ZHONE-COM-IP-FILTER-MIB: View SNMP OID List / Download MIB

VENDOR: ZHONE TECHNOLOGIES


 Home MIB: ZHONE-COM-IP-FILTER-MIB
Download as:   

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
     filter 1.3.6.1.4.1.5504.4.1.8
The MIB module representing IP filter specifications in Zhone Technologies products. IP filtering is typically performed to enhance network security by limiting what access is allowed between two networks. Filtering is also effective in eliminating certain denial-of-service attacks. Packet filtering also provides a framework for sanity checking packet headers, and rejecting packets that are unlikely (or that should be impossible). In this way, packet filtering can prevent certain unfortunate mistakes from shutting a network down.
         filterGlobal 1.3.6.1.4.1.5504.4.1.8.1
Global filter provisioning information.
             fltGlobalIndexNext 1.3.6.1.4.1.5504.4.1.8.1.1 integer32 read-only
The next available filter spec table index (filterSpecIndex). A GET on this object increments the value by one. A GETNEXT on this object will always return zero.
             fltGlobalTimeout 1.3.6.1.4.1.5504.4.1.8.1.2 integer32 read-write
Filter inconsistency timeout in seconds. A filter spec is considered to be in an inconsistent state when the value of the objects fltSpecVersion1 and fltSpecVersion2 are not equal. This timeout indicates the minimum number of seconds a filter may be in an inconsistent state before the filter spec becomes invalid and the default action for a filter is used as the filter. Provided fltGlobalTimeout is long enough, it should ensure that both an old modification is permanently stalled (ensuring exclusive access) as well as enough time to repair a filter. Default is five seconds.
         filterSpecTable 1.3.6.1.4.1.5504.4.1.8.2 no-access
The filter specification table contains specifications for the IP filtering module. Rows are indexed by a single integer index (filterSpecIndex). The fltGlobalIndexNext object is used to determine the next index value. Each row points to a sequence of rows (statements) in the filterStatementTable. When any row in that sequence is modified, created, or removed, the fltSpecVersion1 and fltSpecVersion2 objects must be incremented. Rows are created by assigning fltSpecIndex and setting fltSpecRowStatus to 'createAndGo'. All columnar objects in this table have default values, so no objects other than the index value need be set to create a row. Rows are removed by setting fltSpecRowStatus to 'destroy'. When a row is removed, each row in filterStatementTable with the same fltSpecIndex is automatically removed.
             filterSpecEntry 1.3.6.1.4.1.5504.4.1.8.2.1 no-access
An entry in the filterSpecTable.
                 fltSpecIndex 1.3.6.1.4.1.5504.4.1.8.2.1.1 integer32 no-access
The index that identifies an entry in the filterSpecTable. The fltGlobalIndexNext object is used to determine the next value of this object.
                 fltSpecName 1.3.6.1.4.1.5504.4.1.8.2.1.2 zhoneadminstring read-only
The filter name associated with this filter specification. This name should indicate the nature of the filter. The default value is an empty string.
                 fltSpecDesc 1.3.6.1.4.1.5504.4.1.8.2.1.3 snmpadminstring read-only
Textual description of the filter specification. This should briefly describe the nature of the filter defined by the associated filter statements. The default value is an empty string.
                 fltSpecVersion1 1.3.6.1.4.1.5504.4.1.8.2.1.4 unsigned32 read-only
The version number of the filter specification. This is used to flag any changes in the statements that comprise a filter. Each time a modification occurs to an object in a filter spec (including the the list of filter statements of the same fltSpecIndex in filterStatementTable), the value of this object, and fltSpecVersion2 must be incremented. The manager adding, deleting, or modifying a filter statement or statements must increment this version number in the following manner. A read of fltSpecVersion1 returns its current value. A write to fltSpecVersion1 must be one greater than its current value. A successful write of this object transfers ownership to the manager, where the manager must subsequently perform any desired modifications to the filter spec and then write the new value of fltSpecVersion1 to the fltSpecVersion2 object to release ownership. When fltSpecVersion1 does not equal to fltSpecVersion2, the filter spec is in an inconsistent state. If the filter spec remains in an inconsistent state longer than the time specified in fltGlobalTimeout, the filter spec is declared invalid and the filter spec does not become active. The previously provisioned filter spec will remain active. If no previous filter spec was provisioned for this interface, a default action is used. It is up to the manager to fix the invalid filter spec and bring it into a consistent state.
                 fltSpecVersion2 1.3.6.1.4.1.5504.4.1.8.2.1.5 unsigned32 read-only
The version number of the filter specification. The value of this object must be equal to fltSpecVersion1, otherwise the filter spec is inconsistent. See fltSpecVersion1 for details.
                 fltSpecLanguageVersion 1.3.6.1.4.1.5504.4.1.8.2.1.6 unsigned32 read-only
The language version of the filter. The language version further details the meaning and use of the objects in filterStatmentTable. The definitions of the filter languages is beyond the scope of this description.
                 fltSpecRowStatus 1.3.6.1.4.1.5504.4.1.8.2.1.7 zhonerowstatus read-only
Zhone convention to support row creation and deletion. This is the only object required to create or destroy a row in this table.
         filterStatementTable 1.3.6.1.4.1.5504.4.1.8.3 no-access
This table contains the filter specification statements for the IP filtering module. A complete filter specification is comprised of all the linked statements (rows) that are pointed to by an entry in the filterSpecTable. Filter statements are linked together by fltSpecIndex, and are ordered within the comprised filter using fltStmtIndex. A statement can only be owned by one filter spec. Rows are created by assigning fltSpecIndex and fltStmtIndex, and setting fltStmtRowStatus to 'createAndGo'. All columnar objects in this table have default values, so no objects other than the index values need be set to create a row. Rows are destroyed by setting fltStmtRowStatus to 'delete'. When rows are created or destroyed, the version of the corresponding filter spec row is incremented.
             filterStatementEntry 1.3.6.1.4.1.5504.4.1.8.3.1 no-access
An entry in the filterStatement table. Each entry represents one of a sequence of statements that comprise a filter. Each filter statement consists of an index, specific packet header fields, and arbitrary packet offsets and values. Some objects in this entry define ranges for specific packet header fields. These objects define comparison operations on the field they share in the following manner: Low High Compare Method for field f --- ---- ------------------------------------------- 0 0 no comparison on the field 0 H less than or equal to High (f <= H) L 0 exact match (L == f) L H inclusive between comparison (L <= f <= H)
                 fltStmtIndex 1.3.6.1.4.1.5504.4.1.8.3.1.1 integer32 no-access
The table index that identifies a filter statement. These indicies should be sparse to allow for insertion into the list.
                 fltStmtIpSrcAddrLow 1.3.6.1.4.1.5504.4.1.8.3.1.2 ipaddress read-only
The inclusive lower bound for the source IP address range. See the filterStatementEntry description for details.
                 fltStmtIpSrcAddrHigh 1.3.6.1.4.1.5504.4.1.8.3.1.3 ipaddress read-only
The inclusive upper bound for the source IP address range. See the filterStatementEntry description for details.
                 fltStmtSrcPortLow 1.3.6.1.4.1.5504.4.1.8.3.1.4 integer32 read-only
The inclusive lower bound for the transport layer source port range. See the filterStatementEntry description for details.
                 fltStmtSrcPortHigh 1.3.6.1.4.1.5504.4.1.8.3.1.5 integer32 read-only
The inclusive upper bound for the transport layer source port range. See the filterStatementEntry description for details.
                 fltStmtIpDstAddrLow 1.3.6.1.4.1.5504.4.1.8.3.1.6 ipaddress read-only
The inclusive lower bound for the destination IP address range. See the filterStatementEntry description for details.
                 fltStmtIpDstAddrHigh 1.3.6.1.4.1.5504.4.1.8.3.1.7 ipaddress read-only
The inclusive upper bound for the destination IP address range. See the filterStatementEntry description for details.
                 fltStmtDstPortLow 1.3.6.1.4.1.5504.4.1.8.3.1.8 integer32 read-only
The inclusive lower bound for the transport layer destination port range. See the filterStatementEntry description for details.
                 fltStmtDstPortHigh 1.3.6.1.4.1.5504.4.1.8.3.1.9 integer32 read-only
The inclusive upper bound for the transport layer destination port range. See the filterStatementEntry description for details.
                 fltStmtIpProtocol 1.3.6.1.4.1.5504.4.1.8.3.1.10 integer read-only
The IP protocol value that is to be matched. The enum values are as follows: any(1) : any protocol type is a match (wildcard) ip(2) : raw IP packet tcp(3) : TCP packet udp(4) : UDP packet icmp(5) : ICMP packet The default value is any(1). Enumeration: 'ip': 2, 'udp': 4, 'icmp': 5, 'any': 1, 'tcp': 3.
                 fltStmtArbValueBase 1.3.6.1.4.1.5504.4.1.8.3.1.11 integer read-only
This field identifies the protocol header to which the arbitrary value comparison applies. The enum values are as follows: none(1) : no arbitrary value comparison ip(2) : base is IP header udp(3) : base is UDP header tcp(4) : base is TCP header icmp(5) : base is ICMP header ipOptions(6) : base is IP options header tcpOptions(7) : base is TCP options header The default value is none(1). Enumeration: 'none': 1, 'tcpOptions': 7, 'ip': 2, 'udp': 3, 'tcp': 4, 'ipOptions': 6, 'icmp': 5.
                 fltStmtArbOffset 1.3.6.1.4.1.5504.4.1.8.3.1.12 integer32 read-only
The offset, in octets, from the beginning of the header to the most significant octet for the arbitrary value comparison.
                 fltStmtArbMask 1.3.6.1.4.1.5504.4.1.8.3.1.13 unsigned32 read-only
This object is mask for for arbitrary value comparisons. The non-zero bits in this field determine the size of the arbitrary field.
                 fltStmtArbValueLow 1.3.6.1.4.1.5504.4.1.8.3.1.14 unsigned32 read-only
This object is the inclusive lower bound for arbitrary value comparison. See the filterStatementEntry description for details.
                 fltStmtArbValueHigh 1.3.6.1.4.1.5504.4.1.8.3.1.15 unsigned32 read-only
This object is the inclusive upper bound for arbitrary value comparison. See the filterStatementEntry description for details.
                 fltStmtModifier 1.3.6.1.4.1.5504.4.1.8.3.1.16 bits read-only
Filter statement modifier. The bits set in this object logically negate the results of the comparisons made on their respecive fields as shown : notIpSrcAddr(1) : fltStmtIpSrcAddrLow, fltStmtIpSrcAddrHigh notSrcPort(2) : fltStmtSrcPortLow, fltStmtSrcPortHigh notIpDstAddr(3) : fltStmtIpDstAddrLow, fltStmtIpDstAddrHigh notDstPort(4) : fltStmtDstPortLow, fltStmtDstPortHigh notIpProtocol(5) : fltStmtIpProtocol notArbitrary(6) : fltStmtArbValueLow, fltStmtArbValueHigh notStatement(7) : negate outcome of the entire statement No bits set (the default) specifies to use all outcomes as is. Bits: 'notSrcPort': 1, 'notIpSrc': 0, 'notProtocol': 4, 'notArbitrary': 5, 'notDstIp': 2, 'notStatement': 6, 'notPortDst': 3.
                 fltStmtAction 1.3.6.1.4.1.5504.4.1.8.3.1.17 bits read-only
Filter statement action. The bits set in this object specify actions to take on packets matching this statement. Supported actions are: reset(0) : Return a TCP reset packet to the packet sender and drop the packet. This cannot be specified with permit. permit(1) : Stop filtering the packet and allow it to be sent on the associated interface. This cannot be specified with deny. deny(2) : Stop filtering the packet and discard it. This cannot be specified with permit. forward(3) : Forward the packet the IP address specified in fltStmtActionArg. reject(4) : Return an ICMP destination unreachable packet (type 3) to the packet sender with code 13 (communication administratively prohibited). This cannot be specified permit. log(5) : Write the packet to the log stream. There are some mutually exclusive bits: reset(0) and permit(1), permit(1) and deny(2), permit(1) and reject(4). No bits set implies to continue filtering on the packet. Bits: 'reset': 0, 'deny': 2, 'log': 5, 'permit': 1, 'reject': 4, 'forward': 3.
                 fltStmtActionArg 1.3.6.1.4.1.5504.4.1.8.3.1.18 integer32 read-only
Filter statement action argument. The meaning of this object depends on the value of fltStmtAction: forward(3) : An IP address to forward the packet to. The value of this object must be non-zero. All other values of fltStmtAction have no relation to this object. The default is zero.
                 fltStmtRowStatus 1.3.6.1.4.1.5504.4.1.8.3.1.19 zhonerowstatus read-only
Zhone convention to support row creation and deletion. This is the only object required to create or destroy a row in this table.
         filterStmtRenumTable 1.3.6.1.4.1.5504.4.1.8.4 no-access
This table provides a mechanism for renumbering individual filter statments within their particular filter spec.
             filterStmtRenumEntry 1.3.6.1.4.1.5504.4.1.8.4.1 no-access
An entry in the filterStmtRenumTable.
                 fltStmtIndexNew 1.3.6.1.4.1.5504.4.1.8.4.1.1 integer32 read-write
The new statement index for the filter statement. Reading this object will return the same value as the 'fltStmtIndex' portion of its index. Writing to this object will cause the corresponding filter statement to be relocated to the position identified by the value written here. If no statement exists at the current index, 'no such instance' will be returned. If a statement already exists at the new index then 'inconsistent value' is returned. For example, to move the second statement of filter #4 to the third position (e.g. to make room for a new statement #2), the following SNMP set-request would be issued: fltStmtIndexNew.4.2 = 3 There is no default value for this object as it is derived from the fltStmtIndex.
         filterStatsTable 1.3.6.1.4.1.5504.4.1.8.5 no-access
This table provides ingress and egress IP filter statistics for each interface. This table is indexed by the ifIndex of the interface and the direction (ingress or egress) of traffic being filtered. This is a read-only table.
             filterStatsEntry 1.3.6.1.4.1.5504.4.1.8.5.1 no-access
An entry in the filterStatsTable. There will be an entry for each filter provisioned on an interface. There can be, at most, two filters provisioned per interface; one for ingress filtering and the other for egress filtering.
                 fltStatDirection 1.3.6.1.4.1.5504.4.1.8.5.1.1 integer no-access
The direction for which this set of statistics is kept: ingress or egress. Enumeration: 'ingress': 1, 'egress': 2.
                 fltStatResetPkts 1.3.6.1.4.1.5504.4.1.8.5.1.2 counter32 read-only
The number of discarded packets for which a TCP reset packet was sent.
                 fltStatPermitPkts 1.3.6.1.4.1.5504.4.1.8.5.1.3 counter32 read-only
The number of permitted packets.
                 fltStatDenyPkts 1.3.6.1.4.1.5504.4.1.8.5.1.4 counter32 read-only
The number of discarded packets.
                 fltStatForwardPkts 1.3.6.1.4.1.5504.4.1.8.5.1.5 counter32 read-only
The number of packets forwarded to the IP address specified in the filter.
                 fltStatRejectPkts 1.3.6.1.4.1.5504.4.1.8.5.1.6 counter32 read-only
The number of discarded packets for which an ICMP destination unreachable packet with code 13 was sent.
                 fltStatLogPkts 1.3.6.1.4.1.5504.4.1.8.5.1.7 counter32 read-only
The number of logged packets.
                 fltStatDefaultPkts 1.3.6.1.4.1.5504.4.1.8.5.1.8 counter32 read-only
The number of packets that pass through the filter without matching upon which the default action is used.
                 fltStatSpecVersion 1.3.6.1.4.1.5504.4.1.8.5.1.9 unsigned32 read-only
The version of the filter being used on this interface.
                 fltStatSpecIndex 1.3.6.1.4.1.5504.4.1.8.5.1.10 integer32 read-only
The index of the filter specification being used on this interface. If there is no filter configured for an interface, the entry will not exist in this table.
         mcastControl 1.3.6.1.4.1.5504.4.1.8.6
The MIB module representing Multicast control list specifications in Zhone Technologies products. The First application of multicast control list is to accept of deny a IGMP request to join or leave a IGMP group. Any IGMP request to join a group is accepted only if the group address is available in the Multicast Control list pointed by a field in the ip-interface-record.
             mcastControlListTable 1.3.6.1.4.1.5504.4.1.8.6.1 no-access
Multicast control list table conatins the one of the IP Address that can be allowed to join to by a IGMP join request from IP interface that has the the multicast control list in its ip-interfce-profile. The address to the table is the multicast control list ID and the precedence. The Row status in the table contains indication of whether the row is being created or destroyed.
                 mcastControlListEntry 1.3.6.1.4.1.5504.4.1.8.6.1.1 no-access
An entry in the Multicast Control List.
                     mcastControlListControlId 1.3.6.1.4.1.5504.4.1.8.6.1.1.1 integer32 no-access
Description.
                     mcastControlListControlPrecedence 1.3.6.1.4.1.5504.4.1.8.6.1.1.2 integer32 no-access
Description.
                     mcastControlListRowStatus 1.3.6.1.4.1.5504.4.1.8.6.1.1.3 zhonerowstatus read-only
Description.
                     mcastControlListIpAddress 1.3.6.1.4.1.5504.4.1.8.6.1.1.4 ipaddress read-only
multicast ip address.
                     mcastControlListType 1.3.6.1.4.1.5504.4.1.8.6.1.1.5 integer read-only
Defines the video stream type. normal - join and leave when desired. Used for video. always-on - always joined. Meant for EBS, not video. periodic - will join and leave after task complete. Not meant for video. Used to download the tv guide. Enumeration: 'always-on': 2, 'periodic': 3, 'normal': 1.
         portAccessControl 1.3.6.1.4.1.5504.4.1.8.7
This MIB represents the port access control list in Zhone products. It is used to control access to internal ports. Initially it is used just for TELNET (23) , but in theory could be used for other ports as well.
             portAccessNextIndex 1.3.6.1.4.1.5504.4.1.8.7.1 integer32 read-only
Description: A hint for the next free index should the manager want to create a new entry.
             portAccessTable 1.3.6.1.4.1.5504.4.1.8.7.2 no-access
Contains the list of entries that control port access on this device.
                 portAccessEntry 1.3.6.1.4.1.5504.4.1.8.7.2.1 no-access
This contains the entry that is to be accepted. Currently only used to control access to port 23. arg1, arg2 provide IP Address/mask to allow in.
                     portAccessIndex 1.3.6.1.4.1.5504.4.1.8.7.2.1.1 integer32 no-access
The index of this entry in table. 100 entries should be more than enough.
                     portAccessRowStatus 1.3.6.1.4.1.5504.4.1.8.7.2.1.2 zhonerowstatus read-only
Description.: used to create/delete entries in the table.
                     portAccessNumber 1.3.6.1.4.1.5504.4.1.8.7.2.1.3 integer32 read-only
PortNumber that this applies to, 1..1023 supported.
                     portAccessSrcAddr 1.3.6.1.4.1.5504.4.1.8.7.2.1.4 ipaddress read-only
The IP address that we will accept packets from.
                     portAccessNetMask 1.3.6.1.4.1.5504.4.1.8.7.2.1.5 ipaddress read-only
portAccessNetMask - used to pass the range that we will accept with regards to portAccessSrcAddr.
 comIpFilter 1.3.6.1.4.1.5504.6.58
Zhone IP Filter MIB Module. IP Software Minneapolis, MN