HUAWEI-ACL-MIB: View SNMP OID List / Download MIB
VENDOR: HUAWEI
| Home | MIB: HUAWEI-ACL-MIB | |||
|---|---|---|---|---|
| Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
| Object Name | OID | Type | Access | Info |
| hwAcl | 1.3.6.1.4.1.2011.5.1 |
The HUAWEI-ACL-MIB contains objects to configure ACL module, including ACL group, rule and acl accelerate, and query the current ACL configuration and status. This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable, hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable, hwAclCompileEnableFlag, hwAclCompileNumGroupTable, hwAclIpv6NumGroupTable and acl trap. To filter data packets, a series of rules need to be configured on the device. These rules are defined by ACL (Access Control List), which are a series of sequential rules consisting of rule permit or deny statements. The rules are described by source address, destination address and port number of data packets. ACL classifies data packets through these device interface applied rules, by which the device decides which packets can be received and which should be rejected. |
||
| hwAclMibObjects | 1.3.6.1.4.1.2011.5.1.1 | |||
| hwAclNumGroupTable | 1.3.6.1.4.1.2011.5.1.1.2 | no-access |
The table of ACL group information including match order, step, description and so on |
|
| 1.3.6.1.4.1.2011.5.1.1.2.1 | no-access |
An entry containing characters of an acl group |
||
| hwAclNumGroupAclNum | 1.3.6.1.4.1.2011.5.1.1.2.1.1 | integer32 | read-only |
The index of acl group, identifying an ACL. The object specifies the range of an ACL number. The basic ACL is represented by the number in the range 2000 through 2999. The advanced ACL is represented by the number in the range 3000 through 3999. The interface-based ACL is represented by the number in the range 1000 to 1999. The User Defined ACL is represented by the number in the range 5000 through 5999. The User ACL is represented by the number in the range 6000 through 9999. The Mpls ACL is represented by the number in the range 10000 through 10999. The name ACL is represented by the number in the range 42768 through 76535. |
| hwAclNumGroupMatchOrder | 1.3.6.1.4.1.2011.5.1.1.2.1.2 | integer | read-only |
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL rules are matched following the 'Depth-first' principle. Enumeration: 'auto': 2, 'config': 1. |
| hwAclNumGroupSubitemNum | 1.3.6.1.4.1.2011.5.1.1.2.1.3 | counter32 | read-only |
The total number of the rules in the acl group. |
| hwAclNumGroupStep | 1.3.6.1.4.1.2011.5.1.1.2.1.4 | integer32 | read-only |
The object indicates the step value of number acl. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The ACL IDs change along with the step. When the step is 5, the ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on. |
| hwAclNumGroupDescription | 1.3.6.1.4.1.2011.5.1.1.2.1.5 | octet string | read-only |
The object indicates the description of this acl group. The object describes the usage of an ACL with a word or a sentence. |
| hwAclNumGroupCountClear | 1.3.6.1.4.1.2011.5.1.1.2.1.6 | integer | read-only |
Reset the statistics of ACL group. Enumeration: 'cleared': 1, 'notUsed': 2. |
| hwAclNumGroupRowStatus | 1.3.6.1.4.1.2011.5.1.1.2.1.7 | rowstatus | read-only |
RowStatus, Now support three value:CreateAndGo,Active,Destroy. |
| hwAclNumGroupAclName | 1.3.6.1.4.1.2011.5.1.1.2.1.8 | octet string | read-only |
The object indicates the name of an acl group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character. |
| hwAclNumGroupAclType | 1.3.6.1.4.1.2011.5.1.1.2.1.9 | integer | read-only |
The type of ACL group. Enumeration: 'mpls': 6, 'mac': 7, 'link': 3, 'user': 4, 'basic': 1, 'interface': 5, 'ucl': 8, 'advanced': 2. |
| hwAclBasicRuleTable | 1.3.6.1.4.1.2011.5.1.1.4 | no-access |
Configure the rule for basic acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.4.1 | no-access |
Each entry is a rule of basic acl. |
||
| hwAclBasicAclNum | 1.3.6.1.4.1.2011.5.1.1.4.1.1 | integer32 | read-only |
The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 ). |
| hwAclBasicSubitem | 1.3.6.1.4.1.2011.5.1.1.4.1.2 | unsigned32 | read-only |
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created. |
| hwAclBasicAct | 1.3.6.1.4.1.2011.5.1.1.4.1.3 | integer | read-only |
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclBasicSrcIp | 1.3.6.1.4.1.2011.5.1.1.4.1.4 | ipaddress | read-only |
The object indicates the source IP-address of a basic acl rule. |
| hwAclBasicSrcWild | 1.3.6.1.4.1.2011.5.1.1.4.1.5 | ipaddress | read-only |
The object indicates the source IP-address wild of a basic acl rule. |
| hwAclBasicTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.4.1.6 | integer32 | read-only |
The object indicates the time range of a basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0. |
| hwAclBasicFragments | 1.3.6.1.4.1.2011.5.1.1.4.1.7 | integer | read-only |
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created. Enumeration: 'none': 255, 'fragment': 1, 'nonFragment': 2, 'fragmentSubseq': 0, 'fragmentSpeFirst': 4, 'nonSubseq': 3. |
| hwAclBasicLog | 1.3.6.1.4.1.2011.5.1.1.4.1.8 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets. |
| hwAclBasicEnable | 1.3.6.1.4.1.2011.5.1.1.4.1.9 | truthvalue | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclBasicCount | 1.3.6.1.4.1.2011.5.1.1.4.1.10 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclBasicVrfName | 1.3.6.1.4.1.2011.5.1.1.4.1.11 | octet string | read-only |
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs. |
| hwAclBasicRowStatus | 1.3.6.1.4.1.2011.5.1.1.4.1.12 | rowstatus | read-only |
RowStatus, Now support three value:CreateAndGo,Active and Destroy. |
| hwAclBasicDescription | 1.3.6.1.4.1.2011.5.1.1.4.1.13 | octet string | read-only |
The object indicates the description of this basic rule. The object describes the usage of an ACL with a word or a sentence. |
| hwAclAdvancedRuleTable | 1.3.6.1.4.1.2011.5.1.1.5 | no-access |
Configure the rule for advanced acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.5.1 | no-access |
Each entry contains a rule of advanced acl group. |
||
| hwAclAdvancedAclNum | 1.3.6.1.4.1.2011.5.1.1.5.1.1 | integer32 | read-only |
The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535). |
| hwAclAdvancedSubitem | 1.3.6.1.4.1.2011.5.1.1.5.1.2 | unsigned32 | read-only |
The object specifies the number of an advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created. |
| hwAclAdvancedAct | 1.3.6.1.4.1.2011.5.1.1.5.1.3 | integer | read-only |
The object indicates the action of an advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclAdvancedProtocol | 1.3.6.1.4.1.2011.5.1.1.5.1.4 | integer32 | read-only |
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0. |
| hwAclAdvancedSrcIp | 1.3.6.1.4.1.2011.5.1.1.5.1.5 | ipaddress | read-only |
The object indicates the source IP-address of an advanced acl rule. |
| hwAclAdvancedSrcWild | 1.3.6.1.4.1.2011.5.1.1.5.1.6 | ipaddress | read-only |
The object indicates the source IP-address wild of an advanced acl rule. |
| hwAclAdvancedSrcOp | 1.3.6.1.4.1.2011.5.1.1.5.1.7 | integer | read-only |
The object indicates the source Port operation symbol of an advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclAdvancedSrcPort1 | 1.3.6.1.4.1.2011.5.1.1.5.1.8 | integer32 | read-only |
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets. |
| hwAclAdvancedSrcPort2 | 1.3.6.1.4.1.2011.5.1.1.5.1.9 | integer32 | read-only |
The object indicates the fourth layer source port2. |
| hwAclAdvancedDestIp | 1.3.6.1.4.1.2011.5.1.1.5.1.10 | ipaddress | read-only |
The object indicates the destination IP-address of an advanced acl rule. |
| hwAclAdvancedDestWild | 1.3.6.1.4.1.2011.5.1.1.5.1.11 | ipaddress | read-only |
The object indicates the destination IP-address wild of an advanced acl rule. |
| hwAclAdvancedDestOp | 1.3.6.1.4.1.2011.5.1.1.5.1.12 | integer | read-only |
The object indicates the destination Port operation symbol of an advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclAdvancedDestPort1 | 1.3.6.1.4.1.2011.5.1.1.5.1.13 | integer32 | read-only |
The object indicates the fourth layer destination port1. |
| hwAclAdvancedDestPort2 | 1.3.6.1.4.1.2011.5.1.1.5.1.14 | integer32 | read-only |
The object indicates the fourth layer destination port2. |
| hwAclAdvancedPrecedence | 1.3.6.1.4.1.2011.5.1.1.5.1.15 | integer32 | read-only |
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255. |
| hwAclAdvancedTos | 1.3.6.1.4.1.2011.5.1.1.5.1.16 | integer32 | read-only |
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255. |
| hwAclAdvancedDscp | 1.3.6.1.4.1.2011.5.1.1.5.1.17 | integer32 | read-only |
The object indicates the value of frame.The invalid value is 255. |
| hwAclAdvancedEstablish | 1.3.6.1.4.1.2011.5.1.1.5.1.18 | truthvalue | read-only |
The object indicates whether or not establishing. |
| hwAclAdvancedTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.5.1.19 | integer32 | read-only |
The object indicates the time range of an advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0. |
| hwAclAdvancedIcmpType | 1.3.6.1.4.1.2011.5.1.1.5.1.20 | integer32 | read-only |
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535. |
| hwAclAdvancedIcmpCode | 1.3.6.1.4.1.2011.5.1.1.5.1.21 | integer32 | read-only |
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535. |
| hwAclAdvancedFragments | 1.3.6.1.4.1.2011.5.1.1.5.1.22 | integer | read-only |
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created. Enumeration: 'none': 255, 'fragment': 1, 'nonFragment': 2, 'fragmentSubseq': 0, 'fragmentSpeFirst': 4, 'nonSubseq': 3. |
| hwAclAdvancedLog | 1.3.6.1.4.1.2011.5.1.1.5.1.23 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets |
| hwAclAdvancedEnable | 1.3.6.1.4.1.2011.5.1.1.5.1.24 | truthvalue | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclAdvancedCount | 1.3.6.1.4.1.2011.5.1.1.5.1.25 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclAdvancedVrfName | 1.3.6.1.4.1.2011.5.1.1.5.1.26 | octet string | read-only |
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs. |
| hwAclAdvancedRowStatus | 1.3.6.1.4.1.2011.5.1.1.5.1.27 | rowstatus | read-only |
RowStatus, Now support three state:CreateAndGo,Active,Destroy. |
| hwAclAdvancedTcpSyncFlag | 1.3.6.1.4.1.2011.5.1.1.5.1.28 | integer32 | read-only |
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1. |
| hwAclAdvancedDescription | 1.3.6.1.4.1.2011.5.1.1.5.1.29 | octet string | read-only |
The object indicates the description of this advanced rule. The object describes the usage of an ACL with a word or a sentence. |
| hwAclAdvancedSrcPoolName | 1.3.6.1.4.1.2011.5.1.1.5.1.30 | octet string | read-only |
The object indicates the source pool name. |
| hwAclAdvancedDestPoolName | 1.3.6.1.4.1.2011.5.1.1.5.1.31 | octet string | read-only |
The object indicates the destination pool name. |
| hwAclAdvancedProtocolNew | 1.3.6.1.4.1.2011.5.1.1.5.1.32 | integer32 | read-only |
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 65535. |
| hwAclAdvancedVni | 1.3.6.1.4.1.2011.5.1.1.5.1.33 | integer32 | read-only |
The object indicates the ID of VXLAN, The invalid value is 0. |
| hwAclAdvancedIgmpType | 1.3.6.1.4.1.2011.5.1.1.5.1.34 | integer32 | read-only |
The object indicates the type of igmp, The invalid value is 65535. |
| hwAclAdvancedTtlOp | 1.3.6.1.4.1.2011.5.1.1.5.1.35 | integer | read-only |
The object indicates the ttl operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclAdvancedTtlExpire | 1.3.6.1.4.1.2011.5.1.1.5.1.36 | integer32 | read-only |
The object indicates the begin ttl value. The invalid value is 0. |
| hwAclAdvancedTtlExpireEnd | 1.3.6.1.4.1.2011.5.1.1.5.1.37 | integer32 | read-only |
The object indicates the end ttl value. The invalid value is 0. |
| hwAclAdvancedPktLenOp | 1.3.6.1.4.1.2011.5.1.1.5.1.38 | integer | read-only |
The object indicates the packet length operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclAdvancedPktLenBegin | 1.3.6.1.4.1.2011.5.1.1.5.1.39 | integer32 | read-only |
The object indicates the begin packet length value. |
| hwAclAdvancedPktLenEnd | 1.3.6.1.4.1.2011.5.1.1.5.1.40 | integer32 | read-only |
The object indicates the end packet length value. |
| hwAclAdvancedTcpFlagMask | 1.3.6.1.4.1.2011.5.1.1.5.1.41 | integer32 | read-only |
The object indicates the mask of tcp-flag. The invalid value is 0. |
| hwAclIfRuleTable | 1.3.6.1.4.1.2011.5.1.1.6 | no-access |
Configure the rule for interface-based acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.6.1 | no-access |
Each entry contains a rule of interface-based acl group. |
||
| hwAclIfAclNum | 1.3.6.1.4.1.2011.5.1.1.6.1.1 | integer32 | read-only |
The index of interface-based acl group, the index range is (1000..1999 | 42768..76535). |
| hwAclIfSubitem | 1.3.6.1.4.1.2011.5.1.1.6.1.2 | unsigned32 | read-only |
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created. |
| hwAclIfAct | 1.3.6.1.4.1.2011.5.1.1.6.1.3 | integer | read-only |
The object indicates the action of an interface-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclIfIndex | 1.3.6.1.4.1.2011.5.1.1.6.1.4 | integer32 | read-only |
The object indicates the index of an interface. It specifies the interface information of the packets.The invalid interface index is 0. |
| hwAclIfAny | 1.3.6.1.4.1.2011.5.1.1.6.1.5 | truthvalue | read-only |
The object indicates whether or not matching any interface. |
| hwAclIfTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.6.1.6 | integer32 | read-only |
The object indicates the time range of an interface-based acl rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0. |
| hwAclIfLog | 1.3.6.1.4.1.2011.5.1.1.6.1.7 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets. |
| hwAclIfEnable | 1.3.6.1.4.1.2011.5.1.1.6.1.8 | truthvalue | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclIfCount | 1.3.6.1.4.1.2011.5.1.1.6.1.9 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclIfRowStatus | 1.3.6.1.4.1.2011.5.1.1.6.1.11 | rowstatus | read-only |
RowStatus,Now support three state:CreateAndGo,Active,Destroy. |
| hwAclUserRuleTable | 1.3.6.1.4.1.2011.5.1.1.7 | no-access |
Configure the rule for user acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.7.1 | no-access |
Each entry contains a rule of user acl group. |
||
| hwAclUserAclNum | 1.3.6.1.4.1.2011.5.1.1.7.1.1 | integer32 | read-only |
The index of user acl table, the index range is (6000..9999). |
| hwAclUserSubitem | 1.3.6.1.4.1.2011.5.1.1.7.1.2 | unsigned32 | read-only |
The object specifies the number of an User ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle |
| hwAclUserAct | 1.3.6.1.4.1.2011.5.1.1.7.1.3 | integer | read-only |
The object indicates the action of an User acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclUserProtocol | 1.3.6.1.4.1.2011.5.1.1.7.1.4 | integer32 | read-only |
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0. |
| hwAclUserSrcIp | 1.3.6.1.4.1.2011.5.1.1.7.1.5 | ipaddress | read-only |
The object indicates the source IP-address of an User acl rule. |
| hwAclUserSrcWild | 1.3.6.1.4.1.2011.5.1.1.7.1.6 | ipaddress | read-only |
The object indicates the source IP-address wild of an User acl rule. |
| hwAclUserSrcOp | 1.3.6.1.4.1.2011.5.1.1.7.1.7 | integer | read-only |
The object indicates the source Port operation symbol of an User acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclUserSrcPort1 | 1.3.6.1.4.1.2011.5.1.1.7.1.8 | integer32 | read-only |
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets. |
| hwAclUserSrcPort2 | 1.3.6.1.4.1.2011.5.1.1.7.1.9 | integer32 | read-only |
The object indicates the fourth layer source port2. |
| hwAclUserDestIp | 1.3.6.1.4.1.2011.5.1.1.7.1.10 | ipaddress | read-only |
The object indicates the destination IP-address of an User acl rule. |
| hwAclUserDestWild | 1.3.6.1.4.1.2011.5.1.1.7.1.11 | ipaddress | read-only |
The object indicates the destination IP-address wild of an User acl rule. |
| hwAclUserDestOp | 1.3.6.1.4.1.2011.5.1.1.7.1.12 | integer | read-only |
The object indicates the destination Port operation symbol of an User acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclUserDestPort1 | 1.3.6.1.4.1.2011.5.1.1.7.1.13 | integer32 | read-only |
The object indicates the fourth layer destination port1. |
| hwAclUserDestPort2 | 1.3.6.1.4.1.2011.5.1.1.7.1.14 | integer32 | read-only |
The object indicates the fourth layer destination port2. |
| hwAclUserPrecedence | 1.3.6.1.4.1.2011.5.1.1.7.1.15 | integer32 | read-only |
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255. |
| hwAclUserTos | 1.3.6.1.4.1.2011.5.1.1.7.1.16 | integer32 | read-only |
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255. |
| hwAclUserDscp | 1.3.6.1.4.1.2011.5.1.1.7.1.17 | integer32 | read-only |
The object indicates the value of frame.The invalid value is 255. |
| hwAclUserEstablish | 1.3.6.1.4.1.2011.5.1.1.7.1.18 | truthvalue | read-only |
The object indicates whether or not establishing. |
| hwAclUserTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.7.1.19 | integer32 | read-only |
The object indicates the time range of an User acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0. |
| hwAclUserIcmpType | 1.3.6.1.4.1.2011.5.1.1.7.1.20 | integer32 | read-only |
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535. |
| hwAclUserIcmpCode | 1.3.6.1.4.1.2011.5.1.1.7.1.21 | integer32 | read-only |
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535. |
| hwAclUserFragments | 1.3.6.1.4.1.2011.5.1.1.7.1.22 | truthvalue | read-only |
The object indicates whether or not matching fragmented packet, It specifies that this rule is only valid for the non-first fragment packets. |
| hwAclUserLog | 1.3.6.1.4.1.2011.5.1.1.7.1.23 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets |
| hwAclUserEnable | 1.3.6.1.4.1.2011.5.1.1.7.1.24 | truthvalue | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclUserCount | 1.3.6.1.4.1.2011.5.1.1.7.1.25 | counter32 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclUserVrfName | 1.3.6.1.4.1.2011.5.1.1.7.1.26 | octet string | read-only |
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs. |
| hwAclUserSrcUserGroupName | 1.3.6.1.4.1.2011.5.1.1.7.1.27 | octet string | read-only |
The object indicates the source user group name of this rule. if modetype source is user, null sting means any user |
| hwAclUserDestUserGroupName | 1.3.6.1.4.1.2011.5.1.1.7.1.28 | octet string | read-only |
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user |
| hwAclUserSrcModeType | 1.3.6.1.4.1.2011.5.1.1.7.1.29 | integer32 | read-only |
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group |
| hwAclUserDestModeType | 1.3.6.1.4.1.2011.5.1.1.7.1.30 | integer32 | read-only |
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet or any doamin name, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group, 5 domain match rule from a domain name, 6 domainAny match rule from any doamin name |
| hwAclUserRowStatus | 1.3.6.1.4.1.2011.5.1.1.7.1.31 | rowstatus | read-only |
RowStatus, Now support three state:CreateAndGo,Active,Destroy. |
| hwAclUserTcpSyncFlag | 1.3.6.1.4.1.2011.5.1.1.7.1.32 | integer32 | read-only |
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1. |
| hwAclUserSrcUserGroupNum | 1.3.6.1.4.1.2011.5.1.1.7.1.33 | integer32 | read-only |
The object indicates the source user group num of this rule. if modetype source is user, null sting means any user |
| hwAclUserDestUserGroupNum | 1.3.6.1.4.1.2011.5.1.1.7.1.34 | integer32 | read-only |
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user |
| hwAclUserDestDomainName | 1.3.6.1.4.1.2011.5.1.1.7.1.35 | octet string | read-only |
The object indicates the destination domain name of this rule. if modetype destination is domain, null sting means any domain. |
| hwAclCompileEnableFlag | 1.3.6.1.4.1.2011.5.1.1.10 | truthvalue | read-write |
The object indicates whether acl compiler is enabled. when acl compiler is enabled, and ACL accelerate function is enabled, then matching packets by rule is efficient. |
| hwAclCompileNumGroupTable | 1.3.6.1.4.1.2011.5.1.1.11 | no-access |
The ACL compiler table extending the Acl-number-group table |
|
| 1.3.6.1.4.1.2011.5.1.1.11.1 | no-access |
The entry of Acl-number-group compiler extended table |
||
| hwAclCompileNumGroupStatus | 1.3.6.1.4.1.2011.5.1.1.11.1.1 | integer | read-write |
The object indicates the status of Acl-number-group compiler. 'notCompile' means acl accelerate function is disabled, 'compiled' means acl accelerate function is enabled, 'changeAfterCompile' means acl is changed after compiled. Enumeration: 'compiled': 2, 'changeAfterCompile': 3, 'notCompile': 1. |
| hwAclIpv6BasicRuleTable | 1.3.6.1.4.1.2011.5.1.1.12 | no-access |
Configure the rule for ipv6 basic acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.12.1 | no-access |
Each entry is a rule of ipv6 basic acl. |
||
| hwAclIpv6BasicAclNum | 1.3.6.1.4.1.2011.5.1.1.12.1.1 | integer32 | read-only |
The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535). |
| hwAclIpv6BasicSubitem | 1.3.6.1.4.1.2011.5.1.1.12.1.2 | unsigned32 | read-only |
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically; otherwise, this rule will not be created. |
| hwAclIpv6BasicAct | 1.3.6.1.4.1.2011.5.1.1.12.1.3 | integer | read-only |
The object indicates the action of a ipv6 basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclIpv6BasicSrcIp | 1.3.6.1.4.1.2011.5.1.1.12.1.4 | ipv6address | read-only |
The object indicates the source IPv6-address of a ipv6 basic acl rule. |
| hwAclIpv6BasicSrcPrefix | 1.3.6.1.4.1.2011.5.1.1.12.1.5 | integer32 | read-only |
The object indicates the source IPv6-address prefix length of a ipv6 basic acl rule. |
| hwAclIpv6BasicTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.12.1.6 | integer32 | read-only |
The object indicates the time range of a ipv6 basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0. |
| hwAclIpv6BasicFragment | 1.3.6.1.4.1.2011.5.1.1.12.1.7 | integer | read-only |
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created. Enumeration: 'fragment': 1, 'none': 255, 'fragmentSubseq': 0. |
| hwAclIpv6BasicLog | 1.3.6.1.4.1.2011.5.1.1.12.1.8 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets. |
| hwAclIpv6BasicEnable | 1.3.6.1.4.1.2011.5.1.1.12.1.9 | enabledstatus | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclIpv6BasicCount | 1.3.6.1.4.1.2011.5.1.1.12.1.10 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclIpv6BasicVrfName | 1.3.6.1.4.1.2011.5.1.1.12.1.11 | octet string | read-only |
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs. |
| hwAclIpv6BasicRowStatus | 1.3.6.1.4.1.2011.5.1.1.12.1.12 | rowstatus | read-only |
RowStatus, Now support three value: CreateAndGo, Active and Destroy. |
| hwAclIpv6BasicDescription | 1.3.6.1.4.1.2011.5.1.1.12.1.13 | octet string | read-only |
The object indicates the description of this IPv6 basic rule. The object describes the usage of an IPv6 ACL with a word or a sentence. |
| hwAclIpv6BasicSrcMask | 1.3.6.1.4.1.2011.5.1.1.12.1.14 | ipv6address | read-only |
The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive. |
| hwAclIpv6AdvancedRuleTable | 1.3.6.1.4.1.2011.5.1.1.13 | no-access |
Configure the rule for ipv6 advanced acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.13.1 | no-access |
Each entry contains a rule of ipv6 advanced acl group. |
||
| hwAclIpv6AdvancedAclNum | 1.3.6.1.4.1.2011.5.1.1.13.1.1 | integer32 | read-only |
The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535). |
| hwAclIpv6AdvancedSubitem | 1.3.6.1.4.1.2011.5.1.1.13.1.2 | unsigned32 | read-only |
The object specifies the number of an ipv6 advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically;otherwise,this rule will not be created. |
| hwAclIpv6AdvancedAct | 1.3.6.1.4.1.2011.5.1.1.13.1.3 | integer | read-only |
The object indicates the action of an ipv6 advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclIpv6AdvancedProtocol | 1.3.6.1.4.1.2011.5.1.1.13.1.4 | integer32 | read-only |
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 0. |
| hwAclIpv6AdvancedSrcIp | 1.3.6.1.4.1.2011.5.1.1.13.1.5 | ipv6address | read-only |
The object indicates the source IPv6-address of an ipv6 advanced acl rule. |
| hwAclIpv6AdvancedSrcPrefix | 1.3.6.1.4.1.2011.5.1.1.13.1.6 | integer32 | read-only |
The object indicates the source IPv6-address prefix length of an ipv6 advanced acl rule. |
| hwAclIpv6AdvancedSrcOp | 1.3.6.1.4.1.2011.5.1.1.13.1.7 | integer | read-only |
The object indicates the source Port operation symbol of an ipv6 advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 255, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclIpv6AdvancedSrcPort1 | 1.3.6.1.4.1.2011.5.1.1.13.1.8 | integer32 | read-only |
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets. |
| hwAclIpv6AdvancedSrcPort2 | 1.3.6.1.4.1.2011.5.1.1.13.1.9 | integer32 | read-only |
The object indicates the fourth layer source port2. |
| hwAclIpv6AdvancedDestIp | 1.3.6.1.4.1.2011.5.1.1.13.1.10 | ipv6address | read-only |
The object indicates the destination IPv6-address of an ipv6 advanced acl rule. |
| hwAclIpv6AdvancedDestPrefix | 1.3.6.1.4.1.2011.5.1.1.13.1.11 | integer32 | read-only |
The object indicates the destination IPv6-address prefix length of an ipv6 advanced acl rule. |
| hwAclIpv6AdvancedDestOp | 1.3.6.1.4.1.2011.5.1.1.13.1.12 | integer | read-only |
The object indicates the destination Port operation symbol of an ipv6 advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 255, 'lt': 1, 'eq': 2, 'neq': 4. |
| hwAclIpv6AdvancedDestPort1 | 1.3.6.1.4.1.2011.5.1.1.13.1.13 | integer32 | read-only |
The object indicates the fourth layer destination port1. |
| hwAclIpv6AdvancedDestPort2 | 1.3.6.1.4.1.2011.5.1.1.13.1.14 | integer32 | read-only |
The object indicates the fourth layer destination port2. |
| hwAclIpv6AdvancedPrecedence | 1.3.6.1.4.1.2011.5.1.1.13.1.15 | integer32 | read-only |
The object indicates the value of IPv6-packet's precedence, It filters packets according to precedence field. The invalid value is 255. |
| hwAclIpv6AdvancedTos | 1.3.6.1.4.1.2011.5.1.1.13.1.16 | integer32 | read-only |
The object indicates the value of IPv6-packet's TOS, It filters packets according to type of service. The invalid value is 255. |
| hwAclIpv6AdvancedDscp | 1.3.6.1.4.1.2011.5.1.1.13.1.17 | integer32 | read-only |
The object indicates the value of frame.The invalid value is 255. |
| hwAclIpv6AdvancedEstablish | 1.3.6.1.4.1.2011.5.1.1.13.1.18 | truthvalue | read-only |
The object indicates whether or not establishing. |
| hwAclIpv6AdvancedTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.13.1.19 | integer32 | read-only |
The object indicates the time range of an ipv6 advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0. |
| hwAclIpv6AdvancedIcmpType | 1.3.6.1.4.1.2011.5.1.1.13.1.20 | integer32 | read-only |
The object indicates the type of ICMPv6 packet. It filters ICMP packets according to the ICMPv6 message type. The invalid value is 65535. |
| hwAclIpv6AdvancedIcmpCode | 1.3.6.1.4.1.2011.5.1.1.13.1.21 | integer32 | read-only |
The object indicates the code of ICMPv6 packet. It filters ICMPv6 packets according to the message code. The invalid value is 65535. |
| hwAclIpv6AdvancedFragment | 1.3.6.1.4.1.2011.5.1.1.13.1.22 | integer | read-only |
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created. Enumeration: 'fragment': 1, 'none': 255, 'fragmentSubseq': 0. |
| hwAclIpv6AdvancedLog | 1.3.6.1.4.1.2011.5.1.1.13.1.23 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets |
| hwAclIpv6AdvancedEnable | 1.3.6.1.4.1.2011.5.1.1.13.1.24 | enabledstatus | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclIpv6AdvancedCount | 1.3.6.1.4.1.2011.5.1.1.13.1.25 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclIpv6AdvancedVrfName | 1.3.6.1.4.1.2011.5.1.1.13.1.26 | octet string | read-only |
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs. |
| hwAclIpv6AdvancedRowStatus | 1.3.6.1.4.1.2011.5.1.1.13.1.27 | rowstatus | read-only |
RowStatus, Now support three state:CreateAndGo,Active,Destroy. |
| hwAclIpv6AdvancedDescription | 1.3.6.1.4.1.2011.5.1.1.13.1.28 | octet string | read-only |
The object indicates the description of this IPv6 advanced rule. The object describes the usage of an IPv6 ACL with a word or a sentence. |
| hwAclIpv6AdvancedSrcMask | 1.3.6.1.4.1.2011.5.1.1.13.1.29 | ipv6address | read-only |
The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive. |
| hwAclIpv6AdvancedDestMask | 1.3.6.1.4.1.2011.5.1.1.13.1.30 | ipv6address | read-only |
The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive. |
| hwAclIpv6AdvancedProtocolNew | 1.3.6.1.4.1.2011.5.1.1.13.1.31 | integer32 | read-only |
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 65535. |
| hwAclEthernetFrameRuleTable | 1.3.6.1.4.1.2011.5.1.1.14 | no-access |
Configure the rule for ethernet-frame-based acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.14.1 | no-access |
Each entry contains a rule of ethernet-frame-based acl group. |
||
| hwAclEthernetFrameAclNum | 1.3.6.1.4.1.2011.5.1.1.14.1.1 | integer32 | read-only |
The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535). |
| hwAclEthernetFrameSubitem | 1.3.6.1.4.1.2011.5.1.1.14.1.2 | unsigned32 | read-only |
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created. |
| hwAclEthernetFrameAct | 1.3.6.1.4.1.2011.5.1.1.14.1.3 | integer | read-only |
The object indicates the action of an ethernet-frame-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclEthernetFrameType | 1.3.6.1.4.1.2011.5.1.1.14.1.4 | integer32 | read-only |
The object indicates the type of an ethernet frame. It specifies the interface information of the packets. The invalid ethernet frame type is 0. |
| hwAclEthernetFrameTypeMask | 1.3.6.1.4.1.2011.5.1.1.14.1.5 | integer32 | read-only |
The object indicates the mask of ethernet frame. |
| hwAclEthernetFrameSrcMac | 1.3.6.1.4.1.2011.5.1.1.14.1.6 | macaddress | read-only |
The object indicates the source mac address of rule. |
| hwAclEthernetFrameSrcMacMask | 1.3.6.1.4.1.2011.5.1.1.14.1.7 | macaddress | read-only |
The object indicates the source mac mask of rule. |
| hwAclEthernetFrameDstMac | 1.3.6.1.4.1.2011.5.1.1.14.1.8 | macaddress | read-only |
The object indicates the destination mac address of rule. |
| hwAclEthernetFrameDstMacMask | 1.3.6.1.4.1.2011.5.1.1.14.1.9 | macaddress | read-only |
The object indicates the destination mac mask of rule. |
| hwAclEthernetFrameTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.14.1.10 | integer32 | read-only |
The object indicates the time range of a ethernet frame acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0. |
| hwAclEthernetFrameLog | 1.3.6.1.4.1.2011.5.1.1.14.1.11 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, source/destination mac addr, protocol of ethernet frame, and number of packets. |
| hwAclEthernetFrameEnable | 1.3.6.1.4.1.2011.5.1.1.14.1.12 | enabledstatus | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclEthernetFrameCount | 1.3.6.1.4.1.2011.5.1.1.14.1.13 | counter64 | read-only |
The object indicates the statistics of matched packets by rule. |
| hwAclEthernetFrameRowStatus | 1.3.6.1.4.1.2011.5.1.1.14.1.14 | rowstatus | read-only |
RowStatus,Now support three state:CreateAndGo,Active,Destroy. |
| hwAclEthernetFrameEncapType | 1.3.6.1.4.1.2011.5.1.1.14.1.15 | integer | read-only |
The object indicates the encapsulation type of rule. Enumeration: 'snap': 3, 'none': 255, 'ether2': 1, 'ieee802dot3': 2. |
| hwAclEthernetFrameDoubleTag | 1.3.6.1.4.1.2011.5.1.1.14.1.16 | truthvalue | read-only |
The object indicates two tags of rule. False value do not care the number of tags. |
| hwAclEthernetFrameVlanId | 1.3.6.1.4.1.2011.5.1.1.14.1.17 | integer32 | read-only |
The object indicates the vlan ID of rule. The invalid vlan ID is 0. |
| hwAclEthernetFrameVlanIdMask | 1.3.6.1.4.1.2011.5.1.1.14.1.18 | integer32 | read-only |
The object indicates the vlan ID mask of rule. |
| hwAclEthernetFrameCVlanId | 1.3.6.1.4.1.2011.5.1.1.14.1.19 | integer32 | read-only |
The object indicates the ce-vlan ID of rule. The invalid vlan ID is 0. |
| hwAclEthernetFrameCVlanIdMask | 1.3.6.1.4.1.2011.5.1.1.14.1.20 | integer32 | read-only |
The object indicates the ce-vlan ID mask of rule. |
| hwAclEthernetFrameRule8021p | 1.3.6.1.4.1.2011.5.1.1.14.1.21 | integer32 | read-only |
The object indicates the 8021p value of S-tag. |
| hwAclEthernetFrameRuleCVlan8021p | 1.3.6.1.4.1.2011.5.1.1.14.1.22 | integer32 | read-only |
The object indicates the 8021p value of C-tag. |
| hwAclEthernetFrameDescription | 1.3.6.1.4.1.2011.5.1.1.14.1.23 | octet string | read-only |
The object indicates the description of this ethernetframe rule. The object describes the usage of an ACL with a word or a sentence. |
| hwAclAppliedTable | 1.3.6.1.4.1.2011.5.1.1.15 | no-access |
Configure the applied ACL. |
|
| 1.3.6.1.4.1.2011.5.1.1.15.1 | no-access |
Each entry contains a applied ACL. |
||
| hwAclAppliedOperation | 1.3.6.1.4.1.2011.5.1.1.15.1.1 | integer | no-access |
The actions taken when packets conforming or exceeding the configured. Enumeration: 'redirectIpNextHop': 6, 'remarkLocalPrecedence': 11, 'remark8021p': 8, 'remarkDestMac': 14, 'statistic': 15, 'remarkCVlanId': 13, 'filter': 1, 'limit': 2, 'remarkIpPrecedence': 10, 'mirror': 3, 'redirectInterface': 5, 'remarkVlanId': 12, 'redirectIpv6NextHop': 7, 'remarkDscp': 9, 'redirectCp': 4. |
| hwAclAppliedScopeType | 1.3.6.1.4.1.2011.5.1.1.15.1.2 | integer | no-access |
The scope that ACL apply on. Enumeration: 'interface': 3, 'global': 1, 'vlan': 2. |
| hwAclAppliedScopeIndex | 1.3.6.1.4.1.2011.5.1.1.15.1.3 | integer32 | no-access |
When the scope is global, this field is invalid; When the scope is vlan, this field is vlan ID; When the scope is interface, this field is interface index. |
| hwAclAppliedDirection | 1.3.6.1.4.1.2011.5.1.1.15.1.4 | integer | no-access |
The direction acl apply on. Enumeration: 'inbound': 1, 'outbound': 2. |
| hwAclAppliedAclNum | 1.3.6.1.4.1.2011.5.1.1.15.1.5 | integer32 | no-access |
The index of ACL group. Basic ACL in range 2000~2999; Advance ACL in range 3000~3999; Link ACL in range 4000~4999; |
| hwAclAppliedSubitem | 1.3.6.1.4.1.2011.5.1.1.15.1.6 | integer32 | no-access |
The object specifies the number of an ACL rule. |
| hwAclAppliedAclNum2 | 1.3.6.1.4.1.2011.5.1.1.15.1.7 | integer32 | no-access |
The index of ACL group. 65535 means this field is valid. |
| hwAclAppliedSubitem2 | 1.3.6.1.4.1.2011.5.1.1.15.1.8 | integer32 | no-access |
The object specifies the number of an ACL rule. |
| hwAclAppliedStatMode | 1.3.6.1.4.1.2011.5.1.1.15.1.9 | integer | read-only |
The object specifies the mode of statistics. When action is statistic, this field is valid. Enumeration: 'byPackets': 1, 'byBytes': 2. |
| hwAclAppliedStatCount | 1.3.6.1.4.1.2011.5.1.1.15.1.10 | counter64 | read-only |
The object indicates the statistics of matched packets by the policy. When action is statistic or limit, this field is valid. |
| hwAclAppliedLimitCir | 1.3.6.1.4.1.2011.5.1.1.15.1.11 | integer32 | read-only |
Committed information rate. Unit: kbps. |
| hwAclAppliedLimitPir | 1.3.6.1.4.1.2011.5.1.1.15.1.12 | integer32 | read-only |
Peak information rate. Unit: kbps. 0 is the default value. |
| hwAclAppliedLimitCbs | 1.3.6.1.4.1.2011.5.1.1.15.1.13 | integer32 | read-only |
Committed burst size. Unit: byte. 0 is the default value. |
| hwAclAppliedLimitPbs | 1.3.6.1.4.1.2011.5.1.1.15.1.14 | integer32 | read-only |
Peak burst size. Unit: byte. 0 is the default value. |
| hwAclAppliedLimitGreenAction | 1.3.6.1.4.1.2011.5.1.1.15.1.15 | integer | read-only |
Green action. Enumeration: 'passRemarkDscp': 3, 'passRemark8021p': 4, 'drop': 2, 'pass': 1. |
| hwAclAppliedLimitGreenValue | 1.3.6.1.4.1.2011.5.1.1.15.1.16 | integer32 | read-only |
The value is to remark When green action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7. |
| hwAclAppliedLimitYellowAction | 1.3.6.1.4.1.2011.5.1.1.15.1.17 | integer | read-only |
Yellow action. Enumeration: 'passRemarkDscp': 3, 'passRemark8021p': 4, 'drop': 2, 'pass': 1. |
| hwAclAppliedLimitYellowValue | 1.3.6.1.4.1.2011.5.1.1.15.1.18 | integer32 | read-only |
The value is to remark When yellow action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7. |
| hwAclAppliedLimitRedAction | 1.3.6.1.4.1.2011.5.1.1.15.1.19 | integer | read-only |
Red action. Enumeration: 'passRemarkDscp': 3, 'passRemark8021p': 4, 'drop': 2, 'pass': 1. |
| hwAclAppliedLimitRedValue | 1.3.6.1.4.1.2011.5.1.1.15.1.20 | integer32 | read-only |
The value is to remark When red action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7. |
| hwAclAppliedMirrObservedPort | 1.3.6.1.4.1.2011.5.1.1.15.1.21 | integer32 | read-only |
The mirror observe port number. |
| hwAclAppliedMirrRspanVlan | 1.3.6.1.4.1.2011.5.1.1.15.1.22 | integer32 | read-only |
The object specifies the RSPAN vlan. 0 means mirror to local port. |
| hwAclAppliedRedirectIfIndex | 1.3.6.1.4.1.2011.5.1.1.15.1.23 | integer32 | read-only |
The redirect output interface. |
| hwAclAppliedRedirectIpAddr | 1.3.6.1.4.1.2011.5.1.1.15.1.24 | ipaddress | read-only |
The redirect IP next hop address. |
| hwAclAppliedRedirectIpv6Addr | 1.3.6.1.4.1.2011.5.1.1.15.1.25 | ipv6address | read-only |
The redirect IPv6 next hop address. |
| hwAclAppliedRemarkVlan | 1.3.6.1.4.1.2011.5.1.1.15.1.26 | integer32 | read-only |
The remarked vlan ID. |
| hwAclAppliedRemarkCVlan | 1.3.6.1.4.1.2011.5.1.1.15.1.27 | integer32 | read-only |
The remarked ce-vlan ID. |
| hwAclAppliedRemark8021p | 1.3.6.1.4.1.2011.5.1.1.15.1.28 | integer32 | read-only |
The remarked 8021p value. |
| hwAclAppliedRemarkDscp | 1.3.6.1.4.1.2011.5.1.1.15.1.29 | integer32 | read-only |
The remarked DSCP value. |
| hwAclAppliedRemarkIpPre | 1.3.6.1.4.1.2011.5.1.1.15.1.30 | integer32 | read-only |
The remarked IP precedence value. |
| hwAclAppliedRemarkLocalPre | 1.3.6.1.4.1.2011.5.1.1.15.1.31 | integer32 | read-only |
The remarked local precedence value. |
| hwAclAppliedRemarkMacAddr | 1.3.6.1.4.1.2011.5.1.1.15.1.32 | macaddress | read-only |
The remarked MAC address. |
| hwAclAppliedIsIPv6Acl | 1.3.6.1.4.1.2011.5.1.1.15.1.33 | truthvalue | no-access |
The object indicates whether is IPv6 ACL. |
| hwAclAppliedRowStatus | 1.3.6.1.4.1.2011.5.1.1.15.1.51 | rowstatus | read-only |
RowStatus,Now support three state:CreateAndGo,Active,Destroy. |
| hwAclIpv6NumGroupTable | 1.3.6.1.4.1.2011.5.1.1.16 | no-access |
The table of IPv6 ACL group information. |
|
| 1.3.6.1.4.1.2011.5.1.1.16.1 | no-access |
An entry containing characters of an IPv6 ACL group. |
||
| hwAclIpv6NumGroupAclNum | 1.3.6.1.4.1.2011.5.1.1.16.1.1 | integer32 | read-only |
The index of IPv6 ACL group, identifying an IPv6 ACL. |
| hwAclIpv6NumGroupMatchOrder | 1.3.6.1.4.1.2011.5.1.1.16.1.2 | integer | read-only |
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL6 rules are matched following the 'Depth-first' principle. Enumeration: 'default': 3, 'auto': 2, 'config': 1. |
| hwAclIpv6NumGroupSubitemNum | 1.3.6.1.4.1.2011.5.1.1.16.1.3 | counter32 | read-only |
The total number of the rules in the ACL6 group. |
| hwAclIpv6NumGroupCountClear | 1.3.6.1.4.1.2011.5.1.1.16.1.4 | integer | read-only |
Reset the statistics of ACL6 group. Enumeration: 'cleared': 1, 'notUsed': 2. |
| hwAclIpv6NumGroupAclName | 1.3.6.1.4.1.2011.5.1.1.16.1.5 | octet string | read-only |
The object indicates the name of an acl6 group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character. |
| hwAclIpv6NumGroupDescription | 1.3.6.1.4.1.2011.5.1.1.16.1.6 | octet string | read-only |
The object indicates the description of this acl6 group. The object describes the usage of an ACL6 with a word or a sentence. |
| hwAclIpv6NumGroupAclType | 1.3.6.1.4.1.2011.5.1.1.16.1.7 | integer | read-only |
The type of IPv6 ACL group. Enumeration: 'advanced': 2, 'basic': 1. |
| hwAclIpv6NumGroupRowStatus | 1.3.6.1.4.1.2011.5.1.1.16.1.51 | rowstatus | read-only |
RowStatus, Now support three value:CreateAndGo,Active,Destroy. |
| hwAclIpv6NumGroupStep | 1.3.6.1.4.1.2011.5.1.1.16.1.52 | integer32 | read-only |
The object indicates the step value of number IPv6 ACL. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The IPv6 ACL IDs change along with the step. When the step is 5, the IPv6 ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on. |
| hwAclIpv6IfRuleTable | 1.3.6.1.4.1.2011.5.1.1.17 | no-access |
Configure the rule for interface-based acl6 group. |
|
| 1.3.6.1.4.1.2011.5.1.1.17.1 | no-access |
Each entry contains a rule of interface-based acl6 group. |
||
| hwAclIpv6IfAclNum | 1.3.6.1.4.1.2011.5.1.1.17.1.1 | integer32 | read-only |
The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535). |
| hwAclIpv6IfSubitem | 1.3.6.1.4.1.2011.5.1.1.17.1.2 | unsigned32 | read-only |
The object specifies the number of an ACL6 rule. If the number specified has been assigned to an ACL6 rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL6. It will be placed at the end of the ACL6 when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL6 rule must be given 0, but it will be assigned automatically;otherwise, this rule will not be created. |
| hwAclIpv6IfAct | 1.3.6.1.4.1.2011.5.1.1.17.1.3 | integer | read-only |
The object indicates the action of an interface-based acl6 rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclIpv6IfIndex | 1.3.6.1.4.1.2011.5.1.1.17.1.4 | integer32 | read-only |
The object indicates the index of an interface. It specifies the interface information of the packets. The invalid interface index is 0. |
| hwAclIpv6IfAny | 1.3.6.1.4.1.2011.5.1.1.17.1.5 | truthvalue | read-only |
The object indicates whether or not matching any interface. |
| hwAclIpv6IfTimeRangeIndex | 1.3.6.1.4.1.2011.5.1.1.17.1.6 | integer32 | read-only |
The object indicates the time range of an interface-based acl6 rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0. |
| hwAclIpv6IfLog | 1.3.6.1.4.1.2011.5.1.1.17.1.7 | truthvalue | read-only |
The object indicates whether to log the matched packets. The log contents include sequence number of ACL6 rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets. |
| hwAclIpv6IfEnable | 1.3.6.1.4.1.2011.5.1.1.17.1.8 | truthvalue | read-only |
The object indicates whether the rule is valid or invalid. |
| hwAclIpv6IfCount | 1.3.6.1.4.1.2011.5.1.1.17.1.9 | counter64 | read-only |
The object indicates the statistics of matched packets by basic rule. |
| hwAclIpv6IfRowStatus | 1.3.6.1.4.1.2011.5.1.1.17.1.11 | rowstatus | read-only |
RowStatus,Now support three state:CreateAndGo,Active,Destroy. |
| hwAclMplsRuleTable | 1.3.6.1.4.1.2011.5.1.1.18 | no-access |
Configure the rule for mpls acl group. |
|
| 1.3.6.1.4.1.2011.5.1.1.18.1 | no-access |
Each entry is a rule of mpls acl. |
||
| hwAclMplsAclNum | 1.3.6.1.4.1.2011.5.1.1.18.1.1 | integer32 | read-only |
The index of mpls acl group, the index range is (10000..10999 | 42768..76535). |
| hwAclMplsSubitem | 1.3.6.1.4.1.2011.5.1.1.18.1.2 | unsigned32 | read-only |
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created. |
| hwAclMplsAct | 1.3.6.1.4.1.2011.5.1.1.18.1.3 | integer | read-only |
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. Enumeration: 'deny': 2, 'permit': 1. |
| hwAclMplsExp1 | 1.3.6.1.4.1.2011.5.1.1.18.1.4 | integer32 | read-only |
The object indicates the exp1 of a mpls acl rule. |
| hwAclMplsExp2 | 1.3.6.1.4.1.2011.5.1.1.18.1.5 | integer32 | read-only |
The object indicates the exp2 of a mpls acl rule. |
| hwAclMplsExp3 | 1.3.6.1.4.1.2011.5.1.1.18.1.6 | integer32 | read-only |
The object indicates the exp3 of a mpls acl rule. |
| hwAclMplsExp4 | 1.3.6.1.4.1.2011.5.1.1.18.1.7 | integer32 | read-only |
The object indicates the exp4 of a mpls acl rule. |
| hwAclMplsLabel1 | 1.3.6.1.4.1.2011.5.1.1.18.1.8 | integer32 | read-only |
The object indicates the label1 of a mpls acl rule. |
| hwAclMplsLabel2 | 1.3.6.1.4.1.2011.5.1.1.18.1.9 | integer32 | read-only |
The object indicates the label2 of a mpls acl rule. |
| hwAclMplsLabel3 | 1.3.6.1.4.1.2011.5.1.1.18.1.10 | integer32 | read-only |
The object indicates the label3 of a mpls acl rule. |
| hwAclMplsLabel4 | 1.3.6.1.4.1.2011.5.1.1.18.1.11 | integer32 | read-only |
The object indicates the label4 of a mpls acl rule. |
| hwAclMplsTTLOP1 | 1.3.6.1.4.1.2011.5.1.1.18.1.12 | integer | read-only |
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'any': 255. |
| hwAclMplsTTL1Begin | 1.3.6.1.4.1.2011.5.1.1.18.1.13 | integer32 | read-only |
The object indicates the begin value of a mpls ttl. |
| hwAclMplsTTL1End | 1.3.6.1.4.1.2011.5.1.1.18.1.14 | integer32 | read-only |
The object indicates the end value of a mpls ttl. |
| hwAclMplsTTLOP2 | 1.3.6.1.4.1.2011.5.1.1.18.1.15 | integer | read-only |
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'any': 255. |
| hwAclMplsTTL2Begin | 1.3.6.1.4.1.2011.5.1.1.18.1.16 | integer32 | read-only |
The object indicates the begin value of a mpls ttl. |
| hwAclMplsTTL2End | 1.3.6.1.4.1.2011.5.1.1.18.1.17 | integer32 | read-only |
The object indicates the end value of a mpls ttl. |
| hwAclMplsTTLOP3 | 1.3.6.1.4.1.2011.5.1.1.18.1.18 | integer | read-only |
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid. Enumeration: 'gt': 3, 'range': 5, 'invalid': 0, 'lt': 1, 'eq': 2, 'any': 255. |
| hwAclMplsTTL3Begin | 1.3.6.1.4.1.2011.5.1.1.18.1.19 | integer32 | read-only |
The object indicates the begin value of a mpls ttl. |
| hwAclMplsTTL3End | 1.3.6.1.4.1.2011.5.1.1.18.1.20 | integer32 | read-only |
The object indicates the end value of a mpls ttl. |
| hwAclMplsRowStatus | 1.3.6.1.4.1.2011.5.1.1.18.1.21 | rowstatus | read-only |
RowStatus, Now support three value:CreateAndGo,Active and Destroy. |
| hwAclMplsCount | 1.3.6.1.4.1.2011.5.1.1.18.1.22 | counter64 | read-only |
The object indicates the statistics of matched packets by the rule. |
| hwAclDomainNameConfigTable | 1.3.6.1.4.1.2011.5.1.1.19 | no-access |
Configure the domain name. |
|
| 1.3.6.1.4.1.2011.5.1.1.19.1 | no-access |
Each entry is a domain name. |
||
| hwAclDomainID | 1.3.6.1.4.1.2011.5.1.1.19.1.1 | integer32 | no-access |
The index of DomianName table, the index range is (0..31). |
| hwAclDomainName | 1.3.6.1.4.1.2011.5.1.1.19.1.2 | octet string | read-write |
The domian name. |
| hwAclDomainNameConfigRowStatus | 1.3.6.1.4.1.2011.5.1.1.19.1.3 | rowstatus | read-only |
Row status,Two actions are used: createAndGo(4), destroy(6). |
| hwAclMibTrap | 1.3.6.1.4.1.2011.5.1.2 | |||
| hwAclTrapOid | 1.3.6.1.4.1.2011.5.1.2.1 | |||
| hwAclTrapsDefine | 1.3.6.1.4.1.2011.5.1.2.2 | |||
| hwAclTraps | 1.3.6.1.4.1.2011.5.1.2.2.1 | |||
| hwAclResourceTrapsTable | 1.3.6.1.4.1.2011.5.1.2.2.1.1 | |||
| hwAclResSlotStr | 1.3.6.1.4.1.2011.5.1.2.2.1.1.1 | octet string | no-access |
The infomation of slot. |
| hwAclResStage | 1.3.6.1.4.1.2011.5.1.2.2.1.1.2 | octet string | no-access |
The stage where trap infomation exists. |
| hwAclResLimit | 1.3.6.1.4.1.2011.5.1.2.2.1.1.3 | integer32 | no-access |
The usage of rule resource. |
| hwAclResourceTrapsEntry | 1.3.6.1.4.1.2011.5.1.2.2.1.1.4 | |||
| hwAclResThresholdExceedClearTrap | 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1 |
Acl resource lack clear trap |
||
| hwAclResThresholdExceedTrap | 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2 |
Acl resource lack trap |
||
| hwAclResTotalCountExceedClearTrap | 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3 |
Acl resource full clear trap |
||
| hwAclResTotalCountExceedTrap | 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4 |
Acl resource full trap |
||
| hwAclResourceTrapsGroups | 1.3.6.1.4.1.2011.5.1.2.2.1.1.5 | |||
| hwAclResourceTrapsGroup | 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1 |
Group for all acl resource traps. |
||
| hwAclMibConformance | 1.3.6.1.4.1.2011.5.1.3 | |||
| hwAclMibCompliances | 1.3.6.1.4.1.2011.5.1.3.1 | |||
| hwAclMibCompliance | 1.3.6.1.4.1.2011.5.1.3.1.1 |
The compliance statement for entities which implement the Huawei acl MIB. |
||
| hwAclMibGroups | 1.3.6.1.4.1.2011.5.1.3.2 | |||
| hwAclGroup | 1.3.6.1.4.1.2011.5.1.3.2.1 |
A collection of objects providing mandatory acl information. |
||