FIREWALL-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
14
Rows
14
Columns
100
fwlDefnFilterTable
table.1.3.6.1.4.1.2076.16.2.3
·
1 row entry
·
16 columns
This table is used to configure the Filters in the Firewall. The Filters can be configured as 'Filter1 10.0.0.0/24 108.0.4.1/32 6'. It means that in Filter1, the source address can range from 10.0.0.0 to 10.0.0.255 and destination address is 108.0.4.1 and protocol is TCP. The mask used is not wild-card mask. If a configured Filter is to be deleted, it must ensure that the Rules using this particular filter or this Filter applied on a particular interface, must be deleted first.
The individual entry in the above table.
Indexes
fwlFilterFilterName
| Column | Syntax | OID | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlFilterFilterName
This Filter name uniquely identifies the particular Filter
configured. |
OctetString Constraints: range: 0-35 |
.1.3.6.1.4.1.2076.16.2.3.1.1 |
||||||||||||||||||||||||||||||||
|
fwlFilterSrcAddress
The source IP address and the source mask to be checked
against the packet. The default value is 0.0.0.0/0. The address value should not be specified without the mask value. ('10.0.14.23') |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.3.1.2 |
||||||||||||||||||||||||||||||||
|
fwlFilterDestAddress
The destination IP address and the destination mask to be
checked against the packet. The default value is 0.0.0.0/0. The address value should not be specified without the mask value. ('10.0.14.23') |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.3.1.3 |
||||||||||||||||||||||||||||||||
|
fwlFilterProtocol
The type of protocol to be checked against the packet. The
default value is 'any' (255). If the value is 'any' (255), it means that the protocol type can be anything and it will not be checked to decide the action. |
ProtocolTyper/w Textual Convention: ProtocolType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.4 |
||||||||||||||||||||||||||||||||
|
fwlFilterSrcPort
The source port to be checked against the packet. The range
of port can be specified by using the symbols like '>', '<', '!=', '=', '<=', '>='. For example the port value will be specified as '>1023', '=23', etc. Thi… |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.3.1.5 |
||||||||||||||||||||||||||||||||
|
fwlFilterDestPort
The destination port to be checked against the packet. The
range of port can be specified by using the symbols like '>', '<', '!=', '=', '<=', '>='. For example the port value will be specified as '>1023', '=23', et… |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.3.1.6 |
||||||||||||||||||||||||||||||||
|
fwlFilterAckBit
deprecated
**************** THIS OBJECT IS DEPRECATED ****************
The TCP ACK bit to be checked against the packet. The default value is 'any'(3). It means that ACK bit will not be checked to decide the actio… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.7 |
||||||||||||||||||||||||||||||||
|
fwlFilterRstBit
deprecated
**************** THIS OBJECT IS DEPRECATED ****************
The TCP RST bit to be checked against the packet. The default value is 'any'(3). It means that RST bit will not be checked to decide the actio… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.8 |
||||||||||||||||||||||||||||||||
|
fwlFilterTos
The IP TOS bit to be checked against the packet. This is a
single byte integer of which the last three bits (least significant bits) indicate Delay, Throughput and Reliability i.e. 'uuuuudtr', u-unused, d-delay, t-th… |
SNMPv2-SMIInteger32r/w Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.4.1.2076.16.2.3.1.9 |
||||||||||||||||||||||||||||||||
|
fwlFilterAccounting
This object is used to enable or disable the filter accounting of this
filter. If this object is enabled then the Hit count of this filter will be incremented when the traffic matches this filter. If this object is disa… |
Statusr/w Textual Convention: Status EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.10 |
||||||||||||||||||||||||||||||||
|
fwlFilterHitClear
This object is used to clear the hit count of this filter. The default
value is 'false'. When this object is true, the Hit count for the respective filter will be cleared and the object value will be reset to false. … |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.11 |
||||||||||||||||||||||||||||||||
|
fwlFilterHitsCount
The number of times this Filter is matched while processing
the packet. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.2.3.1.12 |
||||||||||||||||||||||||||||||||
|
fwlFilterAddrType
The address type of the source and destination address.
This object is limited to IPv4 and IPv6 addresses. |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.13 |
||||||||||||||||||||||||||||||||
|
fwlFilterFlowId
The flow label identifier is specific to an IPv6 header
as its to classify the same flow of packets between a source and destination in IPv6 |
Unsigned32r/w Constraints: range: 0-1048575 |
.1.3.6.1.4.1.2076.16.2.3.1.14 |
||||||||||||||||||||||||||||||||
|
fwlFilterDscp
The IP DSCP value is applicable for both IPv4 and IPv6,
but when DSCP is specified TOS value(fwlFilterTos) should not be configured. Also TOS value (fwlFilterTos) is not applicable for IPv6 traffic and its filters |
Integer32r/w Constraints: range: 0-63 |
.1.3.6.1.4.1.2076.16.2.3.1.15 |
||||||||||||||||||||||||||||||||
|
fwlFilterRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.3.1.16 |
fwlDefnRuleTable
table.1.3.6.1.4.1.2076.16.2.4
·
1 row entry
·
3 columns
The table used to configure the Rules by assigning a set of Filters.(Rule1 = Filter1 & Filter2; Rule2 = Filter1 , Filter2; etc.).
The individual entry in the above table.
Indexes
fwlRuleRuleName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlRuleRuleName
The name that identifies the particular Rule configured
in the Firewall . |
OctetString Constraints: range: 0-35 |
.1.3.6.1.4.1.2076.16.2.4.1.1 |
||||||||||||
|
fwlRuleFilterSet
A set of Filters combined to form a Rule and this Rule is
configured globally or on a particular interface. |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.4.1.2 |
||||||||||||
|
fwlRuleRowStatus
This object allows entries to be created or deleted in
this table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.4.1.3 |
fwlDefnAclTable
table.1.3.6.1.4.1.2076.16.2.5
·
1 row entry
·
9 columns
The ACL table will associate the filter or a combination of filters to a specific Action. The ACL name should map with the rule name
The individual entry in the above table.
Indexes
fwlAclIfIndex fwlAclAclName fwlAclDirection
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlAclIfIndex
The interface number in which the filters are to be
configured. The value ranges from 0 to 1000. If the value specified is 0, it means that the filters will be configured globally.(i.e. : filters or rules specifie… |
Integer32 Constraints: range: 0-1000 |
.1.3.6.1.4.1.2076.16.2.5.1.1 |
||||||||||||
|
fwlAclAclName
The name that uniquely identifies the particular Filter or
Rule configured in the Firewall . |
OctetString Constraints: range: 0-35 |
.1.3.6.1.4.1.2076.16.2.5.1.2 |
||||||||||||
|
fwlAclDirection
This specifies in which direction the Filters or Rules are to
be applied on the packets, either to incoming or outgoing packets. |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.3 |
||||||||||||
|
fwlAclAction
This specifies the action to be taken against the packet.
If the action value is 'permit', then the packet will be permitted if the filter or rule matches. If it is 'reject', then the packet will be rejected and an I… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.4 |
||||||||||||
|
fwlAclSequenceNumber
This specifies the order in which the Filters are to be
matched against the packets from a particular interface. The sequence number should not be zero. The sequence numbers are unique. |
Integer32r/w Constraints: range: 1-65535 |
.1.3.6.1.4.1.2076.16.2.5.1.5 |
||||||||||||
|
fwlAclAclType
deprecated
**************** THIS OBJECT IS DEPRECATED ****************
This specifies whether the access list configured on a particular interface is a Filter or a Rule (Combination of Filters). The default value is 'rule'(2). |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.6 |
||||||||||||
|
fwlAclLogTrigger
This specifies whether the log details should be in brief or detail or none .The default value is 'brief(1)'.
|
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.7 |
||||||||||||
|
fwlAclFragAction
This specifies whether the fragmentation has to permitted or denied.
|
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.8 |
||||||||||||
|
fwlAclRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.5.1.9 |
fwlDefnIfTable
table.1.3.6.1.4.1.2076.16.2.6
·
1 row entry
·
9 columns
This table is used for interface specific filtering like filtering based on IP options, Fragments, ICMP Type and Code, etc.
The individual entry in the above table.
Indexes
fwlIfIfIndex
| Column | Syntax | OID | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlIfIfIndex
The interface number in which the filters or rules are to be
configured. |
Integer32 Constraints: range: 0-1000 |
.1.3.6.1.4.1.2076.16.2.6.1.1 |
||||||||||||||||||||||||||||
|
fwlIfIfType
This specifies whether the interface is an external interface
(interface connected to the internet) or internal interface. The default value is 'external'(2). |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.2 |
||||||||||||||||||||||||||||
|
fwlIfIpOptions
The IP options to be checked against the packet. If the
packet matches with the IP option specified, then the packet will be dropped. The default value is 'anyOptions' (4). To disable checking for IP options set the v… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.3 |
||||||||||||||||||||||||||||
|
fwlIfFragments
The Fragment type to be checked against the packet. If
the packet matches with the fragment type, then the packet will be dropped. The default value is anyFragment(3) ensures that all fragments are dropped. The value… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.4 |
||||||||||||||||||||||||||||
|
fwlIfFragmentSize
The maximum size of each fragment when the fragment type 'fwlIfFragments'
is large. |
Unsigned32r/w Constraints: range: 1-65500 |
.1.3.6.1.4.1.2076.16.2.6.1.5 |
||||||||||||||||||||||||||||
|
fwlIfICMPType
The ICMP type to be checked against the packet. If the
ICMP Type matches with the packet, then the packet will be dropped. The default value is 'noICMPType' (255). It means that ICMP Type is not configured and need … |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.6 |
||||||||||||||||||||||||||||
|
fwlIfICMPCode
deprecated
**************** THIS OBJECT IS DEPRECATED ****************
The ICMP Code to be checked against the packet. If the packet matches with the ICMP Code, then the packet will be dropped. The default valu… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.7 |
||||||||||||||||||||||||||||
|
fwlIfICMPv6MsgType
The ICMPv6 type to be checked against the packet. If the
ICMP Type matches with the packet, then the packet will be dropped. The default value is 'noICMPv6Type' (0x0). It means that ICMP Type is not configured and … |
SNMPv2-SMIInteger32r/w Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.4.1.2076.16.2.6.1.8 |
||||||||||||||||||||||||||||
|
fwlIfRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.6.1.9 |
fwlDefnDmzTable
table.1.3.6.1.4.1.2076.16.2.7
·
1 row entry
·
2 columns
This table is used for defining the De-Militarized Zone (DMZ). The host/hosts in this zone will have unrestricted access from the public/external network (Internet).
The individual entry in the above table.
Indexes
fwlDmzIpIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlDmzIpIndex
The IP Address which the DMZ is to be configured.
|
SNMPv2-SMIIpAddress Textual Convention: SNMPv2-SMIIpAddress OctetStringType Constraints: range: 4 |
.1.3.6.1.4.1.2076.16.2.7.1.1 |
||||||||||||
|
fwlDmzRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.7.1.2 |
fwlUrlFilterTable
table.1.3.6.1.4.1.2076.16.2.8
·
1 row entry
·
3 columns
This table is used for defining URL filters. Any http request that matches the URL string will be filtered
The individual entry in the above table.
Indexes
fwlUrlString
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlUrlString
The object specifies the URL string to be filtered
|
OctetString Constraints: range: 1-99 |
.1.3.6.1.4.1.2076.16.2.8.1.1 |
||||||||||||
|
fwlUrlHitCount
The number of times this URL Filter is matched while processing
the packet |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.2.8.1.2 |
||||||||||||
|
fwlUrlFilterRowStatus
This object allows entries to be created or deleted in this
table |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.8.1.3 |
fwlDefnBlkListTable
table.1.3.6.1.4.1.2076.16.2.9
·
1 row entry
·
6 columns
This table is a user configurable table. It is used for listing the IP Addresses that are black listed. The traffic from or to a blacklisted IP Address shall be dropped.
The individual entry in the above table.
Indexes
fwlBlkListIpAddressType fwlBlkListIpAddress fwlBlkListIpMask
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlBlkListIpAddressType
The address type of fwlBlkListIpAddress (IPv4/Ipv6)
|
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.9.1.1 |
||||||||||||||
|
fwlBlkListIpAddress
The IP Address is to be listed as Blacklist.
|
INET-ADDRESS-MIBInetAddress Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.9.1.2 |
||||||||||||||
|
fwlBlkListIpMask
The IP Subnet mask for the IP address to be blacklisted.
|
bitsINET-ADDRESS-MIBInetAddressPrefixLength Textual Convention: INET-ADDRESS-MIBInetAddressPrefixLength Unsigned32Type Constraints: range: 0..2040 |
.1.3.6.1.4.1.2076.16.2.9.1.3 |
||||||||||||||
|
fwlBlkListHitsCount
The number of times BlackList is matched while processing
the packet. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.2.9.1.4 |
||||||||||||||
|
fwlBlkListEntryType
This object is used to display whether the entry is created
by administrator or the entry is created dynamically through snort module. static(0) - BlkListEntry is added by adminstrator. dynamic(1) - BlkListEntr… |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.2.9.1.5 |
||||||||||||||
|
fwlBlkListRowStatus
This object allows entries to be created or deleted in this
Table. The row status values are CREATE_AND_GO and DESTROY |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.9.1.6 |
fwlDefnWhiteListTable
table.1.3.6.1.4.1.2076.16.2.10
·
1 row entry
·
5 columns
This is a user configurable table. This table is used for listing the IP Addresses that are to be listed as White list. The traffic from or to the IP Address in this White list shall be forwarded bypassing the firewall.
The individual entry in the above table.
Indexes
fwlWhiteListIpAddressType fwlWhiteListIpAddress fwlWhiteListIpMask
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlWhiteListIpAddressType
The address type of fwlDefnWhiteListEntry (IPv4/Ipv6)
|
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.10.1.1 |
||||||||||||||
|
fwlWhiteListIpAddress
The IP Address is to be listed as White List.
|
INET-ADDRESS-MIBInetAddress Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.10.1.2 |
||||||||||||||
|
fwlWhiteListIpMask
The IP Subnet mask for the IP address to be added in White List.
|
bitsINET-ADDRESS-MIBInetAddressPrefixLength Textual Convention: INET-ADDRESS-MIBInetAddressPrefixLength Unsigned32Type Constraints: range: 0..2040 |
.1.3.6.1.4.1.2076.16.2.10.1.3 |
||||||||||||||
|
fwlWhiteListHitsCount
The number of times WhiteList is matched while processing
the packet. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.2.10.1.4 |
||||||||||||||
|
fwlWhiteListRowStatus
This object allows entries to be created or deleted in this
Table. The row status values are CREATE_AND_GO and DESTROY. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.10.1.5 |
fwlDefnIPv6DmzTable
table.1.3.6.1.4.1.2076.16.2.11
·
1 row entry
·
3 columns
This table is used for defining the De-Militarized Zone (DMZ)for IPv6. The host/hosts in this zone will have unrestricted access from the public/external network (Internet).
The individual entry in the above table.
Indexes
fwlDmzIpv6Index
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlDmzAddressType
The Address type of the ipv6 DMZ Host.
This object is limited to IPv6 addresses. |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.11.1.1 |
||||||||||||||
|
fwlDmzIpv6Index
The IPv6 Address which the DMZ is to be configured.
|
INET-ADDRESS-MIBInetAddress Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.2076.16.2.11.1.2 |
||||||||||||||
|
fwlDmzIpv6RowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.2.11.1.3 |
fwlStatIfTable
table.1.3.6.1.4.1.2076.16.3.20
·
1 row entry
·
18 columns
This table is used to maintain the statistics of packets per interface.
The individual entry in the above table .
Indexes
fwlStatIfIfIndex
| Column | Syntax | OID | ||||
|---|---|---|---|---|---|---|
|
fwlStatIfIfIndex
The interface number that uniquely identifies an entry in
this table. The value ranges from 1 to 1000. |
Integer32 Constraints: range: 1-1000 |
.1.3.6.1.4.1.2076.16.3.20.1.1 |
||||
|
fwlStatIfFilterCount
The number of filters configured on an interface.
|
SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.4.1.2076.16.3.20.1.2 |
||||
|
fwlStatIfPacketsDenied
The number of packets dropped by the Firewall on
a particular interface. This includes all fragmented packets, non-fragmented packets, packets with IP Options and packets without IP options, etc. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.3 |
||||
|
fwlStatIfPacketsAccepted
The number of packets accepted by the Firewall on
a particular interface. This includes all fragmented packets, non-fragmented packets, packets with IP Options and packets without IP options, etc. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.4 |
||||
|
fwlStatIfSynPacketsDenied
The number of SYN packets denied on a particular interface.
|
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.5 |
||||
|
fwlStatIfIcmpPacketsDenied
The number of ICMP packets rejected by the Firewall
on a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.6 |
||||
|
fwlStatIfIpSpoofedPacketsDenied
The number of packets rejected by the Firewall on
a particular interface due to IP spoofing attack. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.7 |
||||
|
fwlStatIfSrcRoutePacketsDenied
The number of packets rejected by the Firewall on
a particular interface due to Source Routing attack. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.8 |
||||
|
fwlStatIfTinyFragmentPacketsDenied
The number of packets rejected by the Firewall on
a particular interface due to Tiny Fragment attack. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.9 |
||||
|
fwlStatIfFragmentPacketsDenied
The number of fragmented packets rejected by the Firewall
on a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.10 |
||||
|
fwlStatIfIpOptionPacketsDenied
The number of packets with IP options (source routing,
record routing, timestamp) rejected or dropped by the Firewall on a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.11 |
||||
|
fwlStatIfClear
This field is used to clear the statistics of packets
per interface. The default value is 'false'. When this object is set to true , the statistics of packets per interface is cleared and the value is reset to false.… |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.3.20.1.12 |
||||
|
fwlIfTrapThreshold
This Object sets the Interface threshold value such that
traps will be generated when the number of packets denied exceed the given threshold |
Integer32r/w Constraints: range: 50-50000 |
.1.3.6.1.4.1.2076.16.3.20.1.13 |
||||
|
fwlStatIfIPv6PacketsDenied
The number of IPv6 packets dropped by the Firewall on
a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.14 |
||||
|
fwlStatIfIPv6PacketsAccepted
The number of IPv6 packets accepted by the Firewall on
a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.15 |
||||
|
fwlStatIfIPv6IcmpPacketsDenied
The number of ICMPv6 packets rejected by the Firewall
on a particular interface. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.16 |
||||
|
fwlStatIfIPv6SpoofedPacketsDenied
The number of IPv6 spoofed packets rejected by the Firewall on
a particular interface due to spoofing attack. |
SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.2076.16.3.20.1.17 |
||||
|
fwlStatIfClearIPv6
This field is used to clear the statistics of IPv6
packets per interface.The default value is 'false'. When this object is set to true , the statictics for IPv6 packets per interface is cleared and the value is reset … |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.3.20.1.18 |
fwlStateTable
table.1.3.6.1.4.1.2076.16.5.1
·
1 row entry
·
14 columns
This table contains the entries maintained by Firewall during state full inspection of the connections passing through the DUT from LAN to WAN or WAN to LAN.
The individual entry in the above table.
Indexes
fwlStateType fwlStateLocalIpAddrType fwlStateLocalIpAddress fwlStateRemoteIpAddrType fwlStateRemoteIpAddress fwlStateLocalPort fwlStateRemotePort fwlStateProtocol fwlStateDirection
| Column | Syntax | OID | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlStateType
This indicates the type of the the entry present in this
table. There can be state full entries or init flow entries maintained for TCP connections or partial entries created to create pin holes in firewall |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.1 |
||||||||||||||||||||||||||||||
|
fwlStateLocalIpAddrType
Address Family Identifier of the Local address
|
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.2 |
||||||||||||||||||||||||||||||
|
fwlStateLocalIpAddress
The Local Ip Address of the session.
|
OctetString Constraints: range: 1-40 |
.1.3.6.1.4.1.2076.16.5.1.1.3 |
||||||||||||||||||||||||||||||
|
fwlStateRemoteIpAddrType
Address Family Identifier of the remote address
|
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.4 |
||||||||||||||||||||||||||||||
|
fwlStateRemoteIpAddress
The Remote Ip Address of the session.
|
OctetString Constraints: range: 1-40 |
.1.3.6.1.4.1.2076.16.5.1.1.5 |
||||||||||||||||||||||||||||||
|
fwlStateLocalPort
This object identifies the Local Port information of the session
|
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.4.1.2076.16.5.1.1.6 |
||||||||||||||||||||||||||||||
|
fwlStateRemotePort
This object identifies the remote Port information of the session
|
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.4.1.2076.16.5.1.1.7 |
||||||||||||||||||||||||||||||
|
fwlStateProtocol
The type of the protocol of the session.
|
Integer32 Constraints: range: 1-255 |
.1.3.6.1.4.1.2076.16.5.1.1.8 |
||||||||||||||||||||||||||||||
|
fwlStateDirection
The direction of the firewall state session.
|
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.9 |
||||||||||||||||||||||||||||||
|
fwlStateEstablishedTime
The time at which the firewall session has been established.
|
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.4.1.2076.16.5.1.1.10 |
||||||||||||||||||||||||||||||
|
fwlStateLocalState
The state information of the local host. The states
new, established and related are used in stateful table. The other states are used in TCP init flow table. The partial entry table will not maintain the state of the e… |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.11 |
||||||||||||||||||||||||||||||
|
fwlStateRemoteState
The state information of the remote host. The states
new, established and related are used in stateful table. The other states are used in TCP init flow table. The partial entry table will not maitain the state of the e… |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.12 |
||||||||||||||||||||||||||||||
|
fwlStateLogLevel
The logging details of the session.
Definition of Log level (0-3) with 3 being the highest level |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.13 |
||||||||||||||||||||||||||||||
|
fwlStateCallStatus
This object is effective when SIP is enabled.
This indicates the status of the firewall session. The values hold and unhold are effective only for SIP calls. |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.2076.16.5.1.1.14 |
fwlRateLimitTable
table.1.3.6.1.4.1.2076.16.6.1
·
1 row entry
·
7 columns
This table gives information about the rate limiting entries corresponding to Protocol Type TCP/UDP/ICMP and then rate values applied on a particular interface, must be deleted first.
The individual entry in the above table.
Indexes
fwlRateLimitPortIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlRateLimitPortIndex
Configures interface Rate Limit (Packet that can be transferred
on a port at a particular second). This object's value will take effect on the interface speed. Based on the operating speed of the port, th… |
Integer32 Constraints: range: 0-100 |
.1.3.6.1.4.1.2076.16.6.1.1.1 |
||||||||||||
|
fwlRateLimitPortNumber
Configures the Port number for the protocol specified
|
Integer32r/w Constraints: range: 0-1000 |
.1.3.6.1.4.1.2076.16.6.1.1.2 |
||||||||||||
|
fwlRateLimitPortType
Configures the Protocol Type
TCP , UDP ,ICMP |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.6.1.1.3 |
||||||||||||
|
fwlRateLimitValue
Configures interface Rate Limit (Packet that can be transferred
on a port at a particular second). This object's value will take effect on the interface speed. Based on the operating speed of the port, th… |
Integer32r/w Constraints: range: 0-80000000 |
.1.3.6.1.4.1.2076.16.6.1.1.4 |
||||||||||||
|
fwlRateLimitBurstSize
Configures interface Burst Pkt Rate. (Packet Burst that can be
transferred on a port at a particular second) This object's value will take effect on the interface speed. Based on the operating speed of th… |
Integer32r/w Constraints: range: 0-80000000 |
.1.3.6.1.4.1.2076.16.6.1.1.5 |
||||||||||||
|
fwlRateLimitTrafficMode
Configures the Traffic mode
PPS , KBPS ,BPS |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.6.1.1.6 |
||||||||||||
|
fwlRateLimitRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.6.1.1.7 |
fwlSnorkTable
table.1.3.6.1.4.1.2076.16.7.1
·
1 row entry
·
2 columns
This table gives information about the configured ports for snork attack
The individual entry in the above table.
Indexes
fwlSnorkPortNo
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlSnorkPortNo
This mib holds the value of the port for which Snork
is configured |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.4.1.2076.16.7.1.1.1 |
||||||||||||
|
fwlSnorkRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.7.1.1.2 |
fwlRpfTable
table.1.3.6.1.4.1.2076.16.8.1
·
1 row entry
·
3 columns
This table gives information about the configured ports for uRPF attack
The individual entry in the above table.
Indexes
fwlRpfInIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
fwlRpfInIndex
This mib holds the value of the port interface index for which RPF
is configured |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.4.1.2076.16.8.1.1.1 |
||||||||||||
|
fwlRpfMode
This mib holds the value of the uRPF mode either strict or loose
The default value is 'disable'(0). |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.2076.16.8.1.1.2 |
||||||||||||
|
fwlRpfRowStatus
This object allows entries to be created or deleted in this
table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.2076.16.8.1.1.3 |