-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathA3COM-FILTER-R5-MIB
executable file
·1118 lines (988 loc) · 49.5 KB
/
A3COM-FILTER-R5-MIB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
A3COM-FILTER-R5-MIB DEFINITIONS ::= BEGIN
IMPORTS
enterprises, Counter
FROM RFC1155-SMI
DisplayString
FROM RFC1213-MIB
MacAddress
FROM RFC1286-MIB
OBJECT-TYPE
FROM RFC-1212;
--
-- This MIB is for 3Com systems that offer a unified
-- filtering feature
--
--
a3Com OBJECT IDENTIFIER ::= { enterprises 43 }
brouterMIB OBJECT IDENTIFIER ::= { a3Com 2 }
a3ComFilter OBJECT IDENTIFIER ::= { brouterMIB 10 }
a3ComFilterCtl OBJECT IDENTIFIER ::= { a3ComFilter 1 }
RowStatus ::= INTEGER {
active(1),
notInService(2),
notReady(3),
createAndGo(4),
createAndWait(5),
destroy(6)
}
--This data type, which has the same semantics as the RowStatus
--textual convention used in SNMPv2, is used to add and
--delete entries from a table.
--
--The tables in this MIB allow a subset of the functionality
--provided by the RowStatus textual convention. In particular
--row creation is allowed using only the createAndGo method.
--
--That is, when adding entries to this table, this object
--must be set to createAndGo(4). The instance identifier
--for this object will define the values of the columns
--that make up the index.
--
--In the same PDU, the appropriate remaining columns
--of that row must be set as well. The agent
--will immediately set the value of this object to
--active(1) if the row is correct. If not, the agent
--will refuse the SET request and return an
--error code.
--
--To modify an existing entry, it must be removed
--and another entry with the desired changes added.
--
--To remove an entry, set the value of this object
--to destroy(6).
--
-- This first set of objects controls general aspects of the
-- Filtering feature
--
a3filterControl OBJECT-TYPE
SYNTAX INTEGER {
enableMatchOne (1),
enableCheckAll (2),
disable (3)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object enables/disables the filtering function.
If this object is set to disable (2), filtering is
turned off for all protocols.
If the control is set to enableMatchOne (1) or
enableCheckAll (2), then filtering is performed on
protocols that are selected via the a3filter*Select
objects and those for which at least one policy is
configured. If a packet matches the Masks defined
for more than one Policy and this object is set to
enableMatchOne, only the action associated with the
first satisfied Policy is performed. If this object
is set to enableCheckAll (2), however, the actions
associated with each satisfied Policy is performed."
::= { a3ComFilterCtl 1 }
a3filterDefaultAction OBJECT-TYPE
SYNTAX INTEGER {
discard (1),
forward (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object specifies the action applied to a packet
if it does not match any of the policies configured or
if two conflicting policies are specified and the
the packet meets criteria associated with both."
::= { a3ComFilterCtl 2 }
a3filterBridgeSelect OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
noFilter (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines whether the filter function
will be invoked for the Bridge (or datalink) protocol
layer. This provides a mechanism for deselecting
filtering for this protocol layer while retaining
the policies and masks configured for this protocol."
::= { a3ComFilterCtl 3 }
a3filterIpSelect OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
noFilter (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines whether the filter function
will be invoked for the IP protocol layer. This
provides a mechanism for deselecting filtering for
this protocol layer while retaining the policies and
masks configured for this protocol."
::= { a3ComFilterCtl 4 }
a3filterIpxSelect OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
noFilter (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines whether the filter function
will be invoked for the IPX protocol layer. This
provides a mechanism for deselecting filtering for
this protocol layer while retaining the policies
and masks configured for this protocol."
::= { a3ComFilterCtl 5 }
a3filterAppleTalkSelect OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
noFilter (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines whether the filter function
will be invoked for the Apple Talk protocol
layer. This provides a mechanism for deselecting
filtering for this protocol layer while retaining
the policies and masks configured for this protocol."
::= { a3ComFilterCtl 6 }
a3filterDecSelect OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
noFilter (2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines whether the filter function
will be invoked for the DECnet protocol
layer. This provides a mechanism for deselecting
filtering for this protocol layer while retaining
the policies and masks configured for this protocol."
::= { a3ComFilterCtl 7 }
--
-- This next table contains User Configured individual Masks
--
a3filterUserMaskTable OBJECT-TYPE
SYNTAX SEQUENCE OF A3filterUserMaskEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"A table containing User configured Masks
that are used to identify specific classes of
packets. These masks are used by the policy
table to define actions to take on these
classes of packets."
::= { a3ComFilter 2 }
a3filterUserMaskEntry OBJECT-TYPE
SYNTAX A3filterUserMaskEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The definition of a single Mask."
INDEX { a3filterUserMaskIndex }
::= { a3filterUserMaskTable 1 }
A3filterUserMaskEntry ::=
SEQUENCE {
a3filterUserMaskIndex INTEGER (1..64),
a3filterUserMaskName DisplayString (SIZE (0..15)),
a3filterUserMaskLocType INTEGER,
a3filterUserMaskLocField INTEGER,
a3filterUserMaskLocOffset INTEGER,
a3filterUserMaskLocLength INTEGER,
a3filterUserMaskOperator INTEGER,
a3filterUserMaskOperand OCTET STRING (SIZE (0..4)),
a3filterUserMaskComparison INTEGER,
a3filterUserMaskMatchType INTEGER,
a3filterUserMaskMatchBits OCTET STRING (SIZE (0..6)),
a3filterUserMaskMatchValue1 INTEGER,
a3filterUserMaskMatchValue2 INTEGER,
a3filterUserMaskStatus RowStatus
}
a3filterUserMaskIndex OBJECT-TYPE
SYNTAX INTEGER (1..64)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"An index identifying a specific Mask. All user
configured masks must have an index between 1 and 64."
::= { a3filterUserMaskEntry 1 }
a3filterUserMaskName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"A text string used to help identify a specific Mask.
Each entry must have a unique name."
::= { a3filterUserMaskEntry 2 }
a3filterUserMaskLocType OBJECT-TYPE
SYNTAX INTEGER {
protocolFieldSemantics (1),
offsetLengthSemantics (2),
dataLinkOffsetLengthSemantics (3),
ipOffsetLengthSemantics (4),
ipxOffsetLengthSemantics (5),
appleTalkOffsetLengthSemantics(6),
decNetOffsetLengthSemantics (7)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object determines if this table entry specifies
packet location via the mnemonic, protocol.field
semantics or via the numerical offset.length semantics.
If this object is set to protocolFieldSemantics (1),
then the value of a3filterUserMaskLocField is used to
identify the packet location where the mask is applied.
If this object is set to offsetLengthSemantics(2), then
the offset and lengths identified by a3filterUserMaskLocOffset
and a3filterUserMaskLocLength are measured from the start
of the datalink layer.
If this object is set to dataLinkOffsetLengthSemantics(3),
then the value of a3filterUserMaskLocOffset and
a3filterUserMaskLocLength are used to determine where the
mask is applied. The offset and length are measured
starting from the data field of the data link protocol
layer.
If this object is set to ipOffsetLengthSemantics(4),
then the value of a3filterUserMaskLocOffset and
a3filterUserMaskLocLength are used to determine where the
mask is applied. The offset and length are measured
starting from the data field of the IP protocol
layer.
If this object is set to appleTalkOffsetLengthSemantics(5),
then the value of a3filterUserMaskLocOffset and
a3filterUserMaskLocLength are used to determine where the
mask is applied. The offset and length are measured
starting from the data field of the AppleTalk protocol
layer.
Similar semantics apply to the remaining enumerations
for this object."
::= { a3filterUserMaskEntry 3 }
a3filterUserMaskLocField OBJECT-TYPE
SYNTAX INTEGER {
dlDestinationAddress (1), -- DataLink field
dlSourceAddress (2), -- DataLink field
dlAddress (3), -- DataLink field
dlProtocol (4), -- DataLink field
dlLength (5), -- DataLink field
dlDSAP (6), -- DataLink field
dlSSAP (7), -- DataLink field
dlLSAP (8), -- DataLink field
dlOUI (9), -- DataLink field
dlLanID (10), -- DataLink field
ipDestAddress (11), -- IP field
ipSourceAddress (12), -- IP field
ipAddress (13), -- IP field
ipProtocol (14), -- IP field
ipDestinationPort (15), -- IP field
ipSourcePort (16), -- IP field
ipPort (17), -- IP field
ipOptions (18), -- IP field
ipTOS (19), -- IP field, not currently
-- supported, (see built in
-- Masks)
ipxDestNetwork (20), -- IPX field
ipxSourceNetwork (21), -- IPX field
ipxNetwork (22), -- IPX field
ipxDestAddress (23), -- IPX field
ipxSourceAddress (24), -- IPX field
ipxAddress (25), -- IPX field
ipxDestSocket (26), -- IPX field
ipxSourceSocket (27), -- IPX field
ipxSocket (28), -- IPX field
atDestinationNetwork (29), -- AppleTalk field
atSourceNetwork (30), -- AppleTalk field
atNetwork (31), -- AppleTalk field
atDestinationNodeID (32), -- AppleTalk field
atSourceNodeID (33), -- AppleTalk field
atNodeID (34), -- AppleTalk field
atDestinationSocket (35), -- AppleTalk field
atSourceSocket (36), -- AppleTalk field
atSocket (37), -- AppleTalk field
atDDPType (38), -- AppleTalk field
decDestinationArea (39), -- DECnet field
decSourceArea (40), -- DECnet field
decArea (41), -- DECnet field
decDestAddress (42), -- DECnet field
decSourceAddress (43), -- DECnet field
decAddress (44), -- DECnet field
ipxPktLength (45), -- IPX field
ipxPktType (46), -- IPX field
ipxTransportCtl (47) -- IPX field
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object specifies the location in the packet
where the operation should take place. This object
takes effect only when a3filterUserMaskLocationType has
the value protocolFieldSemantics(1). Otherwise,
this object is ignored."
::= { a3filterUserMaskEntry 4 }
a3filterUserMaskLocOffset OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"When specifying a packet location via the offsetLength
semantics, this parameters indicates the offset from the
beginning of the portion of the protocol layer
identified by a3filterUserMaskLocationType that is used in
the Mask."
::= { a3filterUserMaskEntry 5 }
a3filterUserMaskLocLength OBJECT-TYPE
SYNTAX INTEGER {
one(1),
two(2),
reserved(3), -- this value is not allowed
four(4),
rsvd(5), -- this value is not allowed
six(6)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"When specifying a packet location via the offsetLength
semantics, this parameter indicates the length of the
bit field used in the Mask. Only the values one(1),
two(2), four(4), and six(6) are allowed.
If the length is not specified, the agent will
automatically determine the proper length based on
either the operand (a3filterUserMaskOperand) or the
matching values (a3filterUserMaskMatchType)."
::= { a3filterUserMaskEntry 6 }
a3filterUserMaskOperator OBJECT-TYPE
SYNTAX INTEGER {
none (1), -- No operation is specified. when this
-- value is set, a3filterUserMaskOperand is ignored.
or (2), -- bitwise "or"
and (3), -- bitwise "and"
xor (4) -- bitwise "exclusive or"
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object, together with a3filterUserMaskOperand, cause
bit operations to be performed on the bit field identified
by a3filterUserMaskLocation. The output of this operation is
compared, according to a3filterUserMaskComparison, to the
value specified by a3filterUserMaskMatch."
::= { a3filterUserMaskEntry 7 }
a3filterUserMaskOperand OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..4))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object, together with a3filterUserMaskOperator, cause
bit operations to be performed on the bit field identified
by a3filterUserMaskLocation. The output of this operation is
compared, according to a3filterUserMaskComparison, to the
value specified by a3filterUserMaskMatchType and
a3filterUserMaskMatchBits, a3filterUserMaskMatchValue1, and/or
a3filterUserMaskMatchValue2 (depending on the value of
a3filterUserMaskMatchType. ie, the value of
a3filterUserMaskMatchType determines which of the other
objects are relevant)."
::= { a3filterUserMaskEntry 8 }
a3filterUserMaskComparison OBJECT-TYPE
SYNTAX INTEGER {
equal (1),
notEqual (2),
greaterThan (3),
greaterThanOrEqual (4),
lessThan (5),
lessThanOrEqual (6),
inclusiveRange (7)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object specifies the type of comparison to make
between the output of the operation specified by
a3filterUserMaskLocation, a3filterUserMaskOperator,
a3filterUserMaskOperand, and a3filterUserMaskMatch."
::= { a3filterUserMaskEntry 9 }
a3filterUserMaskMatchType OBJECT-TYPE
SYNTAX INTEGER {
all (1), -- this value specifies that any value in the
-- location will be considered as matching.
bits (2),
value (3),
valueRange (4),
userGroup (5)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object specifies the type of data that is being
matched. The value of this object determines which
column(s) are relevant for this entry.
If this object is set to all(1), any value is considered
as matching, and the values of the following columns are
ignored: a3filterUserMaskMatchBits,
a3filterUserMaskMatchValue1, and
a3filterUserMaskMatchValue2.
If this object is set to bits(2), then the packet
location identified by the *Loc* columns (and
after the indicated bit operations) is compared
to the bits identified by a3filterUserMaskMatchBits.
The values of a3filterUserMaskMatchValue1 and
a3filterUserMaskMatchValue2 are ignored in this case.
If this object is set to value(3), then the value
contained in the specified packet location is
compared to the value specified by
a3filterUserMaskMatchValue1. The values of
a3filterUserMaskMatchBits and a3filterUserMaskMatchValue2
are ignored in this case.
If this object is set to valueRange(4), then the
value contained in the specified packet location
is compared to the range of values specified by
a3filterUserMaskMatchValue1 and a3filterUserMaskMatchValue2.
The value of a3filterUserMaskMatchBits is ignored in
this case.
Finally, if this object is set to userGroup(5),
then the MAC address contained in the specified
packet location is compared to the members of the
User Group identified by a3filterUserMaskMatchValue1.
In this case, the value of a3filterUserMaskMatchValue1
identifies one or more entries in a3filterUserGrpAddrTable.
The values of a3filterUserMaskMatchBits and
a3filterUserMaskMatchValue2 are ignored."
::= { a3filterUserMaskEntry 10 }
a3filterUserMaskMatchBits OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..6))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"A string of bits that is compared against the data
at the specified location in the packet. This object
is relevant only if a3filterUserMaskMatchType is (2)."
::= { a3filterUserMaskEntry 11 }
a3filterUserMaskMatchValue1 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The value used to compare against the data at the
specified location in the packet. This object is
relevant only if the value of a3filterUserMaskMatchType
is (3), (4), or (5)."
::= { a3filterUserMaskEntry 12 }
a3filterUserMaskMatchValue2 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The value used to compare against the data at the
specified location in the packet. This object is used
along with a3filterUserMaskMatchValue1 to specify a range
of values. This object is relevant only if
a3filterUserMaskMatchType is (4)."
::= { a3filterUserMaskEntry 13 }
a3filterUserMaskStatus OBJECT-TYPE
SYNTAX RowStatus
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object is used to add and delete entries
in this table. See the notes describing
RowStatus at the beginning of this MIB.
Note, if this mask entry is being used by an active
Policy entry, it can not be removed."
::= { a3filterUserMaskEntry 14 }
--
-- This next table contains Built In (ie., delivered with the
-- system software) Masks. Entries in this table are indexed
-- starting from 257 to avoid conflicting with the User Defined
-- Mask table.
--
a3filterBuiltInMaskTable OBJECT-TYPE
SYNTAX SEQUENCE OF A3filterBuiltInMaskEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"A table containing Built In Masks that are
used to identify specific classes of packets.
These masks may be used by the policy table to
define actions to take on these classes of packets."
::= { a3ComFilter 3 }
a3filterBuiltInMaskEntry OBJECT-TYPE
SYNTAX A3filterBuiltInMaskEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The definition of a single Built In Mask."
INDEX { a3filterBuiltInMaskIndex }
::= { a3filterBuiltInMaskTable 1 }
A3filterBuiltInMaskEntry ::=
SEQUENCE {
a3filterBuiltInMaskIndex INTEGER (257..65535),
a3filterBuiltInMaskName DisplayString (SIZE (0..15)),
a3filterBuiltInMaskFieldValue INTEGER
}
a3filterBuiltInMaskIndex OBJECT-TYPE
SYNTAX INTEGER (257..65535)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"This object uniquely identifies a Built In Mask.
This index is also used by the Policy Table to
identify Masks, both Built In and User Defined."
::= { a3filterBuiltInMaskEntry 1 }
a3filterBuiltInMaskName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The name assigned to a Built In Mask. Each
name is unique and applies when referring to
the Mask from the User Interface."
::= { a3filterBuiltInMaskEntry 2 }
a3filterBuiltInMaskFieldValue OBJECT-TYPE
SYNTAX INTEGER {
dlBroadCast (1), -- dataLinkDestAddr,
dlMultiCast (2), -- dataLinkDestAddr
appleTalkII (3), -- dataLinkProtocol
aarp (4), -- dataLinkProtocol
arp (5), -- dataLinkProtocol
clnp (6), -- dataLinkProtocol
decPhaseIV (7), -- dataLinkProtocol
dlTest (8), -- dataLinkProtocol
ip (9), -- dataLinkProtocol
ipx (10), -- dataLinkProtocol
lat (11), -- dataLinkProtocol
ipNetMap (12), -- dataLinkProtocol
xnsNetMap (13), -- dataLinkProtocol
stp (14), -- dataLinkProtocol
vip (15), -- dataLinkProtocol
xns (16), -- dataLinkProtocol
specificRoute (17), -- dataLinkRoutingType
singleRouteExp (18), -- dataLinkRoutingType
allRouteExp (19), -- dataLinkRoutingType
allRouteType (20), -- dataLinkRoutingType
icmp (21), -- ipProtocol
tcp (22), -- ipProtocol
udp (23), -- ipProtocol
dns (24), -- ipPort
finger (25), -- ipPort
ftp (26), -- ipPort
whois (27), -- ipPort
simpleMailTrans(28), -- ipPort
snmp (29), -- ipPort
sunRPC (30), -- ipPort
telnet (31), -- ipPort
tftp (32), -- ipPort
x400 (33), -- ipPort
zero (34), -- ipTOS
one (35), -- ipTOS
two (36), -- ipTOS
three (37), -- ipTOS
four (38), -- ipTOS
five (39), -- ipTOS
six (40), -- ipTOS
seven (41), -- ipTOS
ipxBroadCast (42), -- ipxDestAddr = broadcast
fileServicePkt (43), -- ipxSocket
sap (44), -- ipxSocket
rip (45), -- ipxSocket
netBIOS (46), -- ipxSocket
diag (47), -- ipxSocket
rtmps (48), -- appleTalkSocket
nis (49), -- appleTalkSocket
zis (50), -- appleTalkSocket
rtmprs (51), -- appleDDPType
nbp (52), -- appleDDPType
atp (53), -- appleDDPType
aep (54), -- appleDDPType
rtmprq (55), -- appleDDPType
zip (56), -- appleDDPType
adsp (57), -- appleDDPType
ipxTraceRt (58), -- ipxSocket = Trace Route
ipxPing (59), -- ipxSocket = Ping
ipxNwSec (60) -- ipxSocket = Netware Security
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"This object identifies the value that this
Built In Mask looks for as well as the protocol
field.
Note, the way this table defines a Mask
is different from the semantics of the
User Mask table. In that table, Masks look
for specific values in specific protocol
fields. Built In Masks, however, are different.
For example, one Built In Mask looks for the
value ip(9) in the field dataLinkProtocol(2).
Besides looking in the dataLinkProtocol field,
the code that implements this mask also looks
for IP in the proper SNAP field when the dataLinkProtocol
field indicates SNAP."
::= { a3filterBuiltInMaskEntry 3 }
--
-- This table contains individual User Groups. A User Group
-- identifies group of 'Users' by their MAC Address and allows
-- filters to be defined based on the group rather than each of
-- the members. This table assigns a Name to each group.
--
a3filterUserGrpTable OBJECT-TYPE
SYNTAX SEQUENCE OF A3filterUserGrpEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"A table containing User Group entries. Each entry
identifies a set of entries in the
a3filterUserGrpAddrTable which can contain several
station Addresses. These addresses are physical layer
addresses.
This table is used to associate a single User Group index
with a name."
::= { a3ComFilter 4 }
a3filterUserGrpEntry OBJECT-TYPE
SYNTAX A3filterUserGrpEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Each entry in this table identifies a group of
station addresses."
INDEX { a3filterUserGrpIndex }
::= { a3filterUserGrpTable 1 }
A3filterUserGrpEntry ::=
SEQUENCE {
a3filterUserGrpIndex INTEGER (1..16),
a3filterUserGrpName DisplayString (SIZE (0..15)),
a3filterUserGrpStatus RowStatus
}
a3filterUserGrpIndex OBJECT-TYPE
SYNTAX INTEGER (1..16)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Each entry in this table identifies a group of
station addresses."
::= { a3filterUserGrpEntry 1 }
a3filterUserGrpName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The name given to this group of station addresses."
::= { a3filterUserGrpEntry 2 }
a3filterUserGrpStatus OBJECT-TYPE
SYNTAX RowStatus
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object is used to add and delete entries
in this table. See the notes describing
RowStatus at the beginning of this MIB."
::= { a3filterUserGrpEntry 3 }
a3filterUserGrpAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF A3filterUserGrpAddrEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"A table containing User Group addresses. Each entry
can contain several station Addresses. These addresses
are physical layer addresses.
Note, this table applies only to filtering based on the
Data Link layer. Since only bridged packets are
filtered at this layer, this table only applies to
bridged traffic."
::= { a3ComFilter 5 }
a3filterUserGrpAddrEntry OBJECT-TYPE
SYNTAX A3filterUserGrpAddrEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Each entry in this table identifies a single
station address."
INDEX { a3filterUserGrpAddrIndex, a3filterUserGrpAddress }
::= { a3filterUserGrpAddrTable 1 }
A3filterUserGrpAddrEntry ::=
SEQUENCE {
a3filterUserGrpAddrIndex INTEGER (1..16),
a3filterUserGrpAddress MacAddress,
a3filterUserGrpAddrStatus RowStatus
}
a3filterUserGrpAddrIndex OBJECT-TYPE
SYNTAX INTEGER (1..16)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"This is used to identify a group of station addresses.
This object has the same value as a3filterUserGrpIndex."
::= { a3filterUserGrpAddrEntry 1 }
a3filterUserGrpAddress OBJECT-TYPE
SYNTAX MacAddress
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A single station physical address."
::= { a3filterUserGrpAddrEntry 2 }
a3filterUserGrpAddrStatus OBJECT-TYPE
SYNTAX RowStatus
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object is used to add and delete entries
in this table. See the notes describing
RowStatus at the beginning of this MIB."
::= { a3filterUserGrpAddrEntry 3 }
a3filterPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF A3filterPolicyEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"A table containing filtering Policy. Each Policy
applies a set of selection criteria (Masks) to
a context (in terms of ports or station groups)
and associates an action with that application."
::= { a3ComFilter 6 }
a3filterPolicyEntry OBJECT-TYPE
SYNTAX A3filterPolicyEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The definition of a single Policy."
INDEX { a3filterPolicyIndex }
::= { a3filterPolicyTable 1 }
A3filterPolicyEntry ::=
SEQUENCE {
a3filterPolicyIndex INTEGER (1..64),
a3filterPolicyName DisplayString (SIZE (0..15)),
a3filterPolicyAction INTEGER,
a3filterPolicyMask1 INTEGER,
a3filterPolicyMask2 INTEGER,
a3filterPolicyMask3 INTEGER,
a3filterPolicyMask4 INTEGER,
a3filterPolicyContext INTEGER,
a3filterPolicyPorts1 OCTET STRING,
a3filterPolicyPorts2 OCTET STRING,
a3filterPolicyPackets Counter,
a3filterPolicyBytes Counter,
a3filterPolicyStatus RowStatus,
a3filterPolicyX25ProfId INTEGER
}
a3filterPolicyIndex OBJECT-TYPE
SYNTAX INTEGER (1..64)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The index used to identify a filter policy entry."
::= { a3filterPolicyEntry 1 }
a3filterPolicyName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"A textual name used to help identify a filter policy
entry. Each entry must have a unique name."
::= { a3filterPolicyEntry 2 }
a3filterPolicyAction OBJECT-TYPE
SYNTAX INTEGER {
discard (1),
forward (2),
count (3),
sequence (4),
prioritizeHigh (5),
prioritizeMed (6),
prioritizeLow (7),
doddiscard (8),
x25ProfId (9)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The action taken when a packet matches all the masks
(applied in the proper context) identified in this
policy entry.
If this object has the value discard(1), then all
packets that match the masks and context of this
entry are discarded.
If this object has the value forward(2), then all
packets that match the masks and context of this
entry are forwarded.
If this object has the value count(3), then all
packets that match the masks and context of this
entry are counted. The actual counts can be
obtained by requesting the values of
a3filterPolicyPackets and a3filterPolicyBytes.
If this object has the value sequence(4), then all
bridged packets destined for a port with multiple
serial paths that match the masks and context of this
entry are forwarded in sequence.
If this object has the value prioritze, then all
packets destined for a port supported by one or
more serial paths that match the masks and context
of this entry are given higher priority.
If this object has the value doddiscard(8), then all
packets that match the masks and context of this entry
will be subjected to the 'DODdiscard' action; ie, those
packets will be discarded and will not raise a DOD path
if the path is down, or if the path is UP, those packets
will be forwarded but will not keep the path up.
If this object has the value x25ProfId(9), then all packets
that match the masks and context of this entry will
use the X25 Profile identified by a3filterPolicyX25ProfId when
passing those packets over an X25 network."
::= { a3filterPolicyEntry 3 }
a3filterPolicyMask1 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object identifies an entry in either of the Mask
Tables. Each filter policy entry identifies up to four
separate masks. An entry of zero for this object
identifies a null mask."
::= { a3filterPolicyEntry 4 }
a3filterPolicyMask2 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object identifies an entry in either of the
Mask Tables. Each filter policy entry identifies up
to four separate masks. An entry of zero for this
object identifies a null mask."
::= { a3filterPolicyEntry 5 }
a3filterPolicyMask3 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object identifies an entry in the Mask Table. Each
filter policy entry identifies up to four separate masks.
An entry of zero for this object identifies a null mask."
::= { a3filterPolicyEntry 6 }
a3filterPolicyMask4 OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"This object identifies an entry in the Mask Table. Each
filter policy entry identifies up to four separate masks.
An entry of zero for this object identifies a null mask."
::= { a3filterPolicyEntry 7 }
a3filterPolicyContext OBJECT-TYPE
SYNTAX INTEGER {
all (1),
atPorts1 (2),
fromPorts1 (3),
fromPorts1ToPorts2 (4),
toPorts1 (5),
betweenPorts1AndPorts2 (6),
amongPorts1 (7)
}