresh@yahoo.com"
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This MIB module defines a set of basic objects for
|
|
Packit Service |
9ccfef |
configuring middleboxes, such as firewalls and network
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
address translators, in order to enable communication
|
|
Packit Service |
9ccfef |
across these devices.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Managed objects defined in this MIB module are structured
|
|
Packit Service |
9ccfef |
in three kinds of objects:
|
|
Packit Service |
9ccfef |
- transaction objects required according to the MIDCOM
|
|
Packit Service |
9ccfef |
protocol requirements defined in RFC 3304 and according
|
|
Packit Service |
9ccfef |
to the MIDCOM protocol semantics defined in RFC 3989,
|
|
Packit Service |
9ccfef |
- configuration objects that can be used for retrieving or
|
|
Packit Service |
9ccfef |
setting parameters of the implementation of transaction
|
|
Packit Service |
9ccfef |
objects,
|
|
Packit Service |
9ccfef |
- optional monitoring objects that provide information
|
|
Packit Service |
9ccfef |
about used resource and statistics
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The transaction objects are organized in two subtrees:
|
|
Packit Service |
9ccfef |
- objects modeling MIDCOM policy rules in the
|
|
Packit Service |
9ccfef |
midcomRuleTable
|
|
Packit Service |
9ccfef |
- objects modeling MIDCOM policy rule groups in the
|
|
Packit Service |
9ccfef |
midcomGroupTable
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that typically, configuration objects are not intended
|
|
Packit Service |
9ccfef |
to be written by MIDCOM clients. In general, write access
|
|
Packit Service |
9ccfef |
to these objects needs to be restricted more strictly than
|
|
Packit Service |
9ccfef |
write access to objects in the transaction subtrees.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Copyright (C) The Internet Society (2008). This version
|
|
Packit Service |
9ccfef |
of this MIB module is part of RFC 5190; see the RFC
|
|
Packit Service |
9ccfef |
itself for full legal notices."
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
REVISION "200708091011Z" -- August 09, 2007
|
|
Packit Service |
9ccfef |
DESCRIPTION "Initial version, published as RFC 5190."
|
|
Packit Service |
9ccfef |
::= { mib-2 171 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- main components of this MIB module
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomNotifications OBJECT IDENTIFIER ::= { midcomMIB 0 }
|
|
Packit Service |
9ccfef |
midcomObjects OBJECT IDENTIFIER ::= { midcomMIB 1 }
|
|
Packit Service |
9ccfef |
midcomConformance OBJECT IDENTIFIER ::= { midcomMIB 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- Transaction objects required according to the MIDCOM
|
|
Packit Service |
9ccfef |
-- protocol requirements defined in RFC 3304 and according to
|
|
Packit Service |
9ccfef |
-- the MIDCOM protocol semantics defined in RFC 3989
|
|
Packit Service |
9ccfef |
midcomTransaction OBJECT IDENTIFIER ::= { midcomObjects 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- Configuration objects that can be used for retrieving
|
|
Packit Service |
9ccfef |
-- middlebox capability information (mandatory) and for
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- setting parameters of the implementation of transaction
|
|
Packit Service |
9ccfef |
-- objects (optional)
|
|
Packit Service |
9ccfef |
midcomConfig OBJECT IDENTIFIER ::= { midcomObjects 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- Optional monitoring objects that provide information about
|
|
Packit Service |
9ccfef |
-- used resource and statistics
|
|
Packit Service |
9ccfef |
midcomMonitoring OBJECT IDENTIFIER ::= { midcomObjects 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Transaction Objects
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Transaction objects are structured according to the MIDCOM
|
|
Packit Service |
9ccfef |
-- protocol semantics into two groups:
|
|
Packit Service |
9ccfef |
-- - objects modeling MIDCOM policy rules in the midcomRuleTable
|
|
Packit Service |
9ccfef |
-- - objects modeling MIDCOM policy rule groups in the
|
|
Packit Service |
9ccfef |
-- midcomGroupTable
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Policy rule subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- The midcomRuleTable lists policy rules
|
|
Packit Service |
9ccfef |
-- including policy reserve rules and policy enable rules.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleTable OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SEQUENCE OF MidcomRuleEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This table lists policy rules.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
It is indexed by the midcomRuleOwner, the
|
|
Packit Service |
9ccfef |
midcomGroupIndex, and the midcomRuleIndex.
|
|
Packit Service |
9ccfef |
This implies that a rule is a member of exactly
|
|
Packit Service |
9ccfef |
one group and that group membership cannot
|
|
Packit Service |
9ccfef |
be changed.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Entries can be deleted by writing to
|
|
Packit Service |
9ccfef |
midcomGroupLifetime or midcomRuleLifetime
|
|
Packit Service |
9ccfef |
and potentially also to midcomRuleStorageTime."
|
|
Packit Service |
9ccfef |
::= { midcomTransaction 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleEntry OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomRuleEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An entry describing a particular MIDCOM policy rule."
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
INDEX { midcomRuleOwner, midcomGroupIndex, midcomRuleIndex }
|
|
Packit Service |
9ccfef |
::= { midcomRuleTable 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomRuleEntry ::= SEQUENCE {
|
|
Packit Service |
9ccfef |
midcomRuleOwner SnmpAdminString,
|
|
Packit Service |
9ccfef |
midcomRuleIndex Unsigned32,
|
|
Packit Service |
9ccfef |
midcomRuleAdminStatus INTEGER,
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus INTEGER,
|
|
Packit Service |
9ccfef |
midcomRuleStorageType StorageType,
|
|
Packit Service |
9ccfef |
midcomRuleStorageTime Unsigned32,
|
|
Packit Service |
9ccfef |
midcomRuleError SnmpAdminString,
|
|
Packit Service |
9ccfef |
midcomRuleInterface InterfaceIndexOrZero,
|
|
Packit Service |
9ccfef |
midcomRuleFlowDirection INTEGER,
|
|
Packit Service |
9ccfef |
midcomRuleMaxIdleTime Unsigned32,
|
|
Packit Service |
9ccfef |
midcomRuleTransportProtocol Unsigned32,
|
|
Packit Service |
9ccfef |
midcomRulePortRange INTEGER,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpVersion InetAddressType,
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpVersion InetAddressType,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpAddr InetAddress,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpPrefixLength InetAddressPrefixLength,
|
|
Packit Service |
9ccfef |
midcomRuleInternalPort InetPortNumber,
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpAddr InetAddress,
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpPrefixLength InetAddressPrefixLength,
|
|
Packit Service |
9ccfef |
midcomRuleExternalPort InetPortNumber,
|
|
Packit Service |
9ccfef |
midcomRuleInsideIpAddr InetAddress,
|
|
Packit Service |
9ccfef |
midcomRuleInsidePort InetPortNumber,
|
|
Packit Service |
9ccfef |
midcomRuleOutsideIpAddr InetAddress,
|
|
Packit Service |
9ccfef |
midcomRuleOutsidePort InetPortNumber,
|
|
Packit Service |
9ccfef |
midcomRuleLifetime Unsigned32,
|
|
Packit Service |
9ccfef |
midcomRuleRowStatus RowStatus
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleOwner OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SnmpAdminString (SIZE (0..32))
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The manager who owns this row in the midcomRuleTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object SHOULD uniquely identify an authenticated
|
|
Packit Service |
9ccfef |
MIDCOM client. This object is part of the table index to
|
|
Packit Service |
9ccfef |
allow for the use of the SNMPv3 View-based Access Control
|
|
Packit Service |
9ccfef |
Model (VACM, RFC 3415)."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleIndex OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32 (1..4294967295)
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The value of this object must be unique in
|
|
Packit Service |
9ccfef |
combination with the values of the objects
|
|
Packit Service |
9ccfef |
midcomRuleOwner and midcomGroupIndex in this row."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleAdminStatus OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX INTEGER {
|
|
Packit Service |
9ccfef |
reserve(1),
|
|
Packit Service |
9ccfef |
enable(2),
|
|
Packit Service |
9ccfef |
notSet(3)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The value of this object indicates the desired status of
|
|
Packit Service |
9ccfef |
the policy rule. See the definition of midcomRuleOperStatus
|
|
Packit Service |
9ccfef |
for a description of the values.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
When a midcomRuleEntry is created without explicitly setting
|
|
Packit Service |
9ccfef |
this object, its value will be notSet(3).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
However, a SET request can only set this object to either
|
|
Packit Service |
9ccfef |
reserve(1) or enable(2). Attempts to set this object to
|
|
Packit Service |
9ccfef |
notSet(3) will always fail with an 'inconsistentValue'
|
|
Packit Service |
9ccfef |
error. Note that this error code is SNMP specific. If the
|
|
Packit Service |
9ccfef |
MIB module is used with other protocols than SNMP, errors
|
|
Packit Service |
9ccfef |
with similar semantics specific to those protocols should
|
|
Packit Service |
9ccfef |
be returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
When the midcomRuleAdminStatus object is set, then the
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementation will try to read the respective
|
|
Packit Service |
9ccfef |
relevant objects of the entry and try to achieve the
|
|
Packit Service |
9ccfef |
corresponding midcomRuleOperStatus.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Setting midcomRuleAdminStatus to value reserve(1) when
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus has a value of reserved(7)
|
|
Packit Service |
9ccfef |
does not have any effect on the policy rule.
|
|
Packit Service |
9ccfef |
Setting midcomRuleAdminStatus to value enable(2) when
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus has a value of enabled(8)
|
|
Packit Service |
9ccfef |
does not have any effect on the policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Depending on whether the midcomRuleAdminStatus is set to
|
|
Packit Service |
9ccfef |
reserve(1) or enable(2), several objects must be set in
|
|
Packit Service |
9ccfef |
advance. They serve as parameters of the policy rule to be
|
|
Packit Service |
9ccfef |
established.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
When object midcomRuleAdminStatus is set to reserve(1),
|
|
Packit Service |
9ccfef |
then the following objects in the same entry are of
|
|
Packit Service |
9ccfef |
relevance:
|
|
Packit Service |
9ccfef |
- midcomRuleInterface
|
|
Packit Service |
9ccfef |
- midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
- midcomRulePortRange
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleInternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementation may also consider the value
|
|
Packit Service |
9ccfef |
of object midcomRuleMaxIdleTime when establishing
|
|
Packit Service |
9ccfef |
a reserve rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
When object midcomRuleAdminStatus is set to enable(2),
|
|
Packit Service |
9ccfef |
then the following objects in the same entry are of
|
|
Packit Service |
9ccfef |
relevance:
|
|
Packit Service |
9ccfef |
- midcomRuleInterface
|
|
Packit Service |
9ccfef |
- midcomRuleFlowDirection
|
|
Packit Service |
9ccfef |
- midcomRuleMaxIdleTime
|
|
Packit Service |
9ccfef |
- midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
- midcomRulePortRange
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleInternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleExternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
When retrieved, the object returns the last set value.
|
|
Packit Service |
9ccfef |
If no value has been set, it returns the default value
|
|
Packit Service |
9ccfef |
notSet(3)."
|
|
Packit Service |
9ccfef |
DEFVAL { notSet }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX INTEGER {
|
|
Packit Service |
9ccfef |
newEntry(1),
|
|
Packit Service |
9ccfef |
setting(2),
|
|
Packit Service |
9ccfef |
checkingRequest(3),
|
|
Packit Service |
9ccfef |
incorrectRequest(4),
|
|
Packit Service |
9ccfef |
processingRequest(5),
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
requestRejected(6),
|
|
Packit Service |
9ccfef |
reserved(7),
|
|
Packit Service |
9ccfef |
enabled(8),
|
|
Packit Service |
9ccfef |
timedOut(9),
|
|
Packit Service |
9ccfef |
terminatedOnRequest(10),
|
|
Packit Service |
9ccfef |
terminated(11),
|
|
Packit Service |
9ccfef |
genericError(12)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The actual status of the policy rule. The
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus object may have the following values:
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- newEntry(1) indicates that the entry in the
|
|
Packit Service |
9ccfef |
midcomRuleTable was created, but not modified yet.
|
|
Packit Service |
9ccfef |
Such an entry needs to be filled with values specifying
|
|
Packit Service |
9ccfef |
a request first.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- setting(2) indicates that the entry has been already
|
|
Packit Service |
9ccfef |
modified after generating it, but no request was made
|
|
Packit Service |
9ccfef |
yet.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- checkingRequest(3) indicates that midcomRuleAdminStatus
|
|
Packit Service |
9ccfef |
has recently been set and that the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation is currently checking the parameters of
|
|
Packit Service |
9ccfef |
the request. This is a transient state. The value of
|
|
Packit Service |
9ccfef |
this object will change to either incorrectRequest(4)
|
|
Packit Service |
9ccfef |
or processingRequest(5) without any external
|
|
Packit Service |
9ccfef |
interaction. A MIDCOM-MIB implementation MAY return
|
|
Packit Service |
9ccfef |
this value while checking request parameters.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- incorrectRequest(4) indicates that checking a request
|
|
Packit Service |
9ccfef |
resulted in detecting an incorrect value in one of the
|
|
Packit Service |
9ccfef |
objects containing request parameters. The failure
|
|
Packit Service |
9ccfef |
reason is indicated by the value of midcomRuleError.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- processingRequest(5) indicates that
|
|
Packit Service |
9ccfef |
midcomRuleAdminStatus has recently been set and that
|
|
Packit Service |
9ccfef |
the MIDCOM-MIB implementation is currently processing
|
|
Packit Service |
9ccfef |
the request and trying to configure the middlebox
|
|
Packit Service |
9ccfef |
accordingly. This is a transient state. The value of
|
|
Packit Service |
9ccfef |
this object will change to either requestRejected(6),
|
|
Packit Service |
9ccfef |
reserved(7), or enabled(8) without any external
|
|
Packit Service |
9ccfef |
interaction. A MIDCOM-MIB implementation MAY return
|
|
Packit Service |
9ccfef |
this value while processing a request.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- requestRejected(6) indicates that a request to establish
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
a policy rule specified by the entry was rejected. The
|
|
Packit Service |
9ccfef |
reason for rejection is indicated by the value of
|
|
Packit Service |
9ccfef |
midcomRuleError.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- reserved(7) indicates that the entry describes an
|
|
Packit Service |
9ccfef |
established policy reserve rule.
|
|
Packit Service |
9ccfef |
These values of MidcomRuleEntry are meaningful
|
|
Packit Service |
9ccfef |
for a reserved policy rule:
|
|
Packit Service |
9ccfef |
- midcomRuleMaxIdleTime
|
|
Packit Service |
9ccfef |
- midcomRuleInterface
|
|
Packit Service |
9ccfef |
- midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
- midcomRulePortRange
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleInternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleOutsideIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleOutsidePort
|
|
Packit Service |
9ccfef |
- midcomRuleLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- enabled(8) indicates that the entry describes an
|
|
Packit Service |
9ccfef |
established policy enable rule.
|
|
Packit Service |
9ccfef |
These values of MidcomRuleEntry are meaningful
|
|
Packit Service |
9ccfef |
for an enabled policy rule:
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- midcomRuleFlowDirection
|
|
Packit Service |
9ccfef |
- midcomRuleInterface
|
|
Packit Service |
9ccfef |
- midcomRuleMaxIdleTime
|
|
Packit Service |
9ccfef |
- midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
- midcomRulePortRange
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpVersion
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleInternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleInternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleExternalIpPrefixLength
|
|
Packit Service |
9ccfef |
- midcomRuleExternalPort
|
|
Packit Service |
9ccfef |
- midcomRuleInsideIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleInsidePort
|
|
Packit Service |
9ccfef |
- midcomRuleOutsideIpAddr
|
|
Packit Service |
9ccfef |
- midcomRuleOutsidePort
|
|
Packit Service |
9ccfef |
- midcomRuleLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- timedOut(9) indicates that the lifetime of a previously
|
|
Packit Service |
9ccfef |
established policy rule has expired and that the policy
|
|
Packit Service |
9ccfef |
rule is terminated for this reason.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- terminatedOnRequest(10) indicates that a previously
|
|
Packit Service |
9ccfef |
established policy rule was terminated by an SNMP
|
|
Packit Service |
9ccfef |
manager setting the midcomRuleLifetime to 0 or
|
|
Packit Service |
9ccfef |
setting midcomGroupLifetime to 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- terminated(11) indicates that a previously established
|
|
Packit Service |
9ccfef |
policy rule was terminated by the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation for a reason other than lifetime
|
|
Packit Service |
9ccfef |
expiration or an explicit request from a MIDCOM client.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- genericError(12) indicates that the policy rule
|
|
Packit Service |
9ccfef |
specified by the entry is not established due to
|
|
Packit Service |
9ccfef |
an error condition not listed above.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The states timedOut(9), terminatedOnRequest(10), and
|
|
Packit Service |
9ccfef |
terminated(11) are referred to as termination states.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The states incorrectRequest(4), requestRejected(6),
|
|
Packit Service |
9ccfef |
and genericError(12) are referred to as error states.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The checkingRequest(3) and processingRequest(5)
|
|
Packit Service |
9ccfef |
states are transient states, which will lead to either
|
|
Packit Service |
9ccfef |
one of the error states or the reserved(7) state or the
|
|
Packit Service |
9ccfef |
enabled(8) state. MIDCOM-MIB implementations MAY return
|
|
Packit Service |
9ccfef |
these values when checking or processing requests."
|
|
Packit Service |
9ccfef |
DEFVAL { newEntry }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 5 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleStorageType OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX StorageType
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"When retrieved, this object returns the storage
|
|
Packit Service |
9ccfef |
type of the policy rule. Writing to this object can
|
|
Packit Service |
9ccfef |
change the storage type of the particular row from
|
|
Packit Service |
9ccfef |
volatile(2) to nonVolatile(3) or vice versa.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Attempts to set this object to permanent will always
|
|
Packit Service |
9ccfef |
fail with an 'inconsistentValue' error. Note that this
|
|
Packit Service |
9ccfef |
error code is SNMP specific. If the MIB module is used
|
|
Packit Service |
9ccfef |
with other protocols than SNMP, errors with similar
|
|
Packit Service |
9ccfef |
semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If midcomRuleStorageType has the value permanent(4),
|
|
Packit Service |
9ccfef |
then all objects in this row whose MAX-ACCESS value
|
|
Packit Service |
9ccfef |
is read-create must be read-only."
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
DEFVAL { volatile }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 6 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleStorageTime OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
UNITS "seconds"
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The value of this object specifies how long this row
|
|
Packit Service |
9ccfef |
can exist in the midcomRuleTable after the
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus switched to a termination state or
|
|
Packit Service |
9ccfef |
to an error state. This object returns the remaining
|
|
Packit Service |
9ccfef |
time that the row may exist before it is aged out.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
After expiration or termination of the context, the value
|
|
Packit Service |
9ccfef |
of this object ticks backwards. The entry in the
|
|
Packit Service |
9ccfef |
midcomRuleTable is destroyed when the value reaches 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object may be set in order to increase
|
|
Packit Service |
9ccfef |
or reduce the remaining time that the row may exist.
|
|
Packit Service |
9ccfef |
Setting the value to 0 will destroy this entry as soon as
|
|
Packit Service |
9ccfef |
the midcomRuleOperStatus switched to a termination state
|
|
Packit Service |
9ccfef |
or to an error state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that there is no guarantee that the row is stored as
|
|
Packit Service |
9ccfef |
long as this object indicates. At any time, the MIDCOM-
|
|
Packit Service |
9ccfef |
MIB implementation may decide to remove a row describing
|
|
Packit Service |
9ccfef |
a terminated policy rule before the storage time of the
|
|
Packit Service |
9ccfef |
corresponding row in the midcomRuleTable reaches the
|
|
Packit Service |
9ccfef |
value of 0. In this case, the information stored in this
|
|
Packit Service |
9ccfef |
row is not available anymore.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleStorageType indicates that the policy
|
|
Packit Service |
9ccfef |
rule has the storage type permanent(4), then this object has
|
|
Packit Service |
9ccfef |
a constant value of 4294967295."
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 7 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleError OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SnmpAdminString
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object contains a descriptive error message if
|
|
Packit Service |
9ccfef |
the transition into the operational status reserved(7)
|
|
Packit Service |
9ccfef |
or enabled(8) failed. Implementations must reset the
|
|
Packit Service |
9ccfef |
error message to a zero-length string when a new
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
attempt to change the policy rule status to reserved(7)
|
|
Packit Service |
9ccfef |
or enabled(8) is started.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
RECOMMENDED values to be returned in particular cases
|
|
Packit Service |
9ccfef |
include
|
|
Packit Service |
9ccfef |
- 'lack of IP addresses'
|
|
Packit Service |
9ccfef |
- 'lack of port numbers'
|
|
Packit Service |
9ccfef |
- 'lack of resources'
|
|
Packit Service |
9ccfef |
- 'specified NAT interface does not exist'
|
|
Packit Service |
9ccfef |
- 'specified NAT interface does not support NAT'
|
|
Packit Service |
9ccfef |
- 'conflict with already existing policy rule'
|
|
Packit Service |
9ccfef |
- 'no internal IP wildcarding allowed'
|
|
Packit Service |
9ccfef |
- 'no external IP wildcarding allowed'
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The semantics of these error messages and the corresponding
|
|
Packit Service |
9ccfef |
behavior of the MIDCOM-MIB implementation are specified
|
|
Packit Service |
9ccfef |
in sections 2.3.9 and 2.3.10 of RFC 3989."
|
|
Packit Service |
9ccfef |
REFERENCE
|
|
Packit Service |
9ccfef |
"RFC 3989, sections 2.3.9 and 2.3.10"
|
|
Packit Service |
9ccfef |
DEFVAL { ''H }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 8 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInterface OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InterfaceIndexOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object indicates the IP interface for which
|
|
Packit Service |
9ccfef |
enforcement of a policy rule is requested or performed,
|
|
Packit Service |
9ccfef |
respectively.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The interface is identified by its index in the ifTable
|
|
Packit Service |
9ccfef |
(see IF-MIB in RFC 2863). If the object has a value of 0,
|
|
Packit Service |
9ccfef |
then no particular interface is indicated.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to request its preference
|
|
Packit Service |
9ccfef |
concerning the interface at which it requests NAT service.
|
|
Packit Service |
9ccfef |
The default value of 0 indicates that the manager does not
|
|
Packit Service |
9ccfef |
have a preferred interface or does not have sufficient
|
|
Packit Service |
9ccfef |
topology information for specifying one. Writing to this
|
|
Packit Service |
9ccfef |
object in any state other than newEntry(1) or setting(2)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object indicates
|
|
Packit Service |
9ccfef |
the interface at which NAT service for this rule is
|
|
Packit Service |
9ccfef |
performed. If NAT service is not required for enforcing
|
|
Packit Service |
9ccfef |
the policy rule, then the value of this object is 0. Also,
|
|
Packit Service |
9ccfef |
if the MIDCOM-MIB implementation cannot indicate an
|
|
Packit Service |
9ccfef |
interface, because it does not have this information or
|
|
Packit Service |
9ccfef |
because NAT service is not offered at a particular single
|
|
Packit Service |
9ccfef |
interface, then the value of the object is 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that the index of a particular interface in the
|
|
Packit Service |
9ccfef |
ifTable may change after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, for example, after adding another interface to
|
|
Packit Service |
9ccfef |
it. In such a case, the value of this object may change,
|
|
Packit Service |
9ccfef |
but the interface referred to by the MIDCOM-MIB MUST still
|
|
Packit Service |
9ccfef |
be the same. If, after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, the interface referred to before
|
|
Packit Service |
9ccfef |
re-initialization cannot be uniquely mapped anymore to a
|
|
Packit Service |
9ccfef |
particular entry in the ifTable, then the value of object
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus of the same entry MUST be changed to
|
|
Packit Service |
9ccfef |
terminated(11).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 9 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleFlowDirection OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX INTEGER {
|
|
Packit Service |
9ccfef |
inbound(1),
|
|
Packit Service |
9ccfef |
outbound(2),
|
|
Packit Service |
9ccfef |
biDirectional(3)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This parameter specifies the direction of enabled
|
|
Packit Service |
9ccfef |
communication, either inbound(1), outbound(2), or
|
|
Packit Service |
9ccfef |
biDirectional(3).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The semantics of this object depends on the protocol
|
|
Packit Service |
9ccfef |
the rule relates to. If the rule is independent of
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
the transport protocol (midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
has a value of 0) or if the transport protocol is UDP,
|
|
Packit Service |
9ccfef |
then the value of midcomRuleFlowDirection indicates
|
|
Packit Service |
9ccfef |
the direction of packets traversing the middlebox.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
In this case, value inbound(1) indicates that packets
|
|
Packit Service |
9ccfef |
are traversing from outside to inside, value outbound(2)
|
|
Packit Service |
9ccfef |
indicates that packets are traversing from inside to
|
|
Packit Service |
9ccfef |
outside. For both values, inbound(1) and outbound(2)
|
|
Packit Service |
9ccfef |
packets can traverse the middlebox only unidirectional.
|
|
Packit Service |
9ccfef |
A bidirectional flow is indicated by value
|
|
Packit Service |
9ccfef |
biDirectional(3).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the transport protocol is TCP, the packet flow is
|
|
Packit Service |
9ccfef |
always bidirectional, but the value of
|
|
Packit Service |
9ccfef |
midcomRuleFlowDirection indicates that:
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- inbound(1): bidirectional TCP packet flow.
|
|
Packit Service |
9ccfef |
First packet, with TCP SYN flag set, must arrive
|
|
Packit Service |
9ccfef |
at an outside interface of the middlebox.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- outbound(2): bidirectional TCP packet flow.
|
|
Packit Service |
9ccfef |
First packet, with TCP SYN flag set, must arrive
|
|
Packit Service |
9ccfef |
at an inside interface of the middlebox.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
- biDirectional(3): bidirectional TCP packet flow.
|
|
Packit Service |
9ccfef |
First packet, with TCP SYN flag set, may arrive
|
|
Packit Service |
9ccfef |
at an inside or an outside interface of the middlebox.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for
|
|
Packit Service |
9ccfef |
establishing a policy enable rule as well as for
|
|
Packit Service |
9ccfef |
indicating the properties of an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either newEntry(1), setting(2), or reserved(7),
|
|
Packit Service |
9ccfef |
then this object can be written by a manager in order to
|
|
Packit Service |
9ccfef |
specify a requested direction to be enabled by a policy
|
|
Packit Service |
9ccfef |
rule. Writing to this object in any state other than
|
|
Packit Service |
9ccfef |
newEntry(1), setting(2), or reserved(7) will always fail
|
|
Packit Service |
9ccfef |
with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value enabled(8), then this object indicates the enabled
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
flow direction.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { outbound }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 10 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleMaxIdleTime OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
UNITS "seconds"
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Maximum idle time of the policy rule in seconds.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If no packet to which the policy rule applies passes the
|
|
Packit Service |
9ccfef |
middlebox for the specified midcomRuleMaxIdleTime, then
|
|
Packit Service |
9ccfef |
the policy rule enters the termination state timedOut(9).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
A value of 0 indicates that the policy does not require
|
|
Packit Service |
9ccfef |
an individual idle time and that instead, a default idle
|
|
Packit Service |
9ccfef |
time chosen by the middlebox is used.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
A value of 4294967295 ( = 2^32 - 1 ) indicates that the
|
|
Packit Service |
9ccfef |
policy does not time out if it is idle.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for
|
|
Packit Service |
9ccfef |
establishing a policy enable rule as well as for
|
|
Packit Service |
9ccfef |
indicating the properties of an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either newEntry(1), setting(2), or reserved(7),
|
|
Packit Service |
9ccfef |
then this object can be written by a manager in order to
|
|
Packit Service |
9ccfef |
specify a maximum idle time for the policy rule to be
|
|
Packit Service |
9ccfef |
requested. Writing to this object in any state others
|
|
Packit Service |
9ccfef |
than newEntry(1), setting(2), or reserved(7) will always
|
|
Packit Service |
9ccfef |
fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value enabled(8), then this object indicates the maximum
|
|
Packit Service |
9ccfef |
idle time of the policy rule. Note that even if a maximum
|
|
Packit Service |
9ccfef |
idle time greater than zero was requested, the middlebox
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
may not be able to support maximum idle times and set the
|
|
Packit Service |
9ccfef |
value of this object to zero when entering state
|
|
Packit Service |
9ccfef |
enabled(8).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 11 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleTransportProtocol OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32 (0..255)
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The transport protocol.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Valid values for midcomRuleTransportProtocol
|
|
Packit Service |
9ccfef |
other than zero are defined at:
|
|
Packit Service |
9ccfef |
http://www.iana.org/assignments/protocol-numbers
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either newEntry(1) or setting(2), then this
|
|
Packit Service |
9ccfef |
object can be written by a manager in order to specify a
|
|
Packit Service |
9ccfef |
requested transport protocol. If translation of an IP
|
|
Packit Service |
9ccfef |
address only is requested, then this object must have the
|
|
Packit Service |
9ccfef |
default value 0. Writing to this object in any state
|
|
Packit Service |
9ccfef |
other than newEntry(1) or setting(2) will always fail
|
|
Packit Service |
9ccfef |
with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object
|
|
Packit Service |
9ccfef |
indicates which transport protocol is enforced by this
|
|
Packit Service |
9ccfef |
policy rule. A value of 0 indicates a rule acting on IP
|
|
Packit Service |
9ccfef |
addresses only.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 12 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRulePortRange OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX INTEGER {
|
|
Packit Service |
9ccfef |
single(1),
|
|
Packit Service |
9ccfef |
pair(2)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The range of port numbers.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule. It is relevant to the
|
|
Packit Service |
9ccfef |
operation of the MIDCOM-MIB implementation only if the
|
|
Packit Service |
9ccfef |
value of object midcomTransportProtocol in the same entry
|
|
Packit Service |
9ccfef |
has a value other than 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the requested
|
|
Packit Service |
9ccfef |
size of the port range. With single(1) just a single
|
|
Packit Service |
9ccfef |
port number is requested, with pair(2) a consecutive pair
|
|
Packit Service |
9ccfef |
of port numbers is requested with the lower number being
|
|
Packit Service |
9ccfef |
even. Requesting a consecutive pair of port numbers may
|
|
Packit Service |
9ccfef |
be used by RTP [RFC3550] and may even be required to
|
|
Packit Service |
9ccfef |
support older RTP applications.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Writing to this object in any state other than
|
|
Packit Service |
9ccfef |
newEntry(1), setting(2) or reserved(7) will always fail
|
|
Packit Service |
9ccfef |
with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either reserved(7) or enabled(8), then this
|
|
Packit Service |
9ccfef |
object will have the value that it had before the
|
|
Packit Service |
9ccfef |
transition to this state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { single }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 13}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpVersion OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddressType
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"IP version of the internal address (A0) and the inside
|
|
Packit Service |
9ccfef |
address (A1). Allowed values are ipv4(1), ipv6(2),
|
|
Packit Service |
9ccfef |
ipv4z(3), and ipv6z(4).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the IP version
|
|
Packit Service |
9ccfef |
required at the inside of the middlebox. Writing to this
|
|
Packit Service |
9ccfef |
object in any state other than newEntry(1) or setting(2)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object
|
|
Packit Service |
9ccfef |
indicates the internal/inside IP version.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { ipv4 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 14 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpVersion OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddressType
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"IP version of the external address (A3) and the outside
|
|
Packit Service |
9ccfef |
address (A2). Allowed values are ipv4(1) and ipv6(2).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the IP version
|
|
Packit Service |
9ccfef |
required at the outside of the middlebox. Writing to
|
|
Packit Service |
9ccfef |
this object in any state other than newEntry(1) or
|
|
Packit Service |
9ccfef |
setting(2) will always fail with an 'inconsistentValue'
|
|
Packit Service |
9ccfef |
error.
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object
|
|
Packit Service |
9ccfef |
indicates the external/outside IP version.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7) or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { ipv4 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 15 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpAddr OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddress
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The internal IP address (A0).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the internal IP
|
|
Packit Service |
9ccfef |
address for which a reserve policy rule or a enable policy
|
|
Packit Service |
9ccfef |
rule is requested to be established. Writing to this
|
|
Packit Service |
9ccfef |
object in any state other than newEntry(1) or setting(2)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object will
|
|
Packit Service |
9ccfef |
have the value which it had before the transition to this
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7) or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 16 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpPrefixLength OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddressPrefixLength
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The prefix length of the internal IP address used for
|
|
Packit Service |
9ccfef |
wildcarding. A value of 0 indicates a full wildcard;
|
|
Packit Service |
9ccfef |
in this case, the value of midcomRuleInternalIpAddr is
|
|
Packit Service |
9ccfef |
irrelevant. If midcomRuleInternalIpVersion has a value
|
|
Packit Service |
9ccfef |
of ipv4(1), then a value > 31 indicates no wildcarding
|
|
Packit Service |
9ccfef |
at all. If midcomRuleInternalIpVersion has a value
|
|
Packit Service |
9ccfef |
of ipv4(2), then a value > 127 indicates no wildcarding
|
|
Packit Service |
9ccfef |
at all. A MIDCOM-MIB implementation that does not
|
|
Packit Service |
9ccfef |
support IP address wildcarding MUST implement this object
|
|
Packit Service |
9ccfef |
as read-only with a value of 128. A MIDCOM that does
|
|
Packit Service |
9ccfef |
not support wildcarding based on prefix length MAY
|
|
Packit Service |
9ccfef |
restrict allowed values for this object to 0 and 128.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the prefix length
|
|
Packit Service |
9ccfef |
of the internal IP address for which a reserve policy rule
|
|
Packit Service |
9ccfef |
or an enable policy rule is requested to be established.
|
|
Packit Service |
9ccfef |
Writing to this object in any state other than newEntry(1)
|
|
Packit Service |
9ccfef |
or setting(2) will always fail with an 'inconsistentValue'
|
|
Packit Service |
9ccfef |
error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object will
|
|
Packit Service |
9ccfef |
have the value which it had before the transition to this
|
|
Packit Service |
9ccfef |
state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 128 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 17 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInternalPort OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetPortNumber
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The internal port number. A value of 0 is a wildcard.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule. It is relevant to the
|
|
Packit Service |
9ccfef |
operation of the MIDCOM-MIB implementation only if the
|
|
Packit Service |
9ccfef |
value of object midcomTransportProtocol in the same entry
|
|
Packit Service |
9ccfef |
has a value other than 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1) or setting(2), then this object can be
|
|
Packit Service |
9ccfef |
written by a manager in order to specify the internal port
|
|
Packit Service |
9ccfef |
number for which a reserve policy rule or an enable policy
|
|
Packit Service |
9ccfef |
rule is requested to be established. Writing to this
|
|
Packit Service |
9ccfef |
object in any state other than newEntry(1) or setting(2)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value reserved(7) or enabled(8), then this object will
|
|
Packit Service |
9ccfef |
have the value that it had before the transition to this
|
|
Packit Service |
9ccfef |
state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 18 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpAddr OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddress
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The external IP address (A3).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1), setting(2), or reserved(7), then this
|
|
Packit Service |
9ccfef |
object can be written by a manager in order to specify the
|
|
Packit Service |
9ccfef |
external IP address for which an enable policy rule is
|
|
Packit Service |
9ccfef |
requested to be established. Writing to this object in
|
|
Packit Service |
9ccfef |
any state other than newEntry(1), setting(2), or reserved(7)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value enabled(8), then this object will have the value
|
|
Packit Service |
9ccfef |
that it had before the transition to this state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 19 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpPrefixLength OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddressPrefixLength
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The prefix length of the external IP address used for
|
|
Packit Service |
9ccfef |
wildcarding. A value of 0 indicates a full wildcard;
|
|
Packit Service |
9ccfef |
in this case, the value of midcomRuleExternalIpAddr is
|
|
Packit Service |
9ccfef |
irrelevant. If midcomRuleExternalIpVersion has a value
|
|
Packit Service |
9ccfef |
of ipv4(1), then a value > 31 indicates no wildcarding
|
|
Packit Service |
9ccfef |
at all. If midcomRuleExternalIpVersion has a value
|
|
Packit Service |
9ccfef |
of ipv4(2), then a value > 127 indicates no wildcarding
|
|
Packit Service |
9ccfef |
at all. A MIDCOM-MIB implementation that does not
|
|
Packit Service |
9ccfef |
support IP address wildcarding MUST implement this object
|
|
Packit Service |
9ccfef |
as read-only with a value of 128. A MIDCOM that does
|
|
Packit Service |
9ccfef |
not support wildcarding based on prefix length MAY
|
|
Packit Service |
9ccfef |
restrict allowed values for this object to 0 and 128.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1), setting(2), or reserved(7), then this
|
|
Packit Service |
9ccfef |
object can be written by a manager in order to specify the
|
|
Packit Service |
9ccfef |
prefix length of the external IP address for which an
|
|
Packit Service |
9ccfef |
enable policy rule is requested to be established.
|
|
Packit Service |
9ccfef |
Writing to this object in any state other than
|
|
Packit Service |
9ccfef |
newEntry(1), setting(2), or reserved(7) will always fail
|
|
Packit Service |
9ccfef |
with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value enabled(8), then this object will have the value
|
|
Packit Service |
9ccfef |
that it had before the transition to this state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 128 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 20 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleExternalPort OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetPortNumber
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The external port number. A value of 0 is a wildcard.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule. It is relevant to the
|
|
Packit Service |
9ccfef |
operation of the MIDCOM-MIB implementation only if the
|
|
Packit Service |
9ccfef |
value of object midcomTransportProtocol in the same entry
|
|
Packit Service |
9ccfef |
has a value other than 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value newEntry(1), setting(2) or reserved(7), then this
|
|
Packit Service |
9ccfef |
object can be written by a manager in order to specify the
|
|
Packit Service |
9ccfef |
external port number for which an enable policy rule is
|
|
Packit Service |
9ccfef |
requested to be established. Writing to this object in
|
|
Packit Service |
9ccfef |
any state other than newEntry(1), setting(2) or reserved(7)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has the
|
|
Packit Service |
9ccfef |
value enabled(8), then this object will have the value
|
|
Packit Service |
9ccfef |
which it had before the transition to this state.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7) or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 0 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 21 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInsideIpAddr OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddress
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The inside IP address at the middlebox (A1).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object is relevant only if
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus of the same entry has
|
|
Packit Service |
9ccfef |
a value of either reserved(7) or enabled(8)."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 22 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleInsidePort OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetPortNumber
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The inside port number at the middlebox.
|
|
Packit Service |
9ccfef |
A value of 0 is a wildcard.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object is relevant only if
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus of the same entry has
|
|
Packit Service |
9ccfef |
a value of either reserved(7) or enabled(8)."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 23 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleOutsideIpAddr OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetAddress
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The outside IP address at the middlebox (A2).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object is relevant only if
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus of the same entry has
|
|
Packit Service |
9ccfef |
a value of either reserved(7) or enabled(8)."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 24 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleOutsidePort OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InetPortNumber
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The outside port number at the middlebox.
|
|
Packit Service |
9ccfef |
A value of 0 is a wildcard.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object is relevant only if
|
|
Packit Service |
9ccfef |
object midcomRuleOperStatus of the same entry has
|
|
Packit Service |
9ccfef |
a value of either reserved(7) or enabled(8)."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 25 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleLifetime OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
UNITS "seconds"
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The remaining lifetime in seconds of this policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Lifetime of a policy rule starts when object
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus in the same entry enters either
|
|
Packit Service |
9ccfef |
state reserved(7) or state enabled(8).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
This object is used as input to a request for establishing
|
|
Packit Service |
9ccfef |
a policy rule as well as for indicating the properties of
|
|
Packit Service |
9ccfef |
an established policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either newEntry(1) or setting(2), then this
|
|
Packit Service |
9ccfef |
object can be written by a manager in order to specify
|
|
Packit Service |
9ccfef |
the requested lifetime of a policy rule to be established.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value of either reserved(7) or enabled(8), then this
|
|
Packit Service |
9ccfef |
object indicates the (continuously decreasing) remaining
|
|
Packit Service |
9ccfef |
lifetime of the established policy rule. Note that when
|
|
Packit Service |
9ccfef |
entering state reserved(7) or enabled(8), the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation can choose a lifetime shorter than the one
|
|
Packit Service |
9ccfef |
requested.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Unlike other parameters of the policy rule, this parameter
|
|
Packit Service |
9ccfef |
can still be written in state reserved(7) and enabled(8).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Writing to this object is processed by the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation by choosing a lifetime value that is
|
|
Packit Service |
9ccfef |
greater than 0 and less than or equal to the minimum of
|
|
Packit Service |
9ccfef |
the requested value and the value specified by object
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime:
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
0 <= lt_granted <= MINIMUM(lt_requested, lt_maximum)
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
where:
|
|
Packit Service |
9ccfef |
- lt_granted is the actually granted lifetime by the
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementation
|
|
Packit Service |
9ccfef |
- lt_requested is the requested lifetime of the MIDCOM
|
|
Packit Service |
9ccfef |
client
|
|
Packit Service |
9ccfef |
- lt_maximum is the value of object
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
SNMP SET requests to this object may be rejected or the
|
|
Packit Service |
9ccfef |
value of the object after an accepted SET operation may be
|
|
Packit Service |
9ccfef |
less than the value that was contained in the SNMP SET
|
|
Packit Service |
9ccfef |
request.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Successfully writing a value of 0 terminates the policy
|
|
Packit Service |
9ccfef |
rule. Note that after a policy rule is terminated, still
|
|
Packit Service |
9ccfef |
the entry will exist as long as indicated by the value of
|
|
Packit Service |
9ccfef |
midcomRuleStorageTime.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Writing to this object in any state other than
|
|
Packit Service |
9ccfef |
newEntry(1), setting(2), reserved(7), or enabled(7)
|
|
Packit Service |
9ccfef |
will always fail with an 'inconsistentValue' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If object midcomRuleOperStatus of the same entry has a
|
|
Packit Service |
9ccfef |
value other than newEntry(1), setting(2), reserved(7), or
|
|
Packit Service |
9ccfef |
enabled(8), then the value of this object is irrelevant."
|
|
Packit Service |
9ccfef |
DEFVAL { 180 }
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 26 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleRowStatus OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX RowStatus
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-create
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A control that allows entries to be added and removed from
|
|
Packit Service |
9ccfef |
this table.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Entries can also be removed from this table by setting
|
|
Packit Service |
9ccfef |
objects midcomRuleLifetime and midcomRuleStorageTime of
|
|
Packit Service |
9ccfef |
an entry to 0.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Attempts to set a row notInService(2) where the value
|
|
Packit Service |
9ccfef |
of the midcomRuleStorageType object is permanent(4) or
|
|
Packit Service |
9ccfef |
readOnly(5) will result in an 'notWritable' error.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this error code is SNMP specific. If the MIB
|
|
Packit Service |
9ccfef |
module is used with other protocols than SNMP, errors with
|
|
Packit Service |
9ccfef |
similar semantics specific to those protocols should be
|
|
Packit Service |
9ccfef |
returned.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this object has no effect on whether other
|
|
Packit Service |
9ccfef |
objects in this conceptual row can be modified."
|
|
Packit Service |
9ccfef |
::= { midcomRuleEntry 27 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Policy rule group subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- The midcomGroupTable lists all current policy rule groups.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomGroupTable OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SEQUENCE OF MidcomGroupEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This table lists all current policy rule groups.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Entries in this table are created or removed
|
|
Packit Service |
9ccfef |
implicitly when entries in the midcomRuleTable are
|
|
Packit Service |
9ccfef |
created or removed, respectively. A group entry
|
|
Packit Service |
9ccfef |
in this table only exists as long as there are
|
|
Packit Service |
9ccfef |
member rules of this group in the midcomRuleTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The table serves for listing the existing groups and
|
|
Packit Service |
9ccfef |
their remaining lifetimes and for changing lifetimes
|
|
Packit Service |
9ccfef |
of groups and implicitly of all group members.
|
|
Packit Service |
9ccfef |
Groups and all their member policy rules can only be
|
|
Packit Service |
9ccfef |
deleted by deleting all member policies in the
|
|
Packit Service |
9ccfef |
midcomRuleTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Setting midcomGroupLifetime will result in setting
|
|
Packit Service |
9ccfef |
the lifetime of all policy members to the same value."
|
|
Packit Service |
9ccfef |
::= { midcomTransaction 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomGroupEntry OBJECT-TYPE
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
SYNTAX MidcomGroupEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An entry describing properties of a particular
|
|
Packit Service |
9ccfef |
MIDCOM policy rule group."
|
|
Packit Service |
9ccfef |
INDEX { midcomRuleOwner, midcomGroupIndex }
|
|
Packit Service |
9ccfef |
::= { midcomGroupTable 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomGroupEntry ::= SEQUENCE {
|
|
Packit Service |
9ccfef |
midcomGroupIndex Unsigned32,
|
|
Packit Service |
9ccfef |
midcomGroupLifetime Unsigned32
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomGroupIndex OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32 (1..4294967295)
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The index of this group for the midcomRuleOwner.
|
|
Packit Service |
9ccfef |
A group is identified by the combination of
|
|
Packit Service |
9ccfef |
midcomRuleOwner and midcomGroupIndex.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The value of this index must be unique per
|
|
Packit Service |
9ccfef |
midcomRuleOwner."
|
|
Packit Service |
9ccfef |
::= { midcomGroupEntry 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomGroupLifetime OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
UNITS "seconds"
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"When retrieved, this object delivers the maximum
|
|
Packit Service |
9ccfef |
lifetime in seconds of all member rules of this group,
|
|
Packit Service |
9ccfef |
i.e., of all rows in the midcomRuleTable that have the
|
|
Packit Service |
9ccfef |
same values for midcomRuleOwner and midcomGroupIndex.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Successfully writing to this object modifies the
|
|
Packit Service |
9ccfef |
lifetime of all member policies. Successfully
|
|
Packit Service |
9ccfef |
writing a value of 0 terminates all member policies
|
|
Packit Service |
9ccfef |
and implicitly deletes the group as soon as all member
|
|
Packit Service |
9ccfef |
entries are removed from the midcomRuleTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that after a group's lifetime is expired or is
|
|
Packit Service |
9ccfef |
set to 0, still the corresponding entry in the
|
|
Packit Service |
9ccfef |
midcomGroupTable will exist as long as terminated
|
|
Packit Service |
9ccfef |
member policy rules are stored as entries in the
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Writing to this object is processed by the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation by choosing a lifetime value that is
|
|
Packit Service |
9ccfef |
greater than 0 and less than or equal to the minimum of
|
|
Packit Service |
9ccfef |
the requested value and the value specified by object
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime:
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
0 <= lt_granted <= MINIMUM(lt_requested, lt_maximum)
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
where:
|
|
Packit Service |
9ccfef |
- lt_granted is the actually granted lifetime by the
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementation
|
|
Packit Service |
9ccfef |
- lt_requested is the requested lifetime of the MIDCOM
|
|
Packit Service |
9ccfef |
client
|
|
Packit Service |
9ccfef |
- lt_maximum is the value of object
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
SNMP SET requests to this object may be rejected or the
|
|
Packit Service |
9ccfef |
value of the object after an accepted SET operation may be
|
|
Packit Service |
9ccfef |
less than the value that was contained in the SNMP SET
|
|
Packit Service |
9ccfef |
request."
|
|
Packit Service |
9ccfef |
::= { midcomGroupEntry 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Configuration Objects
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Configuration objects that can be used for retrieving
|
|
Packit Service |
9ccfef |
-- middlebox capability information (mandatory) and for
|
|
Packit Service |
9ccfef |
-- setting parameters of the implementation of transaction
|
|
Packit Service |
9ccfef |
-- objects (optional).
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Note that typically configuration objects are not intended
|
|
Packit Service |
9ccfef |
-- to be written by MIDCOM clients. In general, write access
|
|
Packit Service |
9ccfef |
-- to these objects needs to be restricted more strictly than
|
|
Packit Service |
9ccfef |
-- write access to transaction objects.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Capabilities subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- This subtree contains objects to which MIDCOM clients should
|
|
Packit Service |
9ccfef |
-- have read access.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
UNITS "seconds"
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"When retrieved, this object returns the maximum lifetime,
|
|
Packit Service |
9ccfef |
in seconds, that this middlebox allows policy rules to
|
|
Packit Service |
9ccfef |
have."
|
|
Packit Service |
9ccfef |
::= { midcomConfig 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigPersistentRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX TruthValue
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"When retrieved, this object returns true(1) if the
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementation can store policy rules
|
|
Packit Service |
9ccfef |
persistently. Otherwise, it returns false(2).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
A value of true(1) indicates that there may be
|
|
Packit Service |
9ccfef |
entries in the midcomRuleTable with object
|
|
Packit Service |
9ccfef |
midcomRuleStorageType set to value nonVolatile(3)."
|
|
Packit Service |
9ccfef |
::= { midcomConfig 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigIfTable OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SEQUENCE OF MidcomConfigIfEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This table indicates capabilities of the MIDCOM-MIB
|
|
Packit Service |
9ccfef |
implementation per IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The table is indexed by the object midcomConfigIfIndex.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
For indexing a single interface, this object contains
|
|
Packit Service |
9ccfef |
the value of the ifIndex object that is associated
|
|
Packit Service |
9ccfef |
with the interface. If an entry with
|
|
Packit Service |
9ccfef |
midcomConfigIfIndex = 0 occurs, then bits set in
|
|
Packit Service |
9ccfef |
objects of this entry apply to all interfaces for which
|
|
Packit Service |
9ccfef |
there is no entry in this table with the interface's
|
|
Packit Service |
9ccfef |
index."
|
|
Packit Service |
9ccfef |
::= { midcomConfig 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigIfEntry OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomConfigIfEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An entry describing the capabilities of a middlebox
|
|
Packit Service |
9ccfef |
with respect to the indexed IP interface."
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
INDEX { midcomConfigIfIndex }
|
|
Packit Service |
9ccfef |
::= { midcomConfigIfTable 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomConfigIfEntry ::= SEQUENCE {
|
|
Packit Service |
9ccfef |
midcomConfigIfIndex InterfaceIndexOrZero,
|
|
Packit Service |
9ccfef |
midcomConfigIfBits BITS,
|
|
Packit Service |
9ccfef |
midcomConfigIfEnabled TruthValue
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigIfIndex OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InterfaceIndexOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The index of an entry in the midcomConfigIfTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
For values different from zero, this object
|
|
Packit Service |
9ccfef |
identifies an IP interface by containing the same
|
|
Packit Service |
9ccfef |
value as the ifIndex object associated with the
|
|
Packit Service |
9ccfef |
interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that the index of a particular interface in the
|
|
Packit Service |
9ccfef |
ifTable may change after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, for example, after adding another interface to
|
|
Packit Service |
9ccfef |
it. In such a case, the value of this object may change,
|
|
Packit Service |
9ccfef |
but the interface referred to by the MIDCOM-MIB MUST still
|
|
Packit Service |
9ccfef |
be the same. If, after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, the interface referred to before
|
|
Packit Service |
9ccfef |
re-initialization cannot be uniquely mapped anymore to a
|
|
Packit Service |
9ccfef |
particular entry in the ifTable, then the value of object
|
|
Packit Service |
9ccfef |
midcomConfigIfEnabled of the same entry MUST be changed to
|
|
Packit Service |
9ccfef |
false(2).
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the object has a value of 0, then values
|
|
Packit Service |
9ccfef |
specified by further objects of the same entry
|
|
Packit Service |
9ccfef |
apply to all interfaces for which there is no
|
|
Packit Service |
9ccfef |
explicit entry in the midcomConfigIfTable."
|
|
Packit Service |
9ccfef |
::= { midcomConfigIfEntry 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigIfBits OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX BITS {
|
|
Packit Service |
9ccfef |
ipv4(0),
|
|
Packit Service |
9ccfef |
ipv6(1),
|
|
Packit Service |
9ccfef |
addressWildcards(2),
|
|
Packit Service |
9ccfef |
portWildcards(3),
|
|
Packit Service |
9ccfef |
firewall(4),
|
|
Packit Service |
9ccfef |
nat(5),
|
|
Packit Service |
9ccfef |
portTranslation(6),
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
protocolTranslation(7),
|
|
Packit Service |
9ccfef |
twiceNat(8),
|
|
Packit Service |
9ccfef |
inside(9)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"When retrieved, this object returns a set of bits
|
|
Packit Service |
9ccfef |
indicating the capabilities (or configuration) of
|
|
Packit Service |
9ccfef |
the middlebox with respect to the referenced IP interface.
|
|
Packit Service |
9ccfef |
If the index equals 0, then all set bits apply to all
|
|
Packit Service |
9ccfef |
interfaces.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the ipv4(0) bit is set, then the middlebox supports
|
|
Packit Service |
9ccfef |
IPv4 at the indexed IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the ipv6(1) bit is set, then the middlebox supports
|
|
Packit Service |
9ccfef |
IPv6 at the indexed IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the addressWildcards(2) bit is set, then the
|
|
Packit Service |
9ccfef |
middlebox supports IP address wildcarding at the indexed
|
|
Packit Service |
9ccfef |
IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the portWildcards(3) bit is set, then the
|
|
Packit Service |
9ccfef |
middlebox supports port wildcarding at the indexed
|
|
Packit Service |
9ccfef |
IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the firewall(4) bit is set, then the middlebox offers
|
|
Packit Service |
9ccfef |
firewall functionality at the indexed interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the nat(5) bit is set, then the middlebox offers
|
|
Packit Service |
9ccfef |
network address translation service at the indexed
|
|
Packit Service |
9ccfef |
interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the portTranslation(6) bit is set, then the middlebox
|
|
Packit Service |
9ccfef |
offers port translation service at the indexed interface.
|
|
Packit Service |
9ccfef |
This bit is only relevant if nat(5) is set.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the protocolTranslation(7) bit is set, then the
|
|
Packit Service |
9ccfef |
middlebox offers protocol translation service between
|
|
Packit Service |
9ccfef |
IPv4 and IPv6 at the indexed interface. This bit is only
|
|
Packit Service |
9ccfef |
relevant if nat(5) is set.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the twiceNat(8) bit is set, then the middlebox offers
|
|
Packit Service |
9ccfef |
twice network address translation service at the indexed
|
|
Packit Service |
9ccfef |
interface. This bit is only relevant if nat(5) is set.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the inside(9) bit is set, then the indexed interface is
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
an inside interface with respect to NAT functionality.
|
|
Packit Service |
9ccfef |
Otherwise, it is an outside interface. This bit is only
|
|
Packit Service |
9ccfef |
relevant if nat(5) is set. An SNMP agent supporting both
|
|
Packit Service |
9ccfef |
the MIDCOM-MIB module and the NAT-MIB module SHOULD ensure
|
|
Packit Service |
9ccfef |
that the value of this object is consistent with the values
|
|
Packit Service |
9ccfef |
of corresponding objects in the NAT-MIB module."
|
|
Packit Service |
9ccfef |
::= { midcomConfigIfEntry 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigIfEnabled OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX TruthValue
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The value of this object indicates the availability of
|
|
Packit Service |
9ccfef |
the middlebox service described by midcomConfigIfBits
|
|
Packit Service |
9ccfef |
at the indexed IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
By writing to this object, the MIDCOM support for the
|
|
Packit Service |
9ccfef |
entire IP interface can be switched on or off. Setting
|
|
Packit Service |
9ccfef |
this object to false(2) immediately stops middlebox
|
|
Packit Service |
9ccfef |
support at the indexed IP interface. This implies that
|
|
Packit Service |
9ccfef |
all policy rules that use NAT or firewall resources at
|
|
Packit Service |
9ccfef |
the indexed IP interface are terminated immediately.
|
|
Packit Service |
9ccfef |
In this case, the MIDCOM agent MUST send
|
|
Packit Service |
9ccfef |
midcomUnsolicitedRuleEvent to all MIDCOM clients that
|
|
Packit Service |
9ccfef |
have access to one of the terminated rules."
|
|
Packit Service |
9ccfef |
DEFVAL { true }
|
|
Packit Service |
9ccfef |
::= { midcomConfigIfEntry 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Firewall subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- This subtree contains the firewall configuration table
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallTable OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SEQUENCE OF MidcomConfigFirewallEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This table lists the firewall configuration per IP interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
It can be used for configuring how policy rules created by
|
|
Packit Service |
9ccfef |
MIDCOM clients are realized as firewall rules of a firewall
|
|
Packit Service |
9ccfef |
implementation. Particularly, the priority used for MIDCOM
|
|
Packit Service |
9ccfef |
policy rules can be configured. For a single firewall
|
|
Packit Service |
9ccfef |
implementation at a particular IP interface, all MIDCOM
|
|
Packit Service |
9ccfef |
policy rules are realized as firewall rules with the same
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
priority. Also, a firewall rule group name can be
|
|
Packit Service |
9ccfef |
configured.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The table is indexed by the object midcomConfigFirewallIndex.
|
|
Packit Service |
9ccfef |
For indexing a single interface, this object contains the
|
|
Packit Service |
9ccfef |
value of the ifIndex object that is associated with the
|
|
Packit Service |
9ccfef |
interface. If an entry with midcomConfigFirewallIndex = 0
|
|
Packit Service |
9ccfef |
occurs, then bits set in objects of this entry apply to all
|
|
Packit Service |
9ccfef |
interfaces for which there is no entry in this table for the
|
|
Packit Service |
9ccfef |
interface's index."
|
|
Packit Service |
9ccfef |
::= { midcomConfig 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallEntry OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomConfigFirewallEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An entry describing a particular set of
|
|
Packit Service |
9ccfef |
firewall resources."
|
|
Packit Service |
9ccfef |
INDEX { midcomConfigFirewallIndex }
|
|
Packit Service |
9ccfef |
::= { midcomConfigFirewallTable 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomConfigFirewallEntry ::= SEQUENCE {
|
|
Packit Service |
9ccfef |
midcomConfigFirewallIndex InterfaceIndexOrZero,
|
|
Packit Service |
9ccfef |
midcomConfigFirewallGroupId SnmpAdminString,
|
|
Packit Service |
9ccfef |
midcomConfigFirewallPriority Unsigned32
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallIndex OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX InterfaceIndexOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The index of an entry in the midcomConfigFirewallTable.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
For values different from 0, this object identifies an
|
|
Packit Service |
9ccfef |
IP interface by containing the same value as the ifIndex
|
|
Packit Service |
9ccfef |
object associated with the interface.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that the index of a particular interface in the
|
|
Packit Service |
9ccfef |
ifTable may change after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, for example, after adding another interface to
|
|
Packit Service |
9ccfef |
it. In such a case, the value of this object may change,
|
|
Packit Service |
9ccfef |
but the interface referred to by the MIDCOM-MIB MUST still
|
|
Packit Service |
9ccfef |
be the same. If, after a re-initialization of the
|
|
Packit Service |
9ccfef |
middlebox, the interface referred to before
|
|
Packit Service |
9ccfef |
re-initialization cannot be uniquely mapped anymore to a
|
|
Packit Service |
9ccfef |
particular entry in the ifTable, then the entry in the
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallTable MUST be deleted.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the object has a value of 0, then values specified by
|
|
Packit Service |
9ccfef |
further objects of the same entry apply to all interfaces
|
|
Packit Service |
9ccfef |
for which there is no explicit entry in the
|
|
Packit Service |
9ccfef |
midcomConfigFirewallTable."
|
|
Packit Service |
9ccfef |
::= { midcomConfigFirewallEntry 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallGroupId OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SnmpAdminString
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The firewall rule group to which all firewall rules are
|
|
Packit Service |
9ccfef |
assigned that the MIDCOM server creates for the interface
|
|
Packit Service |
9ccfef |
indicated by object midcomConfigFirewallIndex. If the
|
|
Packit Service |
9ccfef |
value of object midcomConfigFirewallIndex is 0, then all
|
|
Packit Service |
9ccfef |
firewall rules of the MIDCOM server that are created for
|
|
Packit Service |
9ccfef |
interfaces with no specific entry in the
|
|
Packit Service |
9ccfef |
midcomConfigFirewallTable are assigned to the firewall
|
|
Packit Service |
9ccfef |
rule group indicated by the value of this object."
|
|
Packit Service |
9ccfef |
::= { midcomConfigFirewallEntry 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallPriority OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-write
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The priority assigned to all firewall rules that the
|
|
Packit Service |
9ccfef |
MIDCOM server creates for the interface indicated by
|
|
Packit Service |
9ccfef |
object midcomConfigFirewallIndex. If the value of object
|
|
Packit Service |
9ccfef |
midcomConfigFirewallIndex is 0, then this priority is
|
|
Packit Service |
9ccfef |
assigned to all firewall rules of the MIDCOM server that
|
|
Packit Service |
9ccfef |
are created for interfaces for which there is no specific
|
|
Packit Service |
9ccfef |
entry in the midcomConfigFirewallTable."
|
|
Packit Service |
9ccfef |
::= { midcomConfigFirewallEntry 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Monitoring Objects
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Monitoring objects are structured into two groups,
|
|
Packit Service |
9ccfef |
-- the midcomResourceGroup providing information about used
|
|
Packit Service |
9ccfef |
-- resources and the midcomStatisticsGroup providing information
|
|
Packit Service |
9ccfef |
-- about MIDCOM transaction statistics.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Resources subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- The MIDCOM resources subtree contains a set of managed
|
|
Packit Service |
9ccfef |
-- objects describing the currently used resources of NAT
|
|
Packit Service |
9ccfef |
-- and firewall implementations.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Textual conventions for objects of the resource subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomNatBindMode ::= TEXTUAL-CONVENTION
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An indicator of the kind of NAT resources used by a policy
|
|
Packit Service |
9ccfef |
rule. This definition corresponds to the definition of
|
|
Packit Service |
9ccfef |
NatBindMode in the NAT-MIB (RFC 4008). Value none(3) can
|
|
Packit Service |
9ccfef |
be used to indicate that the policy rule does not use
|
|
Packit Service |
9ccfef |
any NAT binding.
|
|
Packit Service |
9ccfef |
"
|
|
Packit Service |
9ccfef |
SYNTAX INTEGER {
|
|
Packit Service |
9ccfef |
addressBind(1),
|
|
Packit Service |
9ccfef |
addressPortBind(2),
|
|
Packit Service |
9ccfef |
none(3)
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomNatSessionIdOrZero ::= TEXTUAL-CONVENTION
|
|
Packit Service |
9ccfef |
DISPLAY-HINT "d"
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A unique ID that is assigned to each NAT session by
|
|
Packit Service |
9ccfef |
a NAT implementation. This definition corresponds to
|
|
Packit Service |
9ccfef |
the definition of NatSessionId in the NAT-MIB (RFC 4008).
|
|
Packit Service |
9ccfef |
Value 0 can be used to indicate that the policy rule does
|
|
Packit Service |
9ccfef |
not use any NAT binding."
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- The MIDCOM resource table
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomResourceTable OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX SEQUENCE OF MidcomResourceEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This table lists all used middlebox resources per
|
|
Packit Service |
9ccfef |
MIDCOM policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
The midcomResourceTable augments the
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleTable."
|
|
Packit Service |
9ccfef |
::= { midcomMonitoring 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomResourceEntry OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomResourceEntry
|
|
Packit Service |
9ccfef |
MAX-ACCESS not-accessible
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An entry describing a particular set of middlebox
|
|
Packit Service |
9ccfef |
resources."
|
|
Packit Service |
9ccfef |
AUGMENTS { midcomRuleEntry }
|
|
Packit Service |
9ccfef |
::= { midcomResourceTable 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MidcomResourceEntry ::= SEQUENCE {
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindMode MidcomNatBindMode,
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindId NatBindIdOrZero,
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindMode MidcomNatBindMode,
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindId NatBindIdOrZero,
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId1 MidcomNatSessionIdOrZero,
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId2 MidcomNatSessionIdOrZero,
|
|
Packit Service |
9ccfef |
midcomRscFirewallRuleId Unsigned32
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindMode OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomNatBindMode
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An indication of whether this policy rule uses an address
|
|
Packit Service |
9ccfef |
NAT bind or an address-port NAT bind for binding the
|
|
Packit Service |
9ccfef |
internal address.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the MIDCOM-MIB module is operated together with
|
|
Packit Service |
9ccfef |
the NAT-MIB module (RFC 4008) then object
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindMode contains the same
|
|
Packit Service |
9ccfef |
value as the corresponding object
|
|
Packit Service |
9ccfef |
natSessionPrivateSrcEPBindMode of the NAT-MIB module."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindId OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX NatBindIdOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object references to the allocated internal NAT
|
|
Packit Service |
9ccfef |
bind that is used by this policy rule. A NAT bind
|
|
Packit Service |
9ccfef |
describes the mapping of internal addresses to
|
|
Packit Service |
9ccfef |
outside addresses. MIDCOM-MIB implementations can
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
read this object to learn the corresponding NAT bind
|
|
Packit Service |
9ccfef |
resource for this particular policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the MIDCOM-MIB module is operated together with
|
|
Packit Service |
9ccfef |
the NAT-MIB module (RFC 4008) then object
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindId contains the same
|
|
Packit Service |
9ccfef |
value as the corresponding object
|
|
Packit Service |
9ccfef |
natSessionPrivateSrcEPBindId of the NAT-MIB module."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 5 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindMode OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomNatBindMode
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"An indication of whether this policy rule uses an address
|
|
Packit Service |
9ccfef |
NAT bind or an address-port NAT bind for binding the
|
|
Packit Service |
9ccfef |
external address.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the MIDCOM-MIB module is operated together with
|
|
Packit Service |
9ccfef |
the NAT-MIB module (RFC 4008), then object
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindMode contains the same
|
|
Packit Service |
9ccfef |
value as the corresponding object
|
|
Packit Service |
9ccfef |
natSessionPrivateDstEPBindMode of the NAT-MIB module."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 6 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindId OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX NatBindIdOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object refers to the allocated external NAT
|
|
Packit Service |
9ccfef |
bind that is used by this policy rule. A NAT bind
|
|
Packit Service |
9ccfef |
describes the mapping of external addresses to
|
|
Packit Service |
9ccfef |
inside addresses. MIDCOM-MIB implementations can
|
|
Packit Service |
9ccfef |
read this object to learn the corresponding NAT bind
|
|
Packit Service |
9ccfef |
resource for this particular policy rule.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
If the MIDCOM-MIB module is operated together with the
|
|
Packit Service |
9ccfef |
NAT-MIB module (RFC 4008), then object
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindId contains the same
|
|
Packit Service |
9ccfef |
value as the corresponding object
|
|
Packit Service |
9ccfef |
natSessionPrivateDstEPBindId of the NAT-MIB module."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 7 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId1 OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomNatSessionIdOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object refers to the first allocated NAT session for
|
|
Packit Service |
9ccfef |
this policy rule. MIDCOM-MIB implementations can read this
|
|
Packit Service |
9ccfef |
object to learn whether or not a NAT session for a
|
|
Packit Service |
9ccfef |
particular policy rule is used. A value of 0 means that no
|
|
Packit Service |
9ccfef |
NAT session is allocated for this policy rule. A value
|
|
Packit Service |
9ccfef |
other than 0 refers to the NAT session."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 8 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId2 OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX MidcomNatSessionIdOrZero
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object refers to the second allocated NAT session for
|
|
Packit Service |
9ccfef |
this policy rule. MIDCOM-MIB implementations can read this
|
|
Packit Service |
9ccfef |
object to learn whether or not a NAT session for a
|
|
Packit Service |
9ccfef |
particular policy rule is used. A value of 0 means that no
|
|
Packit Service |
9ccfef |
NAT session is allocated for this policy rule. A value
|
|
Packit Service |
9ccfef |
other than 0 refers to the NAT session."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 9 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscFirewallRuleId OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Unsigned32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This object refers to the allocated firewall
|
|
Packit Service |
9ccfef |
rule in the firewall engine for this policy rule.
|
|
Packit Service |
9ccfef |
MIDCOM-MIB implementations can read this value to
|
|
Packit Service |
9ccfef |
learn whether a firewall rule for this particular
|
|
Packit Service |
9ccfef |
policy rule is used or not. A value of 0 means that
|
|
Packit Service |
9ccfef |
no firewall rule is allocated for this policy rule.
|
|
Packit Service |
9ccfef |
A value other than 0 refers to the firewall rule
|
|
Packit Service |
9ccfef |
number within the firewall engine."
|
|
Packit Service |
9ccfef |
::= { midcomResourceEntry 10 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Statistics subtree
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- The MIDCOM statistics subtree contains a set of managed
|
|
Packit Service |
9ccfef |
-- objects providing statistics about the usage of transaction
|
|
Packit Service |
9ccfef |
-- objects.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomStatistics OBJECT IDENTIFIER ::= { midcomMonitoring 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCurrentOwners OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Gauge32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The number of different values for midcomRuleOwner
|
|
Packit Service |
9ccfef |
for all current entries in the midcomRuleTable."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalRejectedRuleEntries OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of failed attempts to create an entry
|
|
Packit Service |
9ccfef |
in the midcomRuleTable."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCurrentRulesIncomplete OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Gauge32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The current number of policy rules that are incomplete.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Policy rules are loaded via row entries in the
|
|
Packit Service |
9ccfef |
midcomRuleTable. This object counts policy rules that are
|
|
Packit Service |
9ccfef |
loaded but not fully specified, i.e., they are in state
|
|
Packit Service |
9ccfef |
newEntry(1) or setting(2)."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalIncorrectReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy reserve rules that failed
|
|
Packit Service |
9ccfef |
parameter check and entered state incorrectRequest(4)."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalRejectedReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy reserve rules that failed
|
|
Packit Service |
9ccfef |
while being processed and entered state requestRejected(6)."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 5 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCurrentActiveReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Gauge32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The number of currently active policy reserve rules."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 6 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalExpiredReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of expired policy reserve rules
|
|
Packit Service |
9ccfef |
(entered termination state timedOut(9))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 7 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedOnRqReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy reserve rules that were
|
|
Packit Service |
9ccfef |
terminated on request (entered termination state
|
|
Packit Service |
9ccfef |
terminatedOnRequest(10))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 8 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedReserveRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy reserve rules that were
|
|
Packit Service |
9ccfef |
terminated, but not on request (entered termination state
|
|
Packit Service |
9ccfef |
terminated(11))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 9 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalIncorrectEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy enable rules that failed
|
|
Packit Service |
9ccfef |
parameter check and entered state incorrectRequest(4)."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 10 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalRejectedEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy enable rules that failed
|
|
Packit Service |
9ccfef |
while being processed and entered state requestRejected(6)."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 11 }
|
|
Packit Service |
9ccfef |
midcomCurrentActiveEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Gauge32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The number of currently active policy enable rules."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 12 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalExpiredEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of expired policy enable rules
|
|
Packit Service |
9ccfef |
(entered termination state timedOut(9))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 13 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedOnRqEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy enable rules that were
|
|
Packit Service |
9ccfef |
terminated on request (entered termination state
|
|
Packit Service |
9ccfef |
terminatedOnRequest(10))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 14 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedEnableRules OBJECT-TYPE
|
|
Packit Service |
9ccfef |
SYNTAX Counter32
|
|
Packit Service |
9ccfef |
MAX-ACCESS read-only
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The total number of policy enable rules that were
|
|
Packit Service |
9ccfef |
terminated, but not on request (entered termination state
|
|
Packit Service |
9ccfef |
terminated(11))."
|
|
Packit Service |
9ccfef |
::= { midcomStatistics 15 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Notifications.
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomUnsolicitedRuleEvent NOTIFICATION-TYPE
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
OBJECTS { midcomRuleOperStatus, midcomRuleLifetime }
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This notification is generated whenever the value of
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus enters any error state or any
|
|
Packit Service |
9ccfef |
termination state without an explicit trigger by a
|
|
Packit Service |
9ccfef |
MIDCOM client."
|
|
Packit Service |
9ccfef |
::= { midcomNotifications 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomSolicitedRuleEvent NOTIFICATION-TYPE
|
|
Packit Service |
9ccfef |
OBJECTS { midcomRuleOperStatus, midcomRuleLifetime }
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This notification is generated whenever the value
|
|
Packit Service |
9ccfef |
of midcomRuleOperStatus enters one of the states
|
|
Packit Service |
9ccfef |
{reserved, enabled, any error state, any termination state}
|
|
Packit Service |
9ccfef |
as a result of a MIDCOM agent writing successfully to
|
|
Packit Service |
9ccfef |
object midcomRuleAdminStatus.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
In addition, it is generated when the lifetime of
|
|
Packit Service |
9ccfef |
a rule was changed by successfully writing to object
|
|
Packit Service |
9ccfef |
midcomRuleLifetime."
|
|
Packit Service |
9ccfef |
::= { midcomNotifications 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomSolicitedGroupEvent NOTIFICATION-TYPE
|
|
Packit Service |
9ccfef |
OBJECTS { midcomGroupLifetime }
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"This notification is generated for indicating that the
|
|
Packit Service |
9ccfef |
lifetime of all member rules of the group was changed by
|
|
Packit Service |
9ccfef |
successfully writing to object midcomGroupLifetime.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that this notification is only sent if the lifetime
|
|
Packit Service |
9ccfef |
of a group was changed by successfully writing to object
|
|
Packit Service |
9ccfef |
midcomGroupLifetime. No notification is sent
|
|
Packit Service |
9ccfef |
- if a group's lifetime is changed by writing to object
|
|
Packit Service |
9ccfef |
midcomRuleLifetime of any of its member policies,
|
|
Packit Service |
9ccfef |
- if a group's lifetime expires (in this case,
|
|
Packit Service |
9ccfef |
notifications are sent for all member policies), or
|
|
Packit Service |
9ccfef |
- if the group is terminated by terminating the last
|
|
Packit Service |
9ccfef |
of its member policies without writing to object
|
|
Packit Service |
9ccfef |
midcomGroupLifetime."
|
|
Packit Service |
9ccfef |
::= { midcomNotifications 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- Conformance information
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCompliances OBJECT IDENTIFIER ::= { midcomConformance 1 }
|
|
Packit Service |
9ccfef |
midcomGroups OBJECT IDENTIFIER ::= { midcomConformance 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
-- compliance statements
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
-- This is the MIDCOM compliance definition ...
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
--
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCompliance MODULE-COMPLIANCE
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The compliance statement for implementations of the
|
|
Packit Service |
9ccfef |
MIDCOM-MIB module.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
Note that compliance with this compliance
|
|
Packit Service |
9ccfef |
statement requires compliance with the
|
|
Packit Service |
9ccfef |
ifCompliance3 MODULE-COMPLIANCE statement of the
|
|
Packit Service |
9ccfef |
IF-MIB [RFC2863]."
|
|
Packit Service |
9ccfef |
MODULE -- this module
|
|
Packit Service |
9ccfef |
MANDATORY-GROUPS {
|
|
Packit Service |
9ccfef |
midcomRuleGroup,
|
|
Packit Service |
9ccfef |
midcomNotificationsGroup,
|
|
Packit Service |
9ccfef |
midcomCapabilitiesGroup,
|
|
Packit Service |
9ccfef |
midcomStatisticsGroup
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
GROUP midcomConfigFirewallGroup
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A compliant implementation does not have to implement
|
|
Packit Service |
9ccfef |
the midcomConfigFirewallGroup."
|
|
Packit Service |
9ccfef |
GROUP midcomResourceGroup
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A compliant implementation does not have to implement
|
|
Packit Service |
9ccfef |
the midcomResourceGroup."
|
|
Packit Service |
9ccfef |
OBJECT midcomRuleInternalIpPrefixLength
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required. When write access is
|
|
Packit Service |
9ccfef |
not supported, return 128 as the value of this object.
|
|
Packit Service |
9ccfef |
A value of 128 means that the function represented by
|
|
Packit Service |
9ccfef |
this option is not supported."
|
|
Packit Service |
9ccfef |
OBJECT midcomRuleExternalIpPrefixLength
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required. When write access is
|
|
Packit Service |
9ccfef |
not supported, return 128 as the value of this object.
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
A value of 128 means that the function represented by
|
|
Packit Service |
9ccfef |
this option is not supported."
|
|
Packit Service |
9ccfef |
OBJECT midcomRuleMaxIdleTime
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required. When write access is
|
|
Packit Service |
9ccfef |
not supported, return 0 as the value of this object.
|
|
Packit Service |
9ccfef |
A value of 0 means that the function represented by
|
|
Packit Service |
9ccfef |
this option is not supported."
|
|
Packit Service |
9ccfef |
OBJECT midcomRuleInterface
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
OBJECT midcomConfigMaxLifetime
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
OBJECT midcomConfigPersistentRules
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
OBJECT midcomConfigIfEnabled
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
OBJECT midcomConfigFirewallGroupId
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
OBJECT midcomConfigFirewallPriority
|
|
Packit Service |
9ccfef |
MIN-ACCESS read-only
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"Write access is not required."
|
|
Packit Service |
9ccfef |
::= { midcomCompliances 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleGroup OBJECT-GROUP
|
|
Packit Service |
9ccfef |
OBJECTS {
|
|
Packit Service |
9ccfef |
midcomRuleAdminStatus,
|
|
Packit Service |
9ccfef |
midcomRuleOperStatus,
|
|
Packit Service |
9ccfef |
midcomRuleStorageType,
|
|
Packit Service |
9ccfef |
midcomRuleStorageTime,
|
|
Packit Service |
9ccfef |
midcomRuleError,
|
|
Packit Service |
9ccfef |
midcomRuleInterface,
|
|
Packit Service |
9ccfef |
midcomRuleFlowDirection,
|
|
Packit Service |
9ccfef |
midcomRuleMaxIdleTime,
|
|
Packit Service |
9ccfef |
midcomRuleTransportProtocol,
|
|
Packit Service |
9ccfef |
midcomRulePortRange,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpVersion,
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpVersion,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpAddr,
|
|
Packit Service |
9ccfef |
midcomRuleInternalIpPrefixLength,
|
|
Packit Service |
9ccfef |
midcomRuleInternalPort,
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpAddr,
|
|
Packit Service |
9ccfef |
midcomRuleExternalIpPrefixLength,
|
|
Packit Service |
9ccfef |
midcomRuleExternalPort,
|
|
Packit Service |
9ccfef |
midcomRuleInsideIpAddr,
|
|
Packit Service |
9ccfef |
midcomRuleInsidePort,
|
|
Packit Service |
9ccfef |
midcomRuleOutsideIpAddr,
|
|
Packit Service |
9ccfef |
midcomRuleOutsidePort,
|
|
Packit Service |
9ccfef |
midcomRuleLifetime,
|
|
Packit Service |
9ccfef |
midcomRuleRowStatus,
|
|
Packit Service |
9ccfef |
midcomGroupLifetime
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A collection of objects providing information about
|
|
Packit Service |
9ccfef |
policy rules and policy rule groups."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 1 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomCapabilitiesGroup OBJECT-GROUP
|
|
Packit Service |
9ccfef |
OBJECTS {
|
|
Packit Service |
9ccfef |
midcomConfigMaxLifetime,
|
|
Packit Service |
9ccfef |
midcomConfigPersistentRules,
|
|
Packit Service |
9ccfef |
midcomConfigIfBits,
|
|
Packit Service |
9ccfef |
midcomConfigIfEnabled
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A collection of objects providing information about
|
|
Packit Service |
9ccfef |
the capabilities of a middlebox."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 2 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomConfigFirewallGroup OBJECT-GROUP
|
|
Packit Service |
9ccfef |
OBJECTS {
|
|
Packit Service |
9ccfef |
midcomConfigFirewallGroupId,
|
|
Packit Service |
9ccfef |
midcomConfigFirewallPriority
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A collection of objects providing information about
|
|
Packit Service |
9ccfef |
the firewall rule group and firewall rule priority to
|
|
Packit Service |
9ccfef |
be used by firewalls loaded through MIDCOM."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 3 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomResourceGroup OBJECT-GROUP
|
|
Packit Service |
9ccfef |
OBJECTS {
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindMode,
|
|
Packit Service |
9ccfef |
midcomRscNatInternalAddrBindId,
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindMode,
|
|
Packit Service |
9ccfef |
midcomRscNatInsideAddrBindId,
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId1,
|
|
Packit Service |
9ccfef |
midcomRscNatSessionId2,
|
|
Packit Service |
9ccfef |
midcomRscFirewallRuleId
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A collection of objects providing information about
|
|
Packit Service |
9ccfef |
the used NAT and firewall resources."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 4 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomStatisticsGroup OBJECT-GROUP
|
|
Packit Service |
9ccfef |
OBJECTS {
|
|
Packit Service |
9ccfef |
midcomCurrentOwners,
|
|
Packit Service |
9ccfef |
midcomTotalRejectedRuleEntries,
|
|
Packit Service |
9ccfef |
midcomCurrentRulesIncomplete,
|
|
Packit Service |
9ccfef |
midcomTotalIncorrectReserveRules,
|
|
Packit Service |
9ccfef |
midcomTotalRejectedReserveRules,
|
|
Packit Service |
9ccfef |
midcomCurrentActiveReserveRules,
|
|
Packit Service |
9ccfef |
midcomTotalExpiredReserveRules,
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedOnRqReserveRules,
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedReserveRules,
|
|
Packit Service |
9ccfef |
midcomTotalIncorrectEnableRules,
|
|
Packit Service |
9ccfef |
midcomTotalRejectedEnableRules,
|
|
Packit Service |
9ccfef |
midcomCurrentActiveEnableRules,
|
|
Packit Service |
9ccfef |
midcomTotalExpiredEnableRules,
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedOnRqEnableRules,
|
|
Packit Service |
9ccfef |
midcomTotalTerminatedEnableRules
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"A collection of objects providing statistical
|
|
Packit Service |
9ccfef |
information about the MIDCOM server."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 5 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
midcomNotificationsGroup NOTIFICATION-GROUP
|
|
Packit Service |
9ccfef |
NOTIFICATIONS {
|
|
Packit Service |
9ccfef |
midcomUnsolicitedRuleEvent,
|
|
Packit Service |
9ccfef |
midcomSolicitedRuleEvent,
|
|
Packit Service |
9ccfef |
midcomSolicitedGroupEvent
|
|
Packit Service |
9ccfef |
}
|
|
Packit Service |
9ccfef |
STATUS current
|
|
Packit Service |
9ccfef |
DESCRIPTION
|
|
Packit Service |
9ccfef |
"The notifications emitted by the midcomMIB."
|
|
Packit Service |
9ccfef |
::= { midcomGroups 6 }
|
|
Packit Service |
9ccfef |
|
|
Packit Service |
9ccfef |
END
|