Scribd Logo
Upload

Welcome to Scribd!

  • 3com Filter

    Uploaded by

    xsimio
    12 views20 pages
    3com-atmf94-0737

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    3com-atmf94-0737

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views20 pages

    3com Filter

    Uploaded by

    xsimio
    3com-atmf94-0737

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    --- This MIB is for 3Com intermediate systems that support the -- Mnemonic Filtering feature.

    --- The 3Com Enterprise Products Proprietary MIB Extensions --- Copyright 3Com Corporation, 1993. All rights reserved. --- changes FOR 7.0 ***************************************** -- 20-oct-93: kxy added support for prioritize PolicyActions --- changes FOR 7.1 ***************************************** -- 08-apr-94: kgo added support for DODdiscard Policy action -in a3filterPolicyAction. --- changes FOR 8.2 (r4 of mib)****************************** -- 21-mar-95: kxy added additional enums to a3filterUserMaskLocField -and a3filterBuiltInMaskFieldValue to support IPX --- changes FOR 8.3 (r5 of mib)****************************** -- 02-oct-95: kxy added a3filterPolicyX25ProfId to a3filterPolicyTable ----------------------------------------------------------------------A3Com-Filter-r5-MIB DEFINITIONS ::= BEGIN IMPORTS enterprises, Counter FROM RFC1155-SMI DisplayString FROM RFC1213-MIB MacAddress FROM RFC1286-MIB OBJECT-TYPE FROM RFC-1212; --- This MIB is for 3Com systems that offer a unified -- filtering feature --a3Com OBJECT IDENTIFIER ::= { brouterMIB OBJECT IDENTIFIER ::= { a3ComFilter OBJECT IDENTIFIER ::= { a3ComFilterCtl OBJECT IDENTIFIER ::= enterprises 43 } a3Com 2 } brouterMIB 10 } { a3ComFilter 1 }

    RowStatus ::= INTEGER { active(1), notInService(2), notReady(3), createAndGo(4), createAndWait(5), destroy(6) } --This data type, which has the same semantics as the RowStatus --textual convention used in SNMPv2, is used to add and --delete entries from a table. --

    --The tables in this MIB allow a subset of the functionality --provided by the RowStatus textual convention. In particular --row creation is allowed using only the createAndGo method. ---That is, when adding entries to this table, this object --must be set to createAndGo(4). The instance identifier --for this object will define the values of the columns --that make up the index. ---In the same PDU, the appropriate remaining columns --of that row must be set as well. The agent --will immediately set the value of this object to --active(1) if the row is correct. If not, the agent --will refuse the SET request and return an --error code. ---To modify an existing entry, it must be removed --and another entry with the desired changes added. ---To remove an entry, set the value of this object --to destroy(6). --- This first set of objects controls general aspects of the -- Filtering feature -a3filterControl OBJECT-TYPE SYNTAX INTEGER { enableMatchOne (1), enableCheckAll (2), disable (3) } ACCESS read-write STATUS mandatory DESCRIPTION "This object enables/disables the filtering function. If this object is set to disable (2), filtering is turned off for all protocols. If the control is set to enableMatchOne (1) or enableCheckAll (2), then filtering is performed on protocols that are selected via the a3filter*Select objects and those for which at least one policy is configured. If a packet matches the Masks defined for more than one Policy and this object is set to enableMatchOne, only the action associated with the first satisfied Policy is performed. If this object is set to enableCheckAll (2), however, the actions associated with each satisfied Policy is performed." ::= { a3ComFilterCtl 1 } a3filterDefaultAction OBJECT-TYPE SYNTAX INTEGER { discard (1), forward (2) } ACCESS read-write STATUS mandatory

    DESCRIPTION "This object specifies the action applied to a packet if it does not match any of the policies configured or if two conflicting policies are specified and the the packet meets criteria associated with both." ::= { a3ComFilterCtl 2 } a3filterBridgeSelect OBJECT-TYPE SYNTAX INTEGER { filter (1), noFilter (2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines whether the filter function will be invoked for the Bridge (or datalink) protocol layer. This provides a mechanism for deselecting filtering for this protocol layer while retaining the policies and masks configured for this protocol." ::= { a3ComFilterCtl 3 } a3filterIpSelect OBJECT-TYPE SYNTAX INTEGER { filter (1), noFilter (2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines whether the filter function will be invoked for the IP protocol layer. This provides a mechanism for deselecting filtering for this protocol layer while retaining the policies and masks configured for this protocol." ::= { a3ComFilterCtl 4 } a3filterIpxSelect OBJECT-TYPE SYNTAX INTEGER { filter (1), noFilter (2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines whether the filter function will be invoked for the IPX protocol layer. This provides a mechanism for deselecting filtering for this protocol layer while retaining the policies and masks configured for this protocol." ::= { a3ComFilterCtl 5 } a3filterAppleTalkSelect OBJECT-TYPE SYNTAX INTEGER { filter (1), noFilter (2) } ACCESS read-write STATUS mandatory DESCRIPTION

    "This object determines whether the filter function will be invoked for the Apple Talk protocol layer. This provides a mechanism for deselecting filtering for this protocol layer while retaining the policies and masks configured for this protocol." ::= { a3ComFilterCtl 6 } a3filterDecSelect OBJECT-TYPE SYNTAX INTEGER { filter (1), noFilter (2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines whether the filter function will be invoked for the DECnet protocol layer. This provides a mechanism for deselecting filtering for this protocol layer while retaining the policies and masks configured for this protocol." ::= { a3ComFilterCtl 7 } --- This next table contains User Configured individual Masks -a3filterUserMaskTable OBJECT-TYPE SYNTAX SEQUENCE OF A3filterUserMaskEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing User configured Masks that are used to identify specific classes of packets. These masks are used by the policy table to define actions to take on these classes of packets." ::= { a3ComFilter 2 } a3filterUserMaskEntry OBJECT-TYPE SYNTAX A3filterUserMaskEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The definition of a single Mask." INDEX { a3filterUserMaskIndex } ::= { a3filterUserMaskTable 1 } A3filterUserMaskEntry ::= SEQUENCE { a3filterUserMaskIndex a3filterUserMaskName a3filterUserMaskLocType a3filterUserMaskLocField a3filterUserMaskLocOffset a3filterUserMaskLocLength a3filterUserMaskOperator a3filterUserMaskOperand a3filterUserMaskComparison

    INTEGER (1..64), DisplayString (SIZE (0..15)), INTEGER, INTEGER, INTEGER, INTEGER, INTEGER, OCTET STRING (SIZE (0..4)), INTEGER,

    a3filterUserMaskMatchType a3filterUserMaskMatchBits a3filterUserMaskMatchValue1 a3filterUserMaskMatchValue2 a3filterUserMaskStatus }

    INTEGER, OCTET STRING (SIZE (0..6)), INTEGER, INTEGER, RowStatus

    a3filterUserMaskIndex OBJECT-TYPE SYNTAX INTEGER (1..64) ACCESS read-only STATUS mandatory DESCRIPTION "An index identifying a specific Mask. All user configured masks must have an index between 1 and 64." ::= { a3filterUserMaskEntry 1 } a3filterUserMaskName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..15)) ACCESS read-write STATUS mandatory DESCRIPTION "A text string used to help identify a specific Mask. Each entry must have a unique name." ::= { a3filterUserMaskEntry 2 } a3filterUserMaskLocType OBJECT-TYPE SYNTAX INTEGER { protocolFieldSemantics (1), offsetLengthSemantics (2), dataLinkOffsetLengthSemantics (3), ipOffsetLengthSemantics (4), ipxOffsetLengthSemantics (5), appleTalkOffsetLengthSemantics(6), decNetOffsetLengthSemantics (7) } ACCESS read-write STATUS mandatory DESCRIPTION "This object determines if this table entry specifies packet location via the mnemonic, protocol.field semantics or via the numerical offset.length semantics. If this object is set to protocolFieldSemantics (1), then the value of a3filterUserMaskLocField is used to identify the packet location where the mask is applied. If this object is set to offsetLengthSemantics(2), then the offset and lengths identified by a3filterUserMaskLocOffset and a3filterUserMaskLocLength are measured from the start of the datalink layer. If this object is set to dataLinkOffsetLengthSemantics(3), then the value of a3filterUserMaskLocOffset and a3filterUserMaskLocLength are used to determine where the mask is applied. The offset and length are measured starting from the data field of the data link protocol layer.

    If this object is set to ipOffsetLengthSemantics(4), then the value of a3filterUserMaskLocOffset and a3filterUserMaskLocLength are used to determine where the mask is applied. The offset and length are measured starting from the data field of the IP protocol layer. If this object is set to appleTalkOffsetLengthSemantics(5), then the value of a3filterUserMaskLocOffset and a3filterUserMaskLocLength are used to determine where the mask is applied. The offset and length are measured starting from the data field of the AppleTalk protocol layer. Similar semantics apply to the remaining enumerations for this object." ::= { a3filterUserMaskEntry 3 } a3filterUserMaskLocField OBJECT-TYPE SYNTAX INTEGER { dlDestinationAddress (1), dlSourceAddress (2), dlAddress (3), dlProtocol (4), dlLength (5), dlDSAP (6), dlSSAP (7), dlLSAP (8), dlOUI (9), dlLanID (10), ipDestAddress (11), ipSourceAddress (12), ipAddress (13), ipProtocol (14), ipDestinationPort (15), ipSourcePort (16), ipPort (17), ipOptions (18), ipTOS (19), ---------------------

    -----------

    DataLink DataLink DataLink DataLink DataLink DataLink DataLink DataLink DataLink DataLink

    field field field field field field field field field field

    IP field IP field IP field IP field IP field IP field IP field IP field IP field, not currently supported, (see built in Masks) IPX IPX IPX IPX IPX IPX IPX IPX IPX ------field field field field field field field field field field field field field field field

    ipxDestNetwork (20), ipxSourceNetwork (21), ipxNetwork (22), ipxDestAddress (23), ipxSourceAddress (24), ipxAddress (25), ipxDestSocket (26), ipxSourceSocket (27), ipxSocket (28), atDestinationNetwork (29), atSourceNetwork (30), atNetwork (31), atDestinationNodeID (32), atSourceNodeID (33), atNodeID (34),

    AppleTalk AppleTalk AppleTalk AppleTalk AppleTalk AppleTalk

    atDestinationSocket (35), atSourceSocket (36), atSocket (37), atDDPType (38), decDestinationArea (39), decSourceArea (40), decArea (41), decDestAddress (42), decSourceAddress (43), decAddress (44), ipxPktLength (45), ipxPktType (46), ipxTransportCtl (47)

    -----------

    AppleTalk AppleTalk AppleTalk AppleTalk DECnet DECnet DECnet DECnet DECnet DECnet

    field field field field

    field field field field field field

    -- IPX field -- IPX field -- IPX field

    } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the location in the packet where the operation should take place. This object takes effect only when a3filterUserMaskLocationType has the value protocolFieldSemantics(1). Otherwise, this object is ignored." ::= { a3filterUserMaskEntry 4 } a3filterUserMaskLocOffset OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "When specifying a packet location via the offsetLength semantics, this parameters indicates the offset from the beginning of the portion of the protocol layer identified by a3filterUserMaskLocationType that is used in the Mask." ::= { a3filterUserMaskEntry 5 } a3filterUserMaskLocLength OBJECT-TYPE SYNTAX INTEGER { one(1), two(2), reserved(3), -- this value is not allowed four(4), rsvd(5), -- this value is not allowed six(6) } ACCESS read-write STATUS mandatory DESCRIPTION "When specifying a packet location via the offsetLength semantics, this parameter indicates the length of the bit field used in the Mask. Only the values one(1), two(2), four(4), and six(6) are allowed. If the length is not specified, the agent will automatically determine the proper length based on either the operand (a3filterUserMaskOperand) or the matching values (a3filterUserMaskMatchType)." ::= { a3filterUserMaskEntry 6 }

    a3filterUserMaskOperator OBJECT-TYPE SYNTAX INTEGER { none (1), -- No operation is specified. when this -- value is set, a3filterUserMaskOperand is igno red. or (2), -- bitwise "or" and (3), -- bitwise "and" xor (4) -- bitwise "exclusive or" } ACCESS read-write STATUS mandatory DESCRIPTION "This object, together with a3filterUserMaskOperand, cause bit operations to be performed on the bit field identified by a3filterUserMaskLocation. The output of this operation is compared, according to a3filterUserMaskComparison, to the value specified by a3filterUserMaskMatch." ::= { a3filterUserMaskEntry 7 } a3filterUserMaskOperand OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..4)) ACCESS read-write STATUS mandatory DESCRIPTION "This object, together with a3filterUserMaskOperator, cause bit operations to be performed on the bit field identified by a3filterUserMaskLocation. The output of this operation is compared, according to a3filterUserMaskComparison, to the value specified by a3filterUserMaskMatchType and a3filterUserMaskMatchBits, a3filterUserMaskMatchValue1, and/or a3filterUserMaskMatchValue2 (depending on the value of a3filterUserMaskMatchType. ie, the value of a3filterUserMaskMatchType determines which of the other objects are relevant)." ::= { a3filterUserMaskEntry 8 } a3filterUserMaskComparison OBJECT-TYPE SYNTAX INTEGER { equal (1), notEqual (2), greaterThan (3), greaterThanOrEqual (4), lessThan (5), lessThanOrEqual (6), inclusiveRange (7) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the type of comparison to make between the output of the operation specified by a3filterUserMaskLocation, a3filterUserMaskOperator, a3filterUserMaskOperand, and a3filterUserMaskMatch." ::= { a3filterUserMaskEntry 9 } a3filterUserMaskMatchType OBJECT-TYPE SYNTAX INTEGER { all (1), -- this value specifies that any value in the

    -- location will be considered as matching. bits (2), value (3), valueRange (4), userGroup (5) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the type of data that is being matched. The value of this object determines which column(s) are relevant for this entry. If this object is set to all(1), any value is considered as matching, and the values of the following columns are ignored: a3filterUserMaskMatchBits, a3filterUserMaskMatchValue1, and a3filterUserMaskMatchValue2. If this object is set to bits(2), then the packet location identified by the *Loc* columns (and after the indicated bit operations) is compared to the bits identified by a3filterUserMaskMatchBits. The values of a3filterUserMaskMatchValue1 and a3filterUserMaskMatchValue2 are ignored in this case. If this object is set to value(3), then the value contained in the specified packet location is compared to the value specified by a3filterUserMaskMatchValue1. The values of a3filterUserMaskMatchBits and a3filterUserMaskMatchValue2 are ignored in this case. If this object is set to valueRange(4), then the value contained in the specified packet location is compared to the range of values specified by a3filterUserMaskMatchValue1 and a3filterUserMaskMatchValue2. The value of a3filterUserMaskMatchBits is ignored in this case. Finally, if this object is set to userGroup(5), then the MAC address contained in the specified packet location is compared to the members of the User Group identified by a3filterUserMaskMatchValue1. In this case, the value of a3filterUserMaskMatchValue1 identifies one or more entries in a3filterUserGrpAddrTable. The values of a3filterUserMaskMatchBits and a3filterUserMaskMatchValue2 are ignored." ::= { a3filterUserMaskEntry 10 } a3filterUserMaskMatchBits OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..6)) ACCESS read-write STATUS mandatory DESCRIPTION "A string of bits that is compared against the data at the specified location in the packet. This object is relevant only if a3filterUserMaskMatchType is (2)." ::= { a3filterUserMaskEntry 11 }

    a3filterUserMaskMatchValue1 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The value used to compare against the data at the specified location in the packet. This object is relevant only if the value of a3filterUserMaskMatchType is (3), (4), or (5)." ::= { a3filterUserMaskEntry 12 } a3filterUserMaskMatchValue2 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The value used to compare against the data at the specified location in the packet. This object is used along with a3filterUserMaskMatchValue1 to specify a range of values. This object is relevant only if a3filterUserMaskMatchType is (4)." ::= { a3filterUserMaskEntry 13 } a3filterUserMaskStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to add and delete entries in this table. See the notes describing RowStatus at the beginning of this MIB. Note, if this mask entry is being used by an active Policy entry, it can not be removed." ::= { a3filterUserMaskEntry 14 } ------This next table contains Built In (ie., delivered with the system software) Masks. Entries in this table are indexed starting from 257 to avoid conflicting with the User Defined Mask table. a3filterBuiltInMaskTable OBJECT-TYPE SYNTAX SEQUENCE OF A3filterBuiltInMaskEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing Built In Masks that are used to identify specific classes of packets. These masks may be used by the policy table to define actions to take on these classes of packets." ::= { a3ComFilter 3 } a3filterBuiltInMaskEntry OBJECT-TYPE SYNTAX A3filterBuiltInMaskEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The definition of a single Built In Mask."

    INDEX { a3filterBuiltInMaskIndex } ::= { a3filterBuiltInMaskTable 1 } A3filterBuiltInMaskEntry ::= SEQUENCE { a3filterBuiltInMaskIndex a3filterBuiltInMaskName a3filterBuiltInMaskFieldValue }

    INTEGER (257..65535), DisplayString (SIZE (0..15)), INTEGER

    a3filterBuiltInMaskIndex OBJECT-TYPE SYNTAX INTEGER (257..65535) ACCESS read-only STATUS mandatory DESCRIPTION "This object uniquely identifies a Built In Mask. This index is also used by the Policy Table to identify Masks, both Built In and User Defined." ::= { a3filterBuiltInMaskEntry 1 } a3filterBuiltInMaskName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..15)) ACCESS read-only STATUS mandatory DESCRIPTION "The name assigned to a Built In Mask. Each name is unique and applies when referring to the Mask from the User Interface." ::= { a3filterBuiltInMaskEntry 2 } a3filterBuiltInMaskFieldValue OBJECT-TYPE SYNTAX INTEGER { dlBroadCast (1), -- dataLinkDestAddr, dlMultiCast (2), -- dataLinkDestAddr appleTalkII aarp arp clnp decPhaseIV dlTest ip ipx lat ipNetMap xnsNetMap stp vip xns (3), -- dataLinkProtocol (4), -- dataLinkProtocol (5), -- dataLinkProtocol (6), -- dataLinkProtocol (7), -- dataLinkProtocol (8), -- dataLinkProtocol (9), -- dataLinkProtocol (10), -- dataLinkProtocol (11), -- dataLinkProtocol (12), -- dataLinkProtocol (13), -- dataLinkProtocol (14), -- dataLinkProtocol (15), -- dataLinkProtocol (16), -- dataLinkProtocol (17), (18), (19), (20), ----dataLinkRoutingType dataLinkRoutingType dataLinkRoutingType dataLinkRoutingType

    specificRoute singleRouteExp allRouteExp allRouteType icmp tcp udp

    (21), -- ipProtocol (22), -- ipProtocol (23), -- ipProtocol

    dns (24), finger (25), ftp (26), whois (27), simpleMailTrans(28), snmp (29), sunRPC (30), telnet (31), tftp (32), x400 (33), zero one two three four five six seven ipxBroadCast fileServicePkt sap rip netBIOS diag rtmps nis zis rtmprs nbp atp aep rtmprq zip adsp ipxTraceRt ipxPing ipxNwSec (34), (35), (36), (37), (38), (39), (40), (41), (42), (43), (44), (45), (46), (47),

    -------------------------

    ipPort ipPort ipPort ipPort ipPort ipPort ipPort ipPort ipPort ipPort ipTOS ipTOS ipTOS ipTOS ipTOS ipTOS ipTOS ipTOS ipxDestAddr = broadcast ipxSocket ipxSocket ipxSocket ipxSocket ipxSocket

    (48), -- appleTalkSocket (49), -- appleTalkSocket (50), -- appleTalkSocket (51), (52), (53), (54), (55), (56), (57), -------appleDDPType appleDDPType appleDDPType appleDDPType appleDDPType appleDDPType appleDDPType

    (58), -- ipxSocket = Trace Route (59), -- ipxSocket = Ping (60) -- ipxSocket = Netware Security

    } ACCESS read-only STATUS mandatory DESCRIPTION "This object identifies the value that this Built In Mask looks for as well as the protocol field. Note, the way this table defines a Mask is different from the semantics of the User Mask table. In that table, Masks look for specific values in specific protocol fields. Built In Masks, however, are different. For example, one Built In Mask looks for the value ip(9) in the field dataLinkProtocol(2). Besides looking in the dataLinkProtocol field, the code that implements this mask also looks

    for IP in the proper SNAP field when the dataLinkProtocol field indicates SNAP." ::= { a3filterBuiltInMaskEntry 3 } ------This table contains individual User Groups. A User Group identifies group of 'Users' by their MAC Address and allows filters to be defined based on the group rather than each of the members. This table assigns a Name to each group. a3filterUserGrpTable OBJECT-TYPE SYNTAX SEQUENCE OF A3filterUserGrpEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing User Group entries. Each entry identifies a set of entries in the a3filterUserGrpAddrTable which can contain several station Addresses. These addresses are physical layer addresses. This table is used to associate a single User Group index with a name." ::= { a3ComFilter 4 } a3filterUserGrpEntry OBJECT-TYPE SYNTAX A3filterUserGrpEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry in this table identifies a group of station addresses." INDEX { a3filterUserGrpIndex } ::= { a3filterUserGrpTable 1 } A3filterUserGrpEntry ::= SEQUENCE { a3filterUserGrpIndex a3filterUserGrpName a3filterUserGrpStatus }

    INTEGER (1..16), DisplayString (SIZE (0..15)), RowStatus

    a3filterUserGrpIndex OBJECT-TYPE SYNTAX INTEGER (1..16) ACCESS read-only STATUS mandatory DESCRIPTION "Each entry in this table identifies a group of station addresses." ::= { a3filterUserGrpEntry 1 } a3filterUserGrpName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..15)) ACCESS read-write STATUS mandatory DESCRIPTION "The name given to this group of station addresses." ::= { a3filterUserGrpEntry 2 }

    a3filterUserGrpStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to add and delete entries in this table. See the notes describing RowStatus at the beginning of this MIB." ::= { a3filterUserGrpEntry 3 }

    a3filterUserGrpAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF A3filterUserGrpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing User Group addresses. Each entry can contain several station Addresses. These addresses are physical layer addresses. Note, this table applies only to filtering based on the Data Link layer. Since only bridged packets are filtered at this layer, this table only applies to bridged traffic." ::= { a3ComFilter 5 } a3filterUserGrpAddrEntry OBJECT-TYPE SYNTAX A3filterUserGrpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry in this table identifies a single station address." INDEX { a3filterUserGrpAddrIndex, a3filterUserGrpAddress } ::= { a3filterUserGrpAddrTable 1 } A3filterUserGrpAddrEntry ::= SEQUENCE { a3filterUserGrpAddrIndex a3filterUserGrpAddress a3filterUserGrpAddrStatus }

    INTEGER (1..16), MacAddress, RowStatus

    a3filterUserGrpAddrIndex OBJECT-TYPE SYNTAX INTEGER (1..16) ACCESS read-only STATUS mandatory DESCRIPTION "This is used to identify a group of station addresses. This object has the same value as a3filterUserGrpIndex." ::= { a3filterUserGrpAddrEntry 1 } a3filterUserGrpAddress OBJECT-TYPE SYNTAX MacAddress ACCESS read-only STATUS mandatory DESCRIPTION "A single station physical address." ::= { a3filterUserGrpAddrEntry 2 }

    a3filterUserGrpAddrStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to add and delete entries in this table. See the notes describing RowStatus at the beginning of this MIB." ::= { a3filterUserGrpAddrEntry 3 } a3filterPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF A3filterPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing filtering Policy. Each Policy applies a set of selection criteria (Masks) to a context (in terms of ports or station groups) and associates an action with that application." ::= { a3ComFilter 6 } a3filterPolicyEntry OBJECT-TYPE SYNTAX A3filterPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The definition of a single Policy." INDEX { a3filterPolicyIndex } ::= { a3filterPolicyTable 1 } A3filterPolicyEntry ::= SEQUENCE { a3filterPolicyIndex a3filterPolicyName a3filterPolicyAction a3filterPolicyMask1 a3filterPolicyMask2 a3filterPolicyMask3 a3filterPolicyMask4 a3filterPolicyContext a3filterPolicyPorts1 a3filterPolicyPorts2 a3filterPolicyPackets a3filterPolicyBytes a3filterPolicyStatus a3filterPolicyX25ProfId }

    INTEGER (1..64), DisplayString (SIZE (0..15)), INTEGER, INTEGER, INTEGER, INTEGER, INTEGER, INTEGER, OCTET STRING, OCTET STRING, Counter, Counter, RowStatus, INTEGER

    a3filterPolicyIndex OBJECT-TYPE SYNTAX INTEGER (1..64) ACCESS read-only STATUS mandatory DESCRIPTION "The index used to identify a filter policy entry."

    ::= { a3filterPolicyEntry 1 } a3filterPolicyName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..15)) ACCESS read-write STATUS mandatory DESCRIPTION "A textual name used to help identify a filter policy entry. Each entry must have a unique name." ::= { a3filterPolicyEntry 2 } a3filterPolicyAction OBJECT-TYPE SYNTAX INTEGER { discard (1), forward (2), count (3), sequence (4), prioritizeHigh (5), prioritizeMed (6), prioritizeLow (7), doddiscard (8), x25ProfId (9) } ACCESS read-write STATUS mandatory DESCRIPTION "The action taken when a packet matches all the masks (applied in the proper context) identified in this policy entry. If this object has the value discard(1), then all packets that match the masks and context of this entry are discarded. If this object has the value forward(2), then all packets that match the masks and context of this entry are forwarded. If this object has the value count(3), then all packets that match the masks and context of this entry are counted. The actual counts can be obtained by requesting the values of a3filterPolicyPackets and a3filterPolicyBytes. If this object has the value sequence(4), then all bridged packets destined for a port with multiple serial paths that match the masks and context of this entry are forwarded in sequence. If this object has the value prioritze, then all packets destined for a port supported by one or more serial paths that match the masks and context of this entry are given higher priority. If this object has the value doddiscard(8), then all packets that match the masks and context of this entry will be subjected to the 'DODdiscard' action; ie, those packets will be discarded and will not raise a DOD path if the path is down, or if the path is UP, those packets will be forwarded but will not keep the path up.

    If this object has the value x25ProfId(9), then all packets that match the masks and context of this entry will use the X25 Profile identified by a3filterPolicyX25ProfId when passing those packets over an X25 network." ::= { a3filterPolicyEntry 3 } a3filterPolicyMask1 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object identifies an entry in either of the Mask Tables. Each filter policy entry identifies up to four separate masks. An entry of zero for this object identifies a null mask." ::= { a3filterPolicyEntry 4 } a3filterPolicyMask2 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object identifies an entry in either of the Mask Tables. Each filter policy entry identifies up to four separate masks. An entry of zero for this object identifies a null mask." ::= { a3filterPolicyEntry 5 } a3filterPolicyMask3 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object identifies an entry in the Mask Table. Each filter policy entry identifies up to four separate masks. An entry of zero for this object identifies a null mask." ::= { a3filterPolicyEntry 6 } a3filterPolicyMask4 OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object identifies an entry in the Mask Table. Each filter policy entry identifies up to four separate masks. An entry of zero for this object identifies a null mask." ::= { a3filterPolicyEntry 7 } a3filterPolicyContext OBJECT-TYPE SYNTAX INTEGER { all (1), atPorts1 (2), fromPorts1 (3), fromPorts1ToPorts2 (4), toPorts1 (5),

    betweenPorts1AndPorts2 (6), amongPorts1 (7) } ACCESS read-write STATUS mandatory DESCRIPTION "Supplies conditions on when to apply the masks to a packet. These conditions relate to the source and destination ports of a packet. All (1) means apply the action in all contexts. AT (2) means apply the action if the packet is received from or distined to the ports specified by a3filterPolicyPorts1. TO (3) means apply the action if the packet is destined to those ports. FROM (4) means apply the action if the packet is received from one of those specified ports. FROM ports1 TO ports2 (5) means apply the action if the packet is received from the ports defined by a3filterPolicyPorts1 and destined to the port defined by a3filterPolicyPorts2. BETWEEN ports1 AND ports2 (6) means apply the action if the packet is received from one of the ports defined by a3filterPolicyPorts1 and destined for one of the ports defined by a3filterPolicyPorts2 or if the packet is received from one of the ports defined by a3filterPolicyPorts2 and destined for one of the ports defined by a3filterPolicyPorts1. Finally AMONG (7) means apply the action if the packet is received from and destined to one of the ports specified by a3filterPolicyPorts1" DEFVAL { all } ::= { a3filterPolicyEntry 8 } a3filterPolicyPorts1 OBJECT-TYPE SYNTAX OCTET STRING ACCESS read-write STATUS mandatory DESCRIPTION "This object identifies one or more ports. These ports are used to help identify in what contexts masks are applied. This is used in conjunction with a3filterPolicyContext. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered port, and the least significant bit represents the highest numbered port. Thus, each port of the bridge is represented by a single bit within the value of this object. If that bit has a value of '1' then that port is included in the set of ports; the port is not included if its bit has a value of '0'. (Note that the setting of the bit corresponding to the port from which a frame is received is irrelevant.)" ::= { a3filterPolicyEntry 9 } a3filterPolicyPorts2 OBJECT-TYPE SYNTAX OCTET STRING ACCESS read-write STATUS mandatory DESCRIPTION

    "This object identifies one or more ports. These ports are used to help identify in what contexts masks are applied. This is used in conjunction with a3filterPolicyContext. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered port, and the least significant bit represents the highest numbered port. Thus, each port of the bridge is represented by a single bit within the value of this object. If that bit has a value of '1' then that port is included in the set of ports; the port is not included if its bit has a value of '0'. (Note that the setting of the bit corresponding to the port from which a frame is received is irrelevant.) Note, this object only applies if a3filterPolicyContext has the value fromPorts1ToPorts2 (5) or betweenPorts1AndPorts2 (6) or amongPorts1(7)." ::= { a3filterPolicyEntry 10 } a3filterPolicyPackets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets that match the policy defined by this entry." ::= { a3filterPolicyEntry 11 } a3filterPolicyBytes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of bytes in the packets that match the policy defined by this entry." ::= { a3filterPolicyEntry 12 } a3filterPolicyStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to add and delete entries in this table. See the notes describing RowStatus at the beginning of this MIB." ::= { a3filterPolicyEntry 13 } a3filterPolicyX25ProfId OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The index used to identify the X25 Profile ID if a3filterPoli cyAction is set to X25ProfId." ::= { a3filterPolicyEntry 14 }

    END

    You might also like