-- ******************************************************************* -- CISCO-LWAPP-ACL-MIB.my -- August 2006, Sheeba Kamra -- -- Copyright (c) 2005-2006 by Cisco Systems, Inc. -- All rights reserved. -- ******************************************************************* CISCO-LWAPP-ACL-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF DisplayString FROM SNMPv2-TC ciscoMgmt FROM CISCO-SMI; -- ******************************************************************** -- * MODULE IDENTITY -- ******************************************************************** ciscoLwappAclMIB MODULE-IDENTITY LAST-UPDATED "200608290000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight Access Point Protocol tunnel from Light-weight LWAPP Access Points. This MIB provides configuration and status information about the ACLs on the controller. Particularly this mib covers the CPU ACLs for the wireless controllers. Traffic to the controller CPU comes from the NPU (Network Processing Unit). Using CPU ACLs, the user can place restrictions on type of traffic reaching the CPU of the controller from the NPU. CPU ACLs introduce an ACL for the traffic to the CPU of controller. With this ACL the type of packets reaching the CPU can be controlled. The mode of operation is as follows. The administrator designates one ACL for the traffic to the CPU. The ACL kicks in for packets from the NPU to the CPU. Each ACL is an ordered set of rules. If a rule matches then action for that rule is applied to the packet. The decision to send or drop the packet is taken based on the action parameter of the ACL. There will be no ACL for the packets from the CPU to the NPU. GLOSSARY Access Control List ( ACL ) A list of rules used to restrict the traffic reaching an interface or the CPU. Each ACL is an ordered set of rules and actions. If a rule matches then the action for that rule is applied to the packet. Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides acess to the distribution services via the wireless medium for associated clients. CPU ACL ( CPU ACL ) The ACL applied to the CPU. This controls the type of traffic reaching the CPU of the controller. Network Processing Unit ( NPU ) This entity is responsible for forwarding traffic to the CPU. The only exceptions are data coming thorugh the console port and the Service port i.e. these communicate directly with the CPU and not via the NPU. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communciation between the Access Points and the Central Controller. REFERENCE [1] Part 11 Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications. " REVISION "200608290000Z" DESCRIPTION "Moved scalar attributes to claCpuAclTable." REVISION "200607190000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 577 } ciscoLwappAclMIBNotifs OBJECT IDENTIFIER ::= { ciscoLwappAclMIB 0 } ciscoLwappAclMIBObjects OBJECT IDENTIFIER ::= { ciscoLwappAclMIB 1 } ciscoLwappAclMIBConform OBJECT IDENTIFIER ::= { ciscoLwappAclMIB 2 } ciscoLwappCpuAcl OBJECT IDENTIFIER ::= { ciscoLwappAclMIBObjects 1 } claCpuAclTable OBJECT-TYPE SYNTAX SEQUENCE OF ClaCpuAclEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the ACL related parameters on the CPU of the controller. " ::= { ciscoLwappCpuAcl 1 } claCpuAclEntry OBJECT-TYPE SYNTAX ClaCpuAclEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row in this table. For each CPU of the controller, there will be a row. " INDEX { claCpuAclIndex } ::= { claCpuAclTable 1 } ClaCpuAclEntry ::= SEQUENCE { claCpuAclIndex Unsigned32, claCpuAclName DisplayString, claCpuAclPacketApplicability INTEGER } claCpuAclIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies one instance of a CPU on the controller. " ::= { claCpuAclEntry 1 } claCpuAclName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Name of the Access Control List applied to the CPU. The access list to be applied should already exist on the controller. If it is required to remove the ACL for the CPU, this field should be set to an empty string. " ::= { claCpuAclEntry 2 } claCpuAclPacketApplicability OBJECT-TYPE SYNTAX INTEGER { none(1), wired(2), wireless(3), both(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "This indicates whether the CPU ACL applies for only wired(2) packets, only the wireless(3) packets or both(4) types of packets. If there is no ACL applied to the CPU, then this field will be set to none(1) . If earlier there was no ACL applied to the CPU and the user just sets the claCpuAclName attribute, then this field will be set to both(4). " ::= { claCpuAclEntry 3 } -- ******************************************************************** -- * Compliance statements -- ******************************************************************** ciscoLwappAclMIBCompliances OBJECT IDENTIFIER ::= { ciscoLwappAclMIBConform 1 } ciscoLwappAclMIBGroups OBJECT IDENTIFIER ::= { ciscoLwappAclMIBConform 2 } ciscoLwappAclMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappAclMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappCpuAclGroup } ::= { ciscoLwappAclMIBCompliances 1 } -- ******************************************************************** -- * Units of conformance -- ******************************************************************** ciscoLwappCpuAclGroup OBJECT-GROUP OBJECTS { claCpuAclName, claCpuAclPacketApplicability } STATUS current DESCRIPTION "This collection of objects represents the information about the general attributes of CPU ACL." ::= { ciscoLwappAclMIBGroups 1 } END