328 lines
8.2 KiB
Plaintext
328 lines
8.2 KiB
Plaintext
|
UCD-IPFWACC-MIB DEFINITIONS ::= BEGIN
|
||
|
|
||
|
IMPORTS
|
||
|
OBJECT-TYPE, MODULE-IDENTITY, IpAddress, Integer32, Counter32
|
||
|
FROM SNMPv2-SMI
|
||
|
DisplayString
|
||
|
FROM SNMPv2-TC
|
||
|
ucdExperimental
|
||
|
FROM UCD-SNMP-MIB;
|
||
|
|
||
|
ucdIpFwAccMIB MODULE-IDENTITY
|
||
|
LAST-UPDATED "9912160000Z"
|
||
|
ORGANIZATION "University of California, Davis"
|
||
|
CONTACT-INFO
|
||
|
"This mib is no longer being maintained by the University of
|
||
|
California and is now in life-support-mode and being
|
||
|
maintained by the net-snmp project. The best place to write
|
||
|
for public questions about the net-snmp-coders mailing list
|
||
|
at net-snmp-coders@lists.sourceforge.net.
|
||
|
|
||
|
postal: Wes Hardaker
|
||
|
P.O. Box 382
|
||
|
Davis CA 95617
|
||
|
|
||
|
email: net-snmp-coders@lists.sourceforge.net
|
||
|
"
|
||
|
DESCRIPTION
|
||
|
"This module defines MIB components for reading information
|
||
|
from the accounting rules IP Firewall. This would typically
|
||
|
let you read the rules and the counters. I did not include
|
||
|
some flags and fields that I considered irrelevant for the
|
||
|
accounting rules. Resetting the counters of the rules by SNMP
|
||
|
would be simple, but I don't consider it so useful. I gave no
|
||
|
consideration to implementing write access for allowing
|
||
|
modification of the accounting rules.
|
||
|
|
||
|
Cristian.Estan@net.utcluj.ro "
|
||
|
REVISION "9912160000Z"
|
||
|
DESCRIPTION
|
||
|
"SMIv2 version converted from an older MIB definition."
|
||
|
::= { ucdExperimental 1 }
|
||
|
|
||
|
ipFwAccTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF IpFwAccEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"A table with the accounting rules of the IP firewall"
|
||
|
::= { ucdIpFwAccMIB 1 }
|
||
|
|
||
|
ipFwAccEntry OBJECT-TYPE
|
||
|
SYNTAX IpFwAccEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"An accounting rule of the IP firewall"
|
||
|
INDEX { ipFwAccIndex }
|
||
|
::= { ipFwAccTable 1 }
|
||
|
|
||
|
IpFwAccEntry ::= SEQUENCE {
|
||
|
ipFwAccIndex Integer32,
|
||
|
ipFwAccSrcAddr IpAddress,
|
||
|
ipFwAccSrcNetMask IpAddress,
|
||
|
ipFwAccDstAddr IpAddress,
|
||
|
ipFwAccDstNetMask IpAddress,
|
||
|
ipFwAccViaName DisplayString,
|
||
|
ipFwAccViaAddr IpAddress,
|
||
|
ipFwAccProto INTEGER,
|
||
|
ipFwAccBidir INTEGER,
|
||
|
ipFwAccDir INTEGER,
|
||
|
ipFwAccBytes Counter32,
|
||
|
ipFwAccPackets Counter32,
|
||
|
ipFwAccNrSrcPorts Integer32,
|
||
|
ipFwAccNrDstPorts Integer32,
|
||
|
ipFwAccSrcIsRange INTEGER,
|
||
|
ipFwAccDstIsRange INTEGER,
|
||
|
ipFwAccPort1 Integer32,
|
||
|
ipFwAccPort2 Integer32,
|
||
|
ipFwAccPort3 Integer32,
|
||
|
ipFwAccPort4 Integer32,
|
||
|
ipFwAccPort5 Integer32,
|
||
|
ipFwAccPort6 Integer32,
|
||
|
ipFwAccPort7 Integer32,
|
||
|
ipFwAccPort8 Integer32,
|
||
|
ipFwAccPort9 Integer32,
|
||
|
ipFwAccPort10 Integer32
|
||
|
}
|
||
|
|
||
|
ipFwAccIndex OBJECT-TYPE
|
||
|
SYNTAX Integer32 (0..2147483647)
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Reference index for each firewall rule."
|
||
|
::= { ipFwAccEntry 1 }
|
||
|
|
||
|
ipFwAccSrcAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The source address in the firewall rule."
|
||
|
::= { ipFwAccEntry 2 }
|
||
|
|
||
|
ipFwAccSrcNetMask OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The netmask of the source address in the firewall rule."
|
||
|
::= { ipFwAccEntry 3 }
|
||
|
|
||
|
ipFwAccDstAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The destination address in the firewall rule."
|
||
|
::= { ipFwAccEntry 4 }
|
||
|
|
||
|
ipFwAccDstNetMask OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The netmask of the destination address in the firewall rule."
|
||
|
::= { ipFwAccEntry 5 }
|
||
|
|
||
|
ipFwAccViaName OBJECT-TYPE
|
||
|
SYNTAX DisplayString (SIZE(1..64))
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The name of the interface to which the rule applies. If no
|
||
|
interface is associated with the present rule, this should
|
||
|
contain a dash (-)."
|
||
|
::= { ipFwAccEntry 6 }
|
||
|
|
||
|
ipFwAccViaAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The address of the interface to which the rule applies.
|
||
|
Using this parameter makes sense when multiple addresses are
|
||
|
associated to the same physical interface. If not defined
|
||
|
for the current rule this should be set to 0."
|
||
|
::= { ipFwAccEntry 7 }
|
||
|
|
||
|
ipFwAccProto OBJECT-TYPE
|
||
|
SYNTAX INTEGER {
|
||
|
other(1),
|
||
|
all(2),
|
||
|
tcp(3),
|
||
|
udp(4),
|
||
|
icmp(5)
|
||
|
}
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The protocol(s) to which the rule applies."
|
||
|
::= { ipFwAccEntry 8 }
|
||
|
|
||
|
ipFwAccBidir OBJECT-TYPE
|
||
|
SYNTAX INTEGER {
|
||
|
unidirectional(1),
|
||
|
bidirectional(2)
|
||
|
}
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Whether the rule works in both directions (i.e. with the
|
||
|
source and destination parts swapped) or not."
|
||
|
::= { ipFwAccEntry 9 }
|
||
|
|
||
|
ipFwAccDir OBJECT-TYPE
|
||
|
SYNTAX INTEGER {
|
||
|
both(1),
|
||
|
in(2),
|
||
|
out(3)
|
||
|
}
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Whether the rule applies to packets entering or exiting the
|
||
|
kernel."
|
||
|
::= { ipFwAccEntry 10 }
|
||
|
|
||
|
ipFwAccBytes OBJECT-TYPE
|
||
|
SYNTAX Counter32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The number of bytes that matched this rule since the last
|
||
|
reset of the counters."
|
||
|
::= { ipFwAccEntry 11 }
|
||
|
|
||
|
ipFwAccPackets OBJECT-TYPE
|
||
|
SYNTAX Counter32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The number of packets that matched this rule since the last
|
||
|
reset of the counters."
|
||
|
::= { ipFwAccEntry 12 }
|
||
|
|
||
|
ipFwAccNrSrcPorts OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The number of ports that refer to the source address."
|
||
|
::= { ipFwAccEntry 13 }
|
||
|
|
||
|
ipFwAccNrDstPorts OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The number of ports that refer to the destination address."
|
||
|
::= { ipFwAccEntry 14 }
|
||
|
|
||
|
ipFwAccSrcIsRange OBJECT-TYPE
|
||
|
SYNTAX INTEGER {
|
||
|
srchasrange(1),
|
||
|
srchasnorange(2)
|
||
|
}
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Interpret the first two ports of the source part as
|
||
|
the upper and lower limit of an interval or not."
|
||
|
::= { ipFwAccEntry 15 }
|
||
|
|
||
|
ipFwAccDstIsRange OBJECT-TYPE
|
||
|
SYNTAX INTEGER {
|
||
|
dsthasrange(1),
|
||
|
dsthasnorange(2)
|
||
|
}
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Interpret the first two ports of the destination part as
|
||
|
the upper and lower limit of an interval or not."
|
||
|
::= { ipFwAccEntry 16 }
|
||
|
|
||
|
ipFwAccPort1 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 1."
|
||
|
::= { ipFwAccEntry 17 }
|
||
|
|
||
|
ipFwAccPort2 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 2."
|
||
|
::= { ipFwAccEntry 18 }
|
||
|
|
||
|
ipFwAccPort3 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 3."
|
||
|
::= { ipFwAccEntry 19 }
|
||
|
|
||
|
ipFwAccPort4 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 4."
|
||
|
::= { ipFwAccEntry 20 }
|
||
|
|
||
|
ipFwAccPort5 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 5."
|
||
|
::= { ipFwAccEntry 21 }
|
||
|
|
||
|
ipFwAccPort6 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 6."
|
||
|
::= { ipFwAccEntry 22 }
|
||
|
|
||
|
ipFwAccPort7 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 7."
|
||
|
::= { ipFwAccEntry 23 }
|
||
|
|
||
|
ipFwAccPort8 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 8."
|
||
|
::= { ipFwAccEntry 24 }
|
||
|
|
||
|
ipFwAccPort9 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 9."
|
||
|
::= { ipFwAccEntry 25 }
|
||
|
|
||
|
ipFwAccPort10 OBJECT-TYPE
|
||
|
SYNTAX Integer32
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Port number 10."
|
||
|
::= { ipFwAccEntry 26 }
|
||
|
|
||
|
END
|