BAS-ACCESS-FILTER-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, IpAddress, OBJECT-TYPE, Counter32, Gauge32, Integer32 FROM SNMPv2-SMI RowStatus, TruthValue FROM SNMPv2-TC IANAifType FROM IANAifType-MIB basExtIp, BasChassisId, BasSlotId, BasInterfaceId, BasCardClass, BasLogicalPortId, basAccessFilterMib FROM BAS-MIB; basAccessFilterMibModule MODULE-IDENTITY LAST-UPDATED "9810071415Z" ORGANIZATION "Broadband Access Systems" CONTACT-INFO " Tech Support Broadband Access Systems 8 Technology Drive Westborough, MA 01581 U.S.A. 508-366-8833 support@basystems.com" DESCRIPTION "This module defines filtering MIB objects for Broadband Access Systems." ::= { basAccessFilterMib 1 } basAccessFilter OBJECT IDENTIFIER ::= { basAccessFilterMibModule 1 } --Priority Determines the search order of the table. -- Higher priorities Classifiers are searched before lower priority -- Classifiers. --IP Classification Parameters (Zero or more of the IP classification parameters) -- IP TOS Range, Mask -- IP protocol -- IP source address/mask -- IP destination address/mask -- TCP Source Port Start - End -- TCP Destination Port Start - End -- UDP Source Port Start - End -- UDP Destination Port Start - End -- TCP flags -- Established - if ACK or RST flags are set -- Sync - SYNC flag set --Actions Determines what action should be taken if there is a match. -- Allow -- Deny -- Change IP TOS Overwrite Action Value with which -- TOS field needs to be overwritten. -- Service Flow Identifier Identifier of a specific flow to which this -- packet is to be directed. -- QOS parameters Identifies QOS parameters that need to be -- used for this flow. --Direction Determines in or out direction filter is applied to -- In (upstream) -- Out (downstream) basAccessFilterTable OBJECT-TYPE SYNTAX SEQUENCE OF BasAccessFilterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table containing filter definitions." ::= { basAccessFilter 1 } basAccessFilterEntry OBJECT-TYPE SYNTAX BasAccessFilterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The addressing information for one of this entity's IP addresses." INDEX { basAccessFilterChassis, basAccessFilterSlot, basAccessFilterIf, basAccessFilterLPort, basAccessFilterListIndex, basAccessFilterIndex } ::= { basAccessFilterTable 1 } BasAccessFilterEntry ::= SEQUENCE { basAccessFilterChassis BasChassisId, basAccessFilterSlot BasSlotId, basAccessFilterIf BasInterfaceId, basAccessFilterLPort BasLogicalPortId, basAccessFilterListIndex Integer32, basAccessFilterIndex Integer32, basAccessFilterTosRange Integer32, basAccessFilterTosMask Integer32, basAccessFilterIPProtocol INTEGER, basAccessFilterIpSrc IpAddress, basAccessFilterIpSrcMask IpAddress, basAccessFilterIpDst IpAddress, basAccessFilterIpDstMask IpAddress, basAccessFilterTcpSrcStart Integer32, basAccessFilterTcpSrcEnd Integer32, basAccessFilterTcpDstStart Integer32, basAccessFilterTcpDstEnd Integer32, basAccessFilterUdpSrcStart Integer32, basAccessFilterUdpSrcEnd Integer32, basAccessFilterUdpDstStart Integer32, basAccessFilterUdpDstEnd Integer32, basAccessFilterTcpEstablished TruthValue, basAccessFilterTcpSync TruthValue, basAccessFilterAction INTEGER, basAccessFilterTosValue Integer32, basAccessFilterServiceFlowId Integer32, basAccessFilterQosParams Integer32, basAccessFilterLog TruthValue, basAccessFilterRowStatus RowStatus } basAccessFilterChassis OBJECT-TYPE SYNTAX BasChassisId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS Chassis ID of the Route Server." ::= { basAccessFilterEntry 1 } basAccessFilterSlot OBJECT-TYPE SYNTAX BasSlotId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS Slot ID of the Route Server." ::= { basAccessFilterEntry 2 } basAccessFilterIf OBJECT-TYPE SYNTAX BasInterfaceId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS interface ID of the Route Server." ::= { basAccessFilterEntry 3 } basAccessFilterLPort OBJECT-TYPE SYNTAX BasLogicalPortId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS logical port ID of the Route Server." ::= { basAccessFilterEntry 4 } basAccessFilterListIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Unique Access List index." ::= { basAccessFilterEntry 5 } basAccessFilterIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Unique Filter index." ::= { basAccessFilterEntry 6 } basAccessFilterTosRange OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "TOS Range to filter on." DEFVAL { 0 } ::= { basAccessFilterEntry 7 } basAccessFilterTosMask OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Mask to use with the TosRange." DEFVAL { 0 } ::= { basAccessFilterEntry 8 } basAccessFilterIPProtocol OBJECT-TYPE SYNTAX INTEGER { ip(1), udp(2), tcp(3), icmp(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "IP protocol on which to match." DEFVAL { 1 } ::= { basAccessFilterEntry 9 } basAccessFilterIpSrc OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Source IP address to match." DEFVAL { 0 } ::= { basAccessFilterEntry 10 } basAccessFilterIpSrcMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Mask to use with the Source IP filter." DEFVAL { 0 } ::= { basAccessFilterEntry 11 } basAccessFilterIpDst OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Destination IP address to match." DEFVAL { 0 } ::= { basAccessFilterEntry 12 } basAccessFilterIpDstMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Mask to use with IP destination address filter." DEFVAL { 0 } ::= { basAccessFilterEntry 13 } basAccessFilterTcpSrcStart OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Start of the TCP source port range to filter on. NOTE: If the End of range is 0 then match on only Start." DEFVAL { 0 } ::= { basAccessFilterEntry 14 } basAccessFilterTcpSrcEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "End of the TCP source port range to filter on." DEFVAL { 0 } ::= { basAccessFilterEntry 15 } basAccessFilterTcpDstStart OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Start of the TCP destination port range to filter on. NOTE: If the End of range is 0 then match on only Start." DEFVAL { 0 } ::= { basAccessFilterEntry 16 } basAccessFilterTcpDstEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "End of the TCP destination port range to filter on." DEFVAL { 0 } ::= { basAccessFilterEntry 17 } basAccessFilterUdpSrcStart OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Start of the UDP source port range to filter on. NOTE: If the End of range is 0 then match on only Start." DEFVAL { 0 } ::= { basAccessFilterEntry 18 } basAccessFilterUdpSrcEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "End of the UDP source port range to filter on." DEFVAL { 0 } ::= { basAccessFilterEntry 19 } basAccessFilterUdpDstStart OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Start of the UDP destination port range to filter on. NOTE: If the End of range is 0 then match on only Start." DEFVAL { 0 } ::= { basAccessFilterEntry 20 } basAccessFilterUdpDstEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "End of the UDP destination port range to filter on." DEFVAL { 0 } ::= { basAccessFilterEntry 21 } basAccessFilterTcpEstablished OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Match on established TCP connections ." DEFVAL { false } ::= { basAccessFilterEntry 22 } basAccessFilterTcpSync OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Match on TCP SYNC flag." DEFVAL { false } ::= { basAccessFilterEntry 23 } basAccessFilterAction OBJECT-TYPE SYNTAX INTEGER { deny(1), allow(2), changeTos(3), changeServiceFlowId(4), changeQosParams(5) } MAX-ACCESS read-write STATUS current DESCRIPTION "Action for this filter: deny(1) - drop packets that match, allow(2) - pass them and maybe log changeTos(3) - change Tos to basAccessFilterTosValue changeServiceFlowId(4) - return ServiceFlowId changeQosParams(5) - return QosParameters to use." DEFVAL { 1 } ::= { basAccessFilterEntry 24 } basAccessFilterTosValue OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-write STATUS current DESCRIPTION "Set TOS to this value. basAccessFilterAction has to be changeTos." DEFVAL { 0 } ::= { basAccessFilterEntry 25 } basAccessFilterServiceFlowId OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Use value for Service Flow ID. basAccessFilterAction has to be changeServiceFlowId." DEFVAL { 0 } ::= { basAccessFilterEntry 26 } basAccessFilterQosParams OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Use Qos Params indexed with index returned. basAccessFilterAction has to be changeQosParams." DEFVAL { 0 } ::= { basAccessFilterEntry 27 } basAccessFilterLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Match on TCP SYNC flag." DEFVAL { false } ::= { basAccessFilterEntry 28 } basAccessFilterRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Match on TCP SYNC flag." ::= { basAccessFilterEntry 29 } -- -- Filter to interface table -- indexed by FIA, access list index and direction of the filter (inward, outward) -- basAccessFilterIfTable OBJECT-TYPE SYNTAX SEQUENCE OF BasAccessFilterIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table containing filter definitions." ::= { basAccessFilter 2 } basAccessFilterIfEntry OBJECT-TYPE SYNTAX BasAccessFilterIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The addressing information for one of this entity's IP addresses." INDEX { basAccessFilterIfChassis, basAccessFilterIfSlot, basAccessFilterIfIf, basAccessFilterIfLPort, basAccessFilterIfIfx, basAccessFilterIfListIndex, basAccessFilterIfDirection, basAccessFilterIfPriority } ::= { basAccessFilterIfTable 1 } BasAccessFilterIfEntry ::= SEQUENCE { basAccessFilterIfChassis BasChassisId, basAccessFilterIfSlot BasSlotId, basAccessFilterIfIf BasInterfaceId, basAccessFilterIfLPort BasLogicalPortId, basAccessFilterIfIfx Integer32, basAccessFilterIfListIndex Integer32, basAccessFilterIfDirection INTEGER, basAccessFilterIfPriority Integer32, basAccessFilterIfRowStatus RowStatus } basAccessFilterIfChassis OBJECT-TYPE SYNTAX BasChassisId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS Chassis ID of the Route Server." ::= { basAccessFilterIfEntry 1 } basAccessFilterIfSlot OBJECT-TYPE SYNTAX BasSlotId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS Slot ID of the Route Server." ::= { basAccessFilterIfEntry 2 } basAccessFilterIfIf OBJECT-TYPE SYNTAX BasInterfaceId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS interface ID of the Route Server." ::= { basAccessFilterIfEntry 3 } basAccessFilterIfLPort OBJECT-TYPE SYNTAX BasLogicalPortId MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BAS logical port ID of the Route Server." ::= { basAccessFilterIfEntry 4 } basAccessFilterIfIfx OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "If Index of the Interface to apply filter" ::= { basAccessFilterIfEntry 5 } basAccessFilterIfListIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Unique Access List index." ::= { basAccessFilterIfEntry 6 } basAccessFilterIfDirection OBJECT-TYPE SYNTAX INTEGER { in(1), out(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "Unique Access List index." ::= { basAccessFilterIfEntry 7 } basAccessFilterIfPriority OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Unique priority index to apply this Access List to for this interface." ::= { basAccessFilterIfEntry 8 } basAccessFilterIfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Unique Access List index." ::= { basAccessFilterIfEntry 9 } END