|
Packit |
fcad23 |
UCD-IPFWACC-MIB DEFINITIONS ::= BEGIN
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
IMPORTS
|
|
Packit |
fcad23 |
OBJECT-TYPE, MODULE-IDENTITY, IpAddress, Integer32, Counter32
|
|
Packit |
fcad23 |
FROM SNMPv2-SMI
|
|
Packit |
fcad23 |
DisplayString
|
|
Packit |
fcad23 |
FROM SNMPv2-TC
|
|
Packit |
fcad23 |
ucdExperimental
|
|
Packit |
fcad23 |
FROM UCD-SNMP-MIB;
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ucdIpFwAccMIB MODULE-IDENTITY
|
|
Packit |
fcad23 |
LAST-UPDATED "9912160000Z"
|
|
Packit |
fcad23 |
ORGANIZATION "University of California, Davis"
|
|
Packit |
fcad23 |
CONTACT-INFO
|
|
Packit |
fcad23 |
"This mib is no longer being maintained by the University of
|
|
Packit |
fcad23 |
California and is now in life-support-mode and being
|
|
Packit |
fcad23 |
maintained by the net-snmp project. The best place to write
|
|
Packit |
fcad23 |
for public questions about the net-snmp-coders mailing list
|
|
Packit |
fcad23 |
at net-snmp-coders@lists.sourceforge.net.
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
postal: Wes Hardaker
|
|
Packit |
fcad23 |
P.O. Box 382
|
|
Packit |
fcad23 |
Davis CA 95617
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
email: net-snmp-coders@lists.sourceforge.net
|
|
Packit |
fcad23 |
"
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"This module defines MIB components for reading information
|
|
Packit |
fcad23 |
from the accounting rules IP Firewall. This would typically
|
|
Packit |
fcad23 |
let you read the rules and the counters. I did not include
|
|
Packit |
fcad23 |
some flags and fields that I considered irrelevant for the
|
|
Packit |
fcad23 |
accounting rules. Resetting the counters of the rules by SNMP
|
|
Packit |
fcad23 |
would be simple, but I don't consider it so useful. I gave no
|
|
Packit |
fcad23 |
consideration to implementing write access for allowing
|
|
Packit |
fcad23 |
modification of the accounting rules.
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
Cristian.Estan@net.utcluj.ro "
|
|
Packit |
fcad23 |
REVISION "9912160000Z"
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"SMIv2 version converted from an older MIB definition."
|
|
Packit |
fcad23 |
::= { ucdExperimental 1 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccTable OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX SEQUENCE OF IpFwAccEntry
|
|
Packit |
fcad23 |
MAX-ACCESS not-accessible
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"A table with the accounting rules of the IP firewall"
|
|
Packit |
fcad23 |
::= { ucdIpFwAccMIB 1 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccEntry OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpFwAccEntry
|
|
Packit |
fcad23 |
MAX-ACCESS not-accessible
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"An accounting rule of the IP firewall"
|
|
Packit |
fcad23 |
INDEX { ipFwAccIndex }
|
|
Packit |
fcad23 |
::= { ipFwAccTable 1 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
IpFwAccEntry ::= SEQUENCE {
|
|
Packit |
fcad23 |
ipFwAccIndex Integer32,
|
|
Packit |
fcad23 |
ipFwAccSrcAddr IpAddress,
|
|
Packit |
fcad23 |
ipFwAccSrcNetMask IpAddress,
|
|
Packit |
fcad23 |
ipFwAccDstAddr IpAddress,
|
|
Packit |
fcad23 |
ipFwAccDstNetMask IpAddress,
|
|
Packit |
fcad23 |
ipFwAccViaName DisplayString,
|
|
Packit |
fcad23 |
ipFwAccViaAddr IpAddress,
|
|
Packit |
fcad23 |
ipFwAccProto INTEGER,
|
|
Packit |
fcad23 |
ipFwAccBidir INTEGER,
|
|
Packit |
fcad23 |
ipFwAccDir INTEGER,
|
|
Packit |
fcad23 |
ipFwAccBytes Counter32,
|
|
Packit |
fcad23 |
ipFwAccPackets Counter32,
|
|
Packit |
fcad23 |
ipFwAccNrSrcPorts Integer32,
|
|
Packit |
fcad23 |
ipFwAccNrDstPorts Integer32,
|
|
Packit |
fcad23 |
ipFwAccSrcIsRange INTEGER,
|
|
Packit |
fcad23 |
ipFwAccDstIsRange INTEGER,
|
|
Packit |
fcad23 |
ipFwAccPort1 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort2 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort3 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort4 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort5 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort6 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort7 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort8 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort9 Integer32,
|
|
Packit |
fcad23 |
ipFwAccPort10 Integer32
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccIndex OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32 (0..2147483647)
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Reference index for each firewall rule."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 1 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccSrcAddr OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpAddress
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The source address in the firewall rule."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 2 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccSrcNetMask OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpAddress
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The netmask of the source address in the firewall rule."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 3 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccDstAddr OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpAddress
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The destination address in the firewall rule."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 4 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccDstNetMask OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpAddress
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The netmask of the destination address in the firewall rule."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 5 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccViaName OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX DisplayString (SIZE(1..64))
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The name of the interface to which the rule applies. If no
|
|
Packit |
fcad23 |
interface is associated with the present rule, this should
|
|
Packit |
fcad23 |
contain a dash (-)."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 6 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccViaAddr OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX IpAddress
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The address of the interface to which the rule applies.
|
|
Packit |
fcad23 |
Using this parameter makes sense when multiple addresses are
|
|
Packit |
fcad23 |
associated to the same physical interface. If not defined
|
|
Packit |
fcad23 |
for the current rule this should be set to 0."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 7 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccProto OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX INTEGER {
|
|
Packit |
fcad23 |
other(1),
|
|
Packit |
fcad23 |
all(2),
|
|
Packit |
fcad23 |
tcp(3),
|
|
Packit |
fcad23 |
udp(4),
|
|
Packit |
fcad23 |
icmp(5)
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The protocol(s) to which the rule applies."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 8 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccBidir OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX INTEGER {
|
|
Packit |
fcad23 |
unidirectional(1),
|
|
Packit |
fcad23 |
bidirectional(2)
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Whether the rule works in both directions (i.e. with the
|
|
Packit |
fcad23 |
source and destination parts swapped) or not."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 9 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccDir OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX INTEGER {
|
|
Packit |
fcad23 |
both(1),
|
|
Packit |
fcad23 |
in(2),
|
|
Packit |
fcad23 |
out(3)
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Whether the rule applies to packets entering or exiting the
|
|
Packit |
fcad23 |
kernel."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 10 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccBytes OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Counter32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The number of bytes that matched this rule since the last
|
|
Packit |
fcad23 |
reset of the counters."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 11 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPackets OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Counter32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The number of packets that matched this rule since the last
|
|
Packit |
fcad23 |
reset of the counters."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 12 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccNrSrcPorts OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The number of ports that refer to the source address."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 13 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccNrDstPorts OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"The number of ports that refer to the destination address."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 14 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccSrcIsRange OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX INTEGER {
|
|
Packit |
fcad23 |
srchasrange(1),
|
|
Packit |
fcad23 |
srchasnorange(2)
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Interpret the first two ports of the source part as
|
|
Packit |
fcad23 |
the upper and lower limit of an interval or not."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 15 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccDstIsRange OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX INTEGER {
|
|
Packit |
fcad23 |
dsthasrange(1),
|
|
Packit |
fcad23 |
dsthasnorange(2)
|
|
Packit |
fcad23 |
}
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Interpret the first two ports of the destination part as
|
|
Packit |
fcad23 |
the upper and lower limit of an interval or not."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 16 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort1 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 1."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 17 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort2 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 2."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 18 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort3 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 3."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 19 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort4 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 4."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 20 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort5 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 5."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 21 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort6 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 6."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 22 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort7 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 7."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 23 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort8 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 8."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 24 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort9 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 9."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 25 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
ipFwAccPort10 OBJECT-TYPE
|
|
Packit |
fcad23 |
SYNTAX Integer32
|
|
Packit |
fcad23 |
MAX-ACCESS read-only
|
|
Packit |
fcad23 |
STATUS current
|
|
Packit |
fcad23 |
DESCRIPTION
|
|
Packit |
fcad23 |
"Port number 10."
|
|
Packit |
fcad23 |
::= { ipFwAccEntry 26 }
|
|
Packit |
fcad23 |
|
|
Packit |
fcad23 |
END
|