No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

MIB Reference

AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R007

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
hwAclAdvancedRuleTable

hwAclAdvancedRuleTable

This table is used to create an advanced ACL and configure rules for it.

The indexes of this table are hwAclAdvancedAclNum and hwAclAdvancedSubitem, that is, this table uses the index of hwAclNumGroupTable and an increasing object (that is, the rule ID) as indexes.

OID

Object Name

Syntax

Description

Max Access

Implemented Specifications

1.3.6.1.4.1.2011.5.1.1.5.1.1

hwAclAdvancedAclNum

Integer32

This object indicates the number of an advanced ACL. The value is the same as hwAclNumGroupAclNum[1] in hwAclNumGroupTable. The value ranges from 3000 to 3999.

Read-only

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.2

hwAclAdvancedSubitem

Counter64

This object indicates the rule ID in an ACL. The value ranges from 0 to 4294967294.

Read-only

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.3

hwAclAdvancedAct

INTEGER

This object indicates the action taken for the matching traffic:

  • 1: permit
  • 2: deny

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.4

hwAclAdvancedProtocol

Integer32

This object indicates the protocol number in rules. The value ranges from 1 to 255.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.5

hwAclAdvancedSrcIp

IpAddress

This object indicates the source IP address in rules.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.6

hwAclAdvancedSrcWild

IpAddress

This object indicates the wildcard mask of a source IP address. The value ranges from 0.0.0.0 to 255.255.255.255.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.7

hwAclAdvancedSrcOp

INTEGER

This object indicates a source port in rules:

  • 1: lt
  • 2: eq
  • 3: gt
  • 5: range

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.8

hwAclAdvancedSrcPort1

Integer32

This object indicates the start number of a source port. (The lower port number)

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.9

hwAclAdvancedSrcPort2

Integer32

This object indicates the end number of a source port. (The higher port number)

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.10

hwAclAdvancedDestIp

IpAddress

This object indicates the destination IP address in rules.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.11

hwAclAdvancedDestWild

IpAddress

This object indicates the mask of a destination IP address.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.12

hwAclAdvancedDestOp

INTEGER

This object indicates the destination port:

  • 1: lt
  • 2: eq
  • 3: gt
  • 5: range

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.13

hwAclAdvancedDestPort1

Integer32

This object indicates the start number of a destination port. (The lower port number)

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.14

hwAclAdvancedDestPort2

Integer32

This object indicates the end number of a destination port. (The higher port number)

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.15

hwAclAdvancedPrecedence

Integer32

This object indicates the IP precedence in rules,

that is, higher-order 3 bits of the ToS field in an IP packet. The value ranges from 0 to 7.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.16

hwAclAdvancedTos

Integer32

This object indicates the ToS precedence in rules,

that is, higher-order 4 bits of the ToS field in an IP packet. The value ranges from 0 to 15.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.17

hwAclAdvancedDscp

Integer32

This object indicates the DSCP priority in rules,

that is, higher-order 7 bits of the ToS field in an IP packet. The value ranges from 0 to 63.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.18

hwAclAdvancedEstablish

TruthValue

At present, the object is not supported.

Not supported

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.19

hwAclAdvancedTimeRangeIndex

Integer32

This object indicates the index of the time range referenced by a rule. The value ranges from 1 to 256.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.20

hwAclAdvancedIcmpType

Integer32

This object indicates the ICMP type. The value ranges from 0 to 255.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.21

hwAclAdvancedIcmpCode

Integer32

This object indicates the ICMP code. The value ranges from 0 to 255.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.22

hwAclAdvancedFragments

TruthValue

This object indicates whether a packet is the first fragment:

  • 0: non-first fragment
  • 1: all fragments

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.24

hwAclAdvancedEnable

INTEGER

This object indicates whether a rule takes effect. The value can be:
  • 1: enabled
  • 2: disabled

read-only

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.25

hwAclAdvancedCount

Counter64

This object indicates the number of times the ACL rule can be matched. The value is 32 bits long.

read-only

current

1.3.6.1.4.1.2011.5.1.1.5.1.26

hwAclAdvancedVrfName

OCTET STRING

This object indicates the name of a VPN instance to which rules belong. The value is a string of 1 to 31 characters.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.27

hwAclAdvancedRowStatus

RowStatus

This object indicates the row status:

  • 1: Active
  • 4: createandgo
  • 6: destroy

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.28

hwAclAdvancedTcpSyncFlag

Integer32

This object indicates the SyncFlag of TCP and ranges from 1 to 63.

Read-create

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.1.1.5.1.29

hwAclAdvancedDescription

OCTET STRING

This object indicates the rule description, which is a string of 1 to 127 characters without question mark (?).

Read-create

This object is implemented as defined in the corresponding MIB files.

Creation Restriction

  • Before creating a rule, ensure that the value of the primary index exists in hwAclNumGroupTable.

  • When creating a rule, set both hwAclAdvancedAct and hwAclAdvancedProtocol.

  • hwAclAdvancedSrcIp and hwAclAdvancedSrcWild must be set simultaneously.

  • hwAclAdvancedSrcOp and (hwAclAdvancedSrcPort1 | hwAclAdvancedSrcPort2) must be set simultaneously.

  • hwAclAdvancedDestIp and hwAclAdvancedDestWild must be set simultaneously.

  • hwAclAdvancedDestOp and (hwAclAdvancedDestPort1| hwAclAdvancedDestPort2) must be set simultaneously.

  • hwAclAdvancedIcmpType and hwAclAdvancedIcmpCode must be set simultaneously.

  • You need to apply an existing time range to the created rule in the MIB.

  • You need to apply an existing VPN instance to the created rule in the MIB.

Modification Restriction

When modifying entries, set the value of hwAclNumGroupRowStatus to 1 (Active).

When modifying a rule, set both hwAclAdvancedAct and hwAclAdvancedProtocol.

hwAclAdvancedSrcIp and hwAclAdvancedSrcWild must be set simultaneously.

hwAclAdvancedSrcOp and (hwAclAdvancedSrcPort1 | hwAclAdvancedSrcPort2) must be set simultaneously.

hwAclAdvancedDestIp and hwAclAdvancedDestWild must be set simultaneously.

hwAclAdvancedDestOp and (hwAclAdvancedDestPort1| hwAclAdvancedDestPort2) must be set simultaneously.

hwAclAdvancedIcmpType and hwAclAdvancedIcmpCode must be set simultaneously.

You need to apply an existing time range to the modified rule in the MIB.

You need to apply an existing VPN instance to the modified rule in the MIB.

Deletion Restriction

The entries in this table can be deleted without restriction.

Access Restriction

The value of this table exists only when the value of hwAclNumGroupTable exists.

Translation
Download
Updated: 2019-06-05

Document ID: EDOC1000097213

Views: 121518

Downloads: 681

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next