No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

MIB Reference

S12700 V200R010C00

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
hwAclAdvancedRuleTable

hwAclAdvancedRuleTable

This table is used to create rules in an advanced ACL rule group.

This table uses the index of hwAclNumGroupTable together with an object with the increasing value, that is, rule ID, as its index.

The indexes of this table are hwAclAdvancedAclNum and hwAclAdvancedSubitem.

OID

Object Name

Syntax

Max Access

Description

Implemented Specifications

1.3.6.1.4.1.2011.5.1.1.5.1.1

hwAclAdvancedAclNum

Integer32 (3000..3999)

Read-only

The value of this object identifies the primary index.

It corresponds to the index of hwAclNumGroupTable, indicating the rule group number.

The value ranges from 3000 to 3999.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.2

hwAclAdvancedSubitem

Unsigned int32

Read-only

The value of this object identifies the secondary index.

It is rule ID in a rule group.

The value ranges from 0 to 4294967294.

If the rule corresponding to the rule ID exists, the new rule overwrites the old one. This operation equals modifying an existent ACL rule.

If the rule corresponding to the rule ID does not exist, a new rule is created and inserted based on the order of the rule ID.

If no rule ID is specified, the system automatically assigns one when you create a rule.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.3

hwAclAdvancedAct

INTEGER

{

permit(1),

deny(2)

}

Read-create

The value of this object identifies the action of an ACL rule.

The value can be:

  • permit(1): permits the packets that match the rule
  • deny(2): discards the packets that match the rule

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.4

hwAclAdvancedProtocol

Integer32 (0..255)

Read-create

The object indicates the protocol type of a rule. It specifies the protocol type over IP.

The value ranges from 0 to 255. The value 0 indicates any types of IP packets.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.5

hwAclAdvancedSrcIp

IpAddress

Read-create

The value of this object identifies the source IP address.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.6

hwAclAdvancedSrcWild

IpAddress

Read-create

The value of this object identifies the wildcard mask of the source IP address.

The value ranges from 0.0.0.0 to 255.255.255.255.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.7

hwAclAdvancedSrcOp

INTEGER

{

lt(1),

eq(2),

gt(3),

invalid(0),

range(5)

}

Read-create

The value of this object identifies the operator of the source port range.

The value can be:

  • invalid(0): indicates "invalid". That is, the current operation is invalid.
  • lt(1): indicates "less than".
  • eq(2): indicates "equal".
  • gt(3): indicates "larger than".
  • range(5): indicates "between".

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.8

hwAclAdvancedSrcPort1

Integer32 (0..65535)

Read-create

The value of this object identifies the lower limit of the source port number.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.9

hwAclAdvancedSrcPort2

Integer32 (0..65535)

Read-create

The value of this object identifies the upper limit of the source port number.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.10

hwAclAdvancedDestIp

IpAddress

Read-create

This object indicates the destination IP address.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.11

hwAclAdvancedDestWild

IpAddress

Read-create

This object indicates the mask of the destination IP address.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.12

hwAclAdvancedDestOp

INTEGER

{lt(1),

eq(2),

gt(3),

invalid(0),

range(5)

}

Read-create

The value of this object identifies the operator of the destination port range.

The value can be:

  • invalid(0): indicates "invalid". That is, the current operation is invalid.
  • lt(1): indicates "less than".
  • eq(2): indicates "equal".
  • gt(3): indicates "larger than".
  • range(5): indicates "between".

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.13

hwAclAdvancedDestPort1

Integer32 (0..65535)

Read-create

The value of this object identifies the lower limit of the destination port number.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.14

hwAclAdvancedDestPort2

Integer32 (0..65535)

Read-create

The value of this object identifies the upper limit of the destination port number.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.15

hwAclAdvancedPrecedence

Integer32 (0..7 | 255)

Read-create

The value of this object identifies the precedence sub-field.

It is the higher 3 bits of the TOS field in an IP header.

The value ranges from 0 to 7.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.16

hwAclAdvancedTos

Integer32 (0..15 | 255)

Read-create

The value of this object identifies the TOS sub-field.

This field covers 4 bits after the higher three bits of the TOS field in an IP header.

The value ranges from 0 to 15.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.17

hwAclAdvancedDscp

Integer32 (0..63 | 255)

Read-create

The value of this object identifies the higher 7 bits of the TOS field in an IP header.

The value ranges from 0 to 63.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.18

hwAclAdvancedEstablish

TruthValue

Read-create

This object indicates whether to create an ACL rule group.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.19

hwAclAdvancedTimeRangeIndex

Integer32 (0..256)

Read-create

The value of this object identifies the index of a time range during which an ACL rule can be applied.

The value ranges from 0 to 256. The value 0 means no time range. It declares that the ACL rule has no time range.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.20

hwAclAdvancedIcmpType

Integer32 (0..255 | 65535)

Read-create

The value of this object identifies the ICMP message type.

The value ranges from 0 to 255. The value 65535 is invalid.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.21

hwAclAdvancedIcmpCode

Integer32 (0..255 | 65535)

Read-create

The value of this object identifies the ICMP code.

The value ranges from 0 to 255. The value 65535 is invalid.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.22

hwAclAdvancedFragments

INTEGER

{

fragment(1),

nonFragment(2),

}

Read-create

This object cannot be modified once a rule is created. Enumeration.

This object indicates the type of the packet. The value can be:

  • 1: fragment, indicating that the packet is a fragment
  • 2: nonFragment, indicating that the packet is not a fragment

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.23

hwAclAdvancedLog

TruthValue

Read-create

This object indicates whether to record logs for the matched packets.

The value can be:

  • true(1)
  • false(2)

The log contents include the sequence number of an ACL rule, packets passed or discarded, upper layer protocol type over IP, source or destination address, source or destination port number, and number of packets.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.24

hwAclAdvancedEnable

TruthValue

Read-only

This object indicates whether the ACL rule takes effect currently.

The value can be:
  • true(1)
  • false(2)

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.25

hwAclAdvancedCount

Counter64

Read-only

The value of this object identifies the count of bits matched with an ACL rule.

A maximum of 64 bits can be matched with an ACL rule.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.27

hwAclAdvancedRowStatus

RowStatus

Read-create

This object indicates the status of the rows.

Currently, createAndGo and destroy are implemented.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.28

hwAclAdvancedTcpSyncFlag

Integer32

Read-create

The value of this object identifies a TCP Synchronization flag.

The value ranges from 0 to 63. The value -1 is invalid.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.29

hwAclAdvancedDescription

OCTET STRING (SIZE (1..127))

Read-create

The description of an advanced ACL.

The length cannot exceed 127 characters.

This object is implemented as defined in the corresponding MIB file.

1.3.6.1.4.1.2011.5.1.1.5.1.32

hwAclAdvancedProtocolNew

Integer32 (0..255|65535)

read-create

The value of this object identifies the protocol type of ACL rules.

This object is implemented as defined in the corresponding MIB files.

Creation Restriction

  • Before you create an ACL rule, the primary index must have a corresponding value in hwAclNumGroupTable.

  • When you create an ACL rule, hwAclAdvancedAct is necessarily configured.

  • You need to specify the values of hwAclAdvancedSrcIp and hwAclAdvancedSrcWild simultaneously.

  • You need to specify the values of hwAclAdvancedSrcOp and (hwAclAdvancedSrcPort1 | hwAclAdvancedSrcPort2) simultaneously.

  • You need to specify the values of hwAclAdvancedDestIp and hwAclAdvancedDestWild simultaneously.

  • You need to specify the values of hwAclAdvancedDestOp and (hwAclAdvancedDestPort1| hwAclAdvancedDestPort2) simultaneously.

  • hwAclAdvancedIcmpCode and hwAclAdvancedIcmpType must be specified simultaneously, and hwAclAdvancedIcmpType can be specified independently.

  • You cannot set hwAclAdvancedPrecedence and hwAclAdvancedDscp simultaneously.

  • When you specify the index of a time range during which an ACL rule can be applied, the time range that the index corresponds to must exist; otherwise, creating an ACL rule fails.

  • You need to specify the row status CreateAndGo of hwAclNumGroupRowStatus.

  • hwAclAdvancedDescription must be separately set, and does not support multiple variable bindings.

Modification Restriction

The following entries in this table cannot be modified after created:

hwAclAdvancedAct, hwAclAdvancedProtocol, hwAclAdvancedSrcIp, hwAclAdvancedSrcWild, hwAclAdvancedSrcOp, hwAclAdvancedSrcPort1, hwAclAdvancedSrcPort2, hwAclAdvancedDestIp, hwAclAdvancedDestWild, hwAclAdvancedDestOp, hwAclAdvancedDestPort1, hwAclAdvancedDestPort2, hwAclAdvancedPrecedence, hwAclAdvancedTos, hwAclAdvancedDscp, hwAclAdvancedEstablish,hwAclAdvancedTimeRangeIndex, hwAclAdvancedIcmpType, hwAclAdvancedIcmpCode, hwAclAdvancedFragments, hwAclAdvancedLog, hwAclAdvancedTcpSyncFlag.

Deletion Restriction

You need to specify the row status destroy.

Access Restriction

The entries in this table have values only when the entries in hwAclNumGroupTable have values.

Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000142096

Views: 171636

Downloads: 80

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next