source-git / libsmi

Clone
Source Code
GIT

Blame mibs/tubs/TUBS-IBR-LINUX-NETFILTER-MIB

c8 c8s master
  1.   c8
  2.   mibs
  3.   tubs
  4.   TUBS-IBR-LINUX-NETFILTER-MIB
Blob History Raw
Packit 022b05 
TUBS-IBR-LINUX-NETFILTER-MIB DEFINITIONS ::= BEGIN
Packit 022b05
Packit 022b05 
-- @(#) $Id: TUBS-IBR-LINUX-NETFILTER-MIB,v 1.7 2002/08/26 16:46:14 wellnitz Exp $
Packit 022b05
Packit 022b05 
IMPORTS
Packit 022b05 
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Packit 022b05 
    Unsigned32, Counter64
Packit 022b05 
        FROM SNMPv2-SMI
Packit 022b05 
    TEXTUAL-CONVENTION, TruthValue, StorageType, RowStatus, TimeStamp
Packit 022b05 
        FROM SNMPv2-TC
Packit 022b05 
    MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
Packit 022b05 
        FROM SNMPv2-CONF
Packit 022b05 
    SnmpAdminString
Packit 022b05 
        FROM SNMP-FRAMEWORK-MIB
Packit 022b05 
    InetAddressType, InetAddress, InetAddressPrefixLength
Packit 022b05 
        FROM INET-ADDRESS-MIB
Packit 022b05 
    ibr
Packit 022b05 
        FROM TUBS-SMI;
Packit 022b05
Packit 022b05 
lnfMIB MODULE-IDENTITY
Packit 022b05 
    LAST-UPDATED "200207230000Z"
Packit 022b05 
    ORGANIZATION "TU Braunschweig"
Packit 022b05 
    CONTACT-INFO
Packit 022b05 
        "Frank Strauss, Oliver Wellnitz
Packit 022b05 
         TU Braunschweig
Packit 022b05 
         Muehlenpfordtstrasse 23
Packit 022b05 
         38106 Braunschweig
Packit 022b05 
         Germany
Packit 022b05
Packit 022b05 
         Tel: +49 531 391 3283
Packit 022b05 
         Fax: +49 531 391 5936
Packit 022b05 
         E-mail: {strauss,wellnitz}@ibr.cs.tu-bs.de"
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "Experimental MIB module for the Linux 2.4 netfilter
Packit 022b05 
         subsystem."
Packit 022b05 
    REVISION    "200207260000Z"
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The initial revision of this module. This revision does
Packit 022b05 
         not cover any match extensions and target extensions."
Packit 022b05 
    ::= { ibr 13 }
Packit 022b05
Packit 022b05 
--
Packit 022b05 
-- The various groups defined within this MIB module:
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfObjects     OBJECT IDENTIFIER ::= { lnfMIB 1 }
Packit 022b05
Packit 022b05 
lnfTraps       OBJECT IDENTIFIER ::= { lnfMIB 2 }
Packit 022b05
Packit 022b05 
lnfConformance OBJECT IDENTIFIER ::= { lnfMIB 3 }
Packit 022b05
Packit 022b05 
--
Packit 022b05 
-- Textual Conventions:
Packit 022b05 
--
Packit 022b05
Packit 022b05 
LnfTarget ::= TEXTUAL-CONVENTION
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This data type represents an action that is about to
Packit 022b05 
         be applied to a packet.
Packit 022b05
Packit 022b05 
         none(1):   No action, except increasing counters.
Packit 022b05
Packit 022b05 
         other(2):  An unknown extension action which cannot
Packit 022b05 
                    be described by the values specified below.
Packit 022b05
Packit 022b05 
         drop(3):   Drop the packet on the floor.
Packit 022b05
Packit 022b05 
         accept(4): Let the packet through.
Packit 022b05
Packit 022b05 
         queue(5):  Pass the packet to userspace.
Packit 022b05
Packit 022b05 
         return(6): Stop traversing this chain and resume at the
Packit 022b05 
                    next rule in the previous (calling) chain.
Packit 022b05
Packit 022b05 
         chain(7):  Jump to the user chain specified by a
Packit 022b05 
                    related object.
Packit 022b05 
        "
Packit 022b05 
    SYNTAX      INTEGER {
Packit 022b05 
                    none(1),
Packit 022b05 
                    other(2),
Packit 022b05 
                    drop(3),
Packit 022b05 
                    accept(4),
Packit 022b05 
                    queue(5),
Packit 022b05 
                    return(6),
Packit 022b05 
                    chain(7)
Packit 022b05 
                }
Packit 022b05
Packit 022b05 
--
Packit 022b05 
-- Object definitions:
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfLastChange OBJECT-TYPE
Packit 022b05 
    SYNTAX      TimeStamp
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
       "The time of the last netfilter configuration change of any kind,
Packit 022b05 
	including any creation, deletion or modification of any table of this
Packit 022b05 
	MIB."
Packit 022b05 
    ::= { lnfObjects 1 }
Packit 022b05
Packit 022b05 
lnfTableTable OBJECT-TYPE
Packit 022b05 
    SYNTAX      SEQUENCE OF LnfTableEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A list of all tables installed on the netfilter subsystem."
Packit 022b05 
    ::= { lnfObjects 2 }
Packit 022b05
Packit 022b05 
lnfTableEntry OBJECT-TYPE
Packit 022b05 
    SYNTAX      LnfTableEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "An entry describing a particular netfilter table."
Packit 022b05 
    INDEX   { lnfTableAddressType, lnfTableName }
Packit 022b05 
    ::= { lnfTableTable 1 }
Packit 022b05
Packit 022b05 
LnfTableEntry ::=
Packit 022b05 
    SEQUENCE {
Packit 022b05 
        lnfTableAddressType                   InetAddressType,
Packit 022b05 
        lnfTableName                          SnmpAdminString,
Packit 022b05 
        lnfTableLastChange                    TimeStamp
Packit 022b05 
    }
Packit 022b05
Packit 022b05 
lnfTableAddressType OBJECT-TYPE
Packit 022b05 
    SYNTAX      InetAddressType { ipv4(1), ipv6(2) }
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The address type for which the netfilter table works."
Packit 022b05 
    ::= { lnfTableEntry 1 }
Packit 022b05
Packit 022b05 
lnfTableName OBJECT-TYPE
Packit 022b05 
    SYNTAX      SnmpAdminString (SIZE (0..32))
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The name of the netfilter table."
Packit 022b05 
    ::= { lnfTableEntry 2 }
Packit 022b05
Packit 022b05 
lnfTableLastChange OBJECT-TYPE
Packit 022b05 
    SYNTAX      TimeStamp
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
       "The time of the last modification of this netfilter
Packit 022b05 
	table, including the creation or deletion of a netfilter
Packit 022b05 
	chain that belongs to this table."
Packit 022b05 
    ::= { lnfTableEntry 3 }
Packit 022b05
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfChainTable OBJECT-TYPE
Packit 022b05 
    SYNTAX      SEQUENCE OF LnfChainEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A list of all chains installed on the netfilter
Packit 022b05 
        subsystem."
Packit 022b05 
    ::= { lnfObjects 3 }
Packit 022b05
Packit 022b05 
lnfChainEntry OBJECT-TYPE
Packit 022b05 
    SYNTAX      LnfChainEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "An entry describing a particular netfilter chain."
Packit 022b05 
    INDEX   { lnfTableAddressType, lnfTableName, lnfChainName }
Packit 022b05 
    ::= { lnfChainTable 1 }
Packit 022b05
Packit 022b05 
LnfChainEntry ::=
Packit 022b05 
    SEQUENCE {
Packit 022b05 
        lnfChainName                          SnmpAdminString,
Packit 022b05 
        lnfChainPackets                       Counter64,
Packit 022b05 
        lnfChainOctets                        Counter64,
Packit 022b05 
        lnfChainTarget                        LnfTarget,
Packit 022b05 
        lnfChainLastChange                    TimeStamp,
Packit 022b05 
        lnfChainStorage                       StorageType,
Packit 022b05 
        lnfChainStatus                        RowStatus
Packit 022b05 
    }
Packit 022b05
Packit 022b05 
lnfChainName OBJECT-TYPE
Packit 022b05 
    SYNTAX      SnmpAdminString (SIZE (0..32))
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The netfilter chain to which the rule belongs."
Packit 022b05 
    ::= { lnfChainEntry 1 }
Packit 022b05
Packit 022b05 
lnfChainPackets OBJECT-TYPE
Packit 022b05 
    SYNTAX      Counter64
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The number of packets that passed this chain since
Packit 022b05 
         the rule was installed or reset."
Packit 022b05 
    ::= { lnfChainEntry 2 }
Packit 022b05
Packit 022b05 
lnfChainOctets OBJECT-TYPE
Packit 022b05 
    SYNTAX      Counter64
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The number of octets that passed this chain since
Packit 022b05 
         the chain was installed or reset."
Packit 022b05 
    ::= { lnfChainEntry 3 }
Packit 022b05
Packit 022b05 
lnfChainTarget OBJECT-TYPE
Packit 022b05 
    SYNTAX      LnfTarget { drop(3), accept(4), return(6) }
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The action that shall be applied to a packet if no rule
Packit 022b05 
         within the chain matches. Note that user-defined chains
Packit 022b05 
         only allow return(6)."
Packit 022b05 
    DEFVAL      { return }
Packit 022b05 
    ::= { lnfChainEntry 4 }
Packit 022b05
Packit 022b05 
lnfChainLastChange OBJECT-TYPE
Packit 022b05 
    SYNTAX      TimeStamp
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
       "The time of the last modification of this netfilter
Packit 022b05 
	chain, including the creation or deletion of a netfilter
Packit 022b05 
	rule that belongs to this chain."
Packit 022b05 
    ::= { lnfChainEntry 5 }
Packit 022b05
Packit 022b05 
lnfChainStorage OBJECT-TYPE
Packit 022b05 
    SYNTAX      StorageType
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This object defines whether this row is kept in
Packit 022b05 
         volatile storage and lost upon reboot or whether it
Packit 022b05 
         is backed up by stable storage or builtin."
Packit 022b05 
    ::= { lnfChainEntry 6 }
Packit 022b05
Packit 022b05 
lnfChainStatus OBJECT-TYPE
Packit 022b05 
    SYNTAX      RowStatus
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This object is used to create and delete rows in the
Packit 022b05 
         lnfChainTable."
Packit 022b05 
    ::= { lnfChainEntry 7 }
Packit 022b05
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfRuleTable OBJECT-TYPE
Packit 022b05 
    SYNTAX      SEQUENCE OF LnfRuleEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A list of all rules installed on the netfilter
Packit 022b05 
         subsystem."
Packit 022b05 
    ::= { lnfObjects 4 }
Packit 022b05
Packit 022b05 
lnfRuleEntry OBJECT-TYPE
Packit 022b05 
    SYNTAX      LnfRuleEntry
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "An entry describing a particular netfilter rule. Rules
Packit 022b05 
         of different netfilter tables and chains are
Packit 022b05 
         distinguished by the corresponding index objects."
Packit 022b05 
    INDEX   { lnfTableAddressType, lnfTableName,
Packit 022b05 
              lnfChainName, lnfRuleIndex }
Packit 022b05 
    ::= { lnfRuleTable 1 }
Packit 022b05
Packit 022b05 
LnfRuleEntry ::=
Packit 022b05 
    SEQUENCE {
Packit 022b05 
        lnfRuleIndex                          Unsigned32,
Packit 022b05 
        lnfRuleProtocol                       Unsigned32,
Packit 022b05 
        lnfRuleProtocolInv                    TruthValue,
Packit 022b05 
        lnfRuleSourceAddress                  InetAddress,
Packit 022b05 
        lnfRuleSourceAddressPrefixLength      InetAddressPrefixLength,
Packit 022b05 
        lnfRuleSourceAddressInv               TruthValue,
Packit 022b05 
        lnfRuleDestinationAddress             InetAddress,
Packit 022b05 
        lnfRuleDestinationAddressPrefixLength InetAddressPrefixLength,
Packit 022b05 
        lnfRuleDestinationAddressInv          TruthValue,
Packit 022b05 
        lnfRuleInInterface                    SnmpAdminString,
Packit 022b05 
        lnfRuleInInterfaceInv                 TruthValue,
Packit 022b05 
        lnfRuleOutInterface                   SnmpAdminString,
Packit 022b05 
        lnfRuleOutInterfaceInv                TruthValue,
Packit 022b05 
        lnfRuleFragment                       TruthValue,
Packit 022b05 
        lnfRuleFragmentInv                    TruthValue,
Packit 022b05 
        lnfRulePackets                        Counter64,
Packit 022b05 
        lnfRuleOctets                         Counter64,
Packit 022b05 
        lnfRuleTarget                         LnfTarget,
Packit 022b05 
        lnfRuleTargetChain                    SnmpAdminString,
Packit 022b05 
        lnfRuleTrapEnable                     TruthValue,
Packit 022b05 
        lnfRuleLastChange                     TimeStamp,
Packit 022b05 
        lnfRuleStorage                        StorageType,
Packit 022b05 
        lnfRuleStatus                         RowStatus
Packit 022b05 
    }
Packit 022b05
Packit 022b05 
lnfRuleIndex OBJECT-TYPE
Packit 022b05 
    SYNTAX      Unsigned32
Packit 022b05 
    MAX-ACCESS  not-accessible
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A unique number identifying the rule within a netfilter
Packit 022b05 
         chain."
Packit 022b05 
    ::= { lnfRuleEntry 1 }
Packit 022b05
Packit 022b05 
lnfRuleProtocol OBJECT-TYPE
Packit 022b05 
    SYNTAX      Unsigned32 (0..255)
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The protocol of the rule. The number zero matches all
Packit 022b05 
         protocols."
Packit 022b05 
    DEFVAL      { 0 }
Packit 022b05 
    ::= { lnfRuleEntry 2 }
Packit 022b05
Packit 022b05 
lnfRuleProtocolInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleProtocol test
Packit 022b05 
         has to be inverted."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 3 }
Packit 022b05
Packit 022b05 
lnfRuleSourceAddress OBJECT-TYPE
Packit 022b05 
    SYNTAX      InetAddress
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The source address of a packet. The exact format depends
Packit 022b05 
         on the address type specified by lnfRuleAddressType.
Packit 022b05 
         This test is applied for an address prefix whose length
Packit 022b05 
         is specified by lnfRuleSourceAddressPrefixLength.
Packit 022b05
Packit 022b05 
         If a new row is created this object should default to
Packit 022b05 
         an all-zeros value with a length approrpiate for the
Packit 022b05 
         corresponding lnfRuleAddressType object value."
Packit 022b05 
    ::= { lnfRuleEntry 4 }
Packit 022b05
Packit 022b05 
lnfRuleSourceAddressPrefixLength OBJECT-TYPE
Packit 022b05 
    SYNTAX      InetAddressPrefixLength
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The network prefix length associated with
Packit 022b05 
         lnfRuleSourceAddress."
Packit 022b05 
    DEFVAL      { 0 }
Packit 022b05 
    ::= { lnfRuleEntry 5 }
Packit 022b05
Packit 022b05 
lnfRuleSourceAddressInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleSourceAddress
Packit 022b05 
         and lnfRuleSourceAddressPrefixLength test has to
Packit 022b05 
         be inverted."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 6 }
Packit 022b05
Packit 022b05 
lnfRuleDestinationAddress OBJECT-TYPE
Packit 022b05 
    SYNTAX      InetAddress
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The destination address of a packet. The exact format
Packit 022b05 
         depends on the address type specified by
Packit 022b05 
         lnfRuleAddressType. This test is applied for an address
Packit 022b05 
         prefix whose length is specified by
Packit 022b05 
         lnfRuleDestinationAddressPrefixLength.
Packit 022b05
Packit 022b05 
         If a new row is created this object should default to
Packit 022b05 
         an all-zeros value with a length approrpiate for the
Packit 022b05 
         corresponding lnfRuleAddressType object value."
Packit 022b05 
    ::= { lnfRuleEntry 7 }
Packit 022b05
Packit 022b05 
lnfRuleDestinationAddressPrefixLength OBJECT-TYPE
Packit 022b05 
    SYNTAX      InetAddressPrefixLength
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The network prefix length associated with
Packit 022b05 
         lnfRuleDestinationAddress."
Packit 022b05 
    DEFVAL      { 0 }
Packit 022b05 
    ::= { lnfRuleEntry 8 }
Packit 022b05
Packit 022b05 
lnfRuleDestinationAddressInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleDestinationAddress
Packit 022b05 
         and lnfRuleDestinationAddressPrefixLength test has to
Packit 022b05 
         be inverted."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 9 }
Packit 022b05
Packit 022b05 
lnfRuleInInterface OBJECT-TYPE
Packit 022b05 
    SYNTAX      SnmpAdminString (SIZE (0..16))
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "Name of an interface via which a packet is going to be
Packit 022b05 
         received (only for packets entering the INPUT, FORWARD and
Packit 022b05 
         PREROUTING chains).  If the interface name ends in a '+',
Packit 022b05 
         then any interface which begins with this name will match.
Packit 022b05 
         If this is an empty string, any interface name will match."
Packit 022b05 
    DEFVAL      { "" }
Packit 022b05 
    ::= { lnfRuleEntry 10 }
Packit 022b05
Packit 022b05 
lnfRuleInInterfaceInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleInInterface test
Packit 022b05 
         has to be inverted."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 11 }
Packit 022b05
Packit 022b05 
lnfRuleOutInterface OBJECT-TYPE
Packit 022b05 
    SYNTAX      SnmpAdminString (SIZE (0..16))
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "Name of an interface via which a packet is going to be
Packit 022b05 
         sent (for packets entering the FORWARD, OUTPUT and
Packit 022b05 
         POSTROUTING chains).  If the interface name ends in a '+',
Packit 022b05 
         then any interface which begins with this name will match.
Packit 022b05 
         If this is an empty string, any interface name will match."
Packit 022b05 
    DEFVAL      { "" }
Packit 022b05 
    ::= { lnfRuleEntry 12 }
Packit 022b05
Packit 022b05 
lnfRuleOutInterfaceInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleOutInterface test
Packit 022b05 
         has to be inverted."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 13 }
Packit 022b05
Packit 022b05 
lnfRuleFragment OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "If this flag is true, the rule only refers to second and
Packit 022b05 
         further fragments of fragmented packets.  Since there is
Packit 022b05 
         no way to tell the source or destination ports of such a
Packit 022b05 
         packet (or ICMP type), such a packet will not match any
Packit 022b05 
         rules which specify them."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 14 }
Packit 022b05
Packit 022b05 
lnfRuleFragmentInv OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This flag specifies whether the lnfRuleFragmentInv test,
Packit 022b05 
         if true, has to be inverted. An inverted rule will only
Packit 022b05 
         match head fragments, or unfragmented packets."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 15 }
Packit 022b05
Packit 022b05 
lnfRulePackets OBJECT-TYPE
Packit 022b05 
    SYNTAX      Counter64
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The number of packets that matched this rule since
Packit 022b05 
         the rule was installed or reset."
Packit 022b05 
    ::= { lnfRuleEntry 16 }
Packit 022b05
Packit 022b05 
lnfRuleOctets OBJECT-TYPE
Packit 022b05 
    SYNTAX      Counter64
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The number of octets that matched this rule since the
Packit 022b05 
         rule was installed or reset."
Packit 022b05 
    ::= { lnfRuleEntry 17 }
Packit 022b05
Packit 022b05 
lnfRuleTarget OBJECT-TYPE
Packit 022b05 
    SYNTAX      LnfTarget
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The action that shall be applied to a packet if the
Packit 022b05 
         rule matches. If the value is chain(7), then jump to
Packit 022b05 
         the user chain specified by lnfRuleTargetChain."
Packit 022b05 
    DEFVAL      { none }
Packit 022b05 
    ::= { lnfRuleEntry 18 }
Packit 022b05
Packit 022b05 
lnfRuleTargetChain OBJECT-TYPE
Packit 022b05 
    SYNTAX      SnmpAdminString (SIZE (0..32))
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The name of the target chain if the value of
Packit 022b05 
         lnfRuleTarget is chain(7)."
Packit 022b05 
    ::= { lnfRuleEntry 19 }
Packit 022b05
Packit 022b05 
lnfRuleTrapEnable  OBJECT-TYPE
Packit 022b05 
    SYNTAX      TruthValue
Packit 022b05 
    MAX-ACCESS  read-write
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "Indicates whether lnfRuleMatch traps should be
Packit 022b05 
         generated for packets matching this rule. Note
Packit 022b05 
         that it's up to the implementation to delay and
Packit 022b05 
         accumulate mutliple traps in order to reduce the
Packit 022b05 
         number of emitted traps."
Packit 022b05 
    DEFVAL      { false }
Packit 022b05 
    ::= { lnfRuleEntry 20 }
Packit 022b05
Packit 022b05 
lnfRuleLastChange OBJECT-TYPE
Packit 022b05 
    SYNTAX      TimeStamp
Packit 022b05 
    MAX-ACCESS  read-only
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
       "The time of the last modification of this netfilter rule.
Packit 022b05 
	If it has been unchanged since the last re-initialization
Packit 022b05 
	of the local network management subsystem, then this
Packit 022b05 
        object contains a zero value."
Packit 022b05 
    ::= { lnfRuleEntry 21 }
Packit 022b05
Packit 022b05 
lnfRuleStorage OBJECT-TYPE
Packit 022b05 
    SYNTAX      StorageType
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This object defines whether this row is kept in
Packit 022b05 
         volatile storage and lost upon reboot or whether it
Packit 022b05 
         is backed up by stable storage or builtin."
Packit 022b05 
    ::= { lnfRuleEntry 22 }
Packit 022b05
Packit 022b05 
lnfRuleStatus OBJECT-TYPE
Packit 022b05 
    SYNTAX      RowStatus
Packit 022b05 
    MAX-ACCESS  read-create
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "This object is used to create and delete rows in the
Packit 022b05 
         lnfRuleTable."
Packit 022b05 
    ::= { lnfRuleEntry 23 }
Packit 022b05
Packit 022b05 
--
Packit 022b05 
-- Notifications:
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfNotifications OBJECT IDENTIFIER ::= { lnfTraps 0 }
Packit 022b05
Packit 022b05 
lnfRuleMatch NOTIFICATION-TYPE
Packit 022b05 
    OBJECTS     { lnfRulePackets, lnfRuleOctets }
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A lnfRuleMatch trap signifies that the rule to which
Packit 022b05 
         the lnfRulePackets and lnfRuleOctets objects belong
Packit 022b05 
         was matched by at least one packets since the last
Packit 022b05 
         trap for the same rule was emitted.
Packit 022b05
Packit 022b05 
         The agent may delay and accumulate mutliple traps in order
Packit 022b05 
         to reduce the number of emitted traps, but the time for
Packit 022b05 
         accumulation should be no more than 60 seconds.
Packit 022b05
Packit 022b05 
         Note that detailed information on the packet(s) that
Packit 022b05 
         triggered a trap is not available from the trap's
Packit 022b05 
         objects. This would cause problems with the accumulation
Packit 022b05 
         of matches and/or increased trap traffic."
Packit 022b05 
    ::= { lnfNotifications 1 }
Packit 022b05
Packit 022b05 
--
Packit 022b05 
-- Conformance statements:
Packit 022b05 
--
Packit 022b05
Packit 022b05 
lnfCompliances OBJECT IDENTIFIER ::= { lnfConformance 1 }
Packit 022b05
Packit 022b05 
lnfGroups OBJECT IDENTIFIER ::= { lnfConformance 2 }
Packit 022b05
Packit 022b05 
lnfCompliance MODULE-COMPLIANCE
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "The compliance statement for an SNMP entity which
Packit 022b05 
         implements the Linux Netfilter MIB."
Packit 022b05 
    MODULE     -- this module
Packit 022b05 
    MANDATORY-GROUPS { lnfGeneralGroup, lnfNotificationGroup }
Packit 022b05
Packit 022b05 
--     OBJECT      lnfTableAddressType
Packit 022b05 
--         SYNTAX      InetAddressType { ipv4(1), ipv6(2) }
Packit 022b05 
--         DESCRIPTION
Packit 022b05 
--         "Other address types than IPv4 and IPv6 are not required."
Packit 022b05
Packit 022b05 
    ::= { lnfCompliances 1 }
Packit 022b05
Packit 022b05 
lnfGeneralGroup OBJECT-GROUP
Packit 022b05 
    OBJECTS {
Packit 022b05 
        lnfLastChange,
Packit 022b05
Packit 022b05 
        lnfTableLastChange,
Packit 022b05
Packit 022b05 
        lnfChainPackets, lnfChainOctets, lnfChainTarget,
Packit 022b05 
        lnfChainLastChange, lnfChainStorage, lnfChainStatus,
Packit 022b05
Packit 022b05 
        lnfRuleProtocol, lnfRuleProtocolInv,
Packit 022b05 
        lnfRuleSourceAddress, lnfRuleSourceAddressPrefixLength,
Packit 022b05 
        lnfRuleSourceAddressInv, lnfRuleDestinationAddress,
Packit 022b05 
        lnfRuleDestinationAddressPrefixLength,
Packit 022b05 
        lnfRuleDestinationAddressInv, lnfRuleInInterface,
Packit 022b05 
        lnfRuleInInterfaceInv, lnfRuleOutInterface,
Packit 022b05 
        lnfRuleOutInterfaceInv, lnfRuleFragment,
Packit 022b05 
        lnfRuleFragmentInv, lnfRulePackets, lnfRuleOctets,
Packit 022b05 
        lnfRuleTarget, lnfRuleTargetChain, lnfRuleTrapEnable,
Packit 022b05 
        lnfRuleLastChange, lnfRuleStorage, lnfRuleStatus
Packit 022b05 
    }
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A collection of all Linux Netfilter objects of
Packit 022b05 
         the core table."
Packit 022b05 
    ::= { lnfGroups 1 }
Packit 022b05
Packit 022b05 
lnfNotificationGroup NOTIFICATION-GROUP
Packit 022b05 
    NOTIFICATIONS {
Packit 022b05 
        lnfRuleMatch
Packit 022b05 
    }
Packit 022b05 
    STATUS      current
Packit 022b05 
    DESCRIPTION
Packit 022b05 
        "A collection of all Linux Netfilter notifications."
Packit 022b05 
    ::= { lnfGroups 2 }
Packit 022b05
Packit 022b05 
END

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation