mirror of
https://github.com/hsnodgrass/snmp_mib_archive.git
synced 2025-04-17 16:03:04 +00:00
1714 lines
58 KiB
Plaintext
1714 lines
58 KiB
Plaintext
-- *****************************************************************
|
|
-- CISCO-IETF-NAT-MIB.my: Ciscoized version of a IETF
|
|
-- Network Address Translation MIB file
|
|
--
|
|
-- July 2001, Sudhindra Barve
|
|
--
|
|
-- Copyright (c) 1999-2001 by cisco Systems, Inc.
|
|
-- All rights reserved.
|
|
--
|
|
-- *****************************************************************
|
|
-- This MIB is based on the NAT-MIB module
|
|
-- defined in Internet Draft:
|
|
-- http://search.ietf.org/internet-drafts/draft-ietf-nat-natmib-00.txt
|
|
--
|
|
-- The NAT-MIB is on track for becoming a
|
|
-- standard NAT MIB with RFC status. Once the RFC MIB is
|
|
-- available, this CISCO MIB module MAY be deprecated.
|
|
--
|
|
|
|
CISCO-IETF-NAT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
Integer32,
|
|
Unsigned32,
|
|
Gauge32,
|
|
Counter32,
|
|
TimeTicks,
|
|
IpAddress,
|
|
mib-2
|
|
FROM SNMPv2-SMI
|
|
MODULE-COMPLIANCE,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
TEXTUAL-CONVENTION,
|
|
StorageType,
|
|
RowStatus
|
|
FROM SNMPv2-TC
|
|
InterfaceIndex
|
|
FROM IF-MIB
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
|
|
ciscoExperiment
|
|
FROM CISCO-SMI;
|
|
|
|
|
|
|
|
ciscoIetfNatMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200103010000Z"
|
|
ORGANIZATION "Cisco Systems, Inc"
|
|
CONTACT-INFO
|
|
" Cisco Systems
|
|
Customer Service
|
|
|
|
Postal: 170 West Tasman Drive
|
|
San Jose, CA 95134
|
|
USA
|
|
|
|
Tel: +1 800 553-NETS
|
|
|
|
E-mail: cs-nat@cisco.com"
|
|
|
|
DESCRIPTION
|
|
"This MIB module defines the generic managed objects
|
|
for NAT."
|
|
REVISION "200103010000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { ciscoExperiment 77 }
|
|
|
|
ciscoNatMIBObjects OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 1 }
|
|
|
|
|
|
-- The Groups
|
|
-- o cnatConfig - Pertaining to NAT configuration information
|
|
-- o cnatBind - Pertaining to the NAT BINDs/sessions.
|
|
-- o cnatStatistics - NAT statistics, other than those maintained
|
|
-- by the Bind and Session tables.
|
|
|
|
cnatConfig OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 1 }
|
|
cnatBind OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 2 }
|
|
cnatStatistics OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 3 }
|
|
|
|
|
|
|
|
-- Textual Conventions
|
|
|
|
NATProtocolType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of protocols that are affected by NAT.
|
|
Inclusion of values is not intended to imply that
|
|
those protocols need be supported."
|
|
SYNTAX INTEGER {
|
|
other (1), -- not specified
|
|
icmp (2),
|
|
udp (3),
|
|
tcp (4)
|
|
}
|
|
|
|
|
|
-- The Configuration Group
|
|
-- The NAT Generic Configuration Table
|
|
|
|
cnatConfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatConfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table specifies the configuration attributes for a
|
|
device supporting NAT function."
|
|
::= { cnatConfig 1 }
|
|
|
|
cnatConfEntry OBJECT-TYPE
|
|
SYNTAX CnatConfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry in the cnatConfTable holds a set of
|
|
configuration parameters associated with an instance
|
|
of NAT.
|
|
Entries in the cnatConfTable are created and deleted
|
|
using the cnatConfStatus object."
|
|
INDEX { IMPLIED cnatConfName }
|
|
::= { cnatConfTable 1 }
|
|
|
|
CnatConfEntry ::= SEQUENCE {
|
|
cnatConfName SnmpAdminString,
|
|
cnatConfServiceType INTEGER,
|
|
cnatConfTimeoutIcmpIdle Integer32,
|
|
cnatConfTimeoutUdpIdle Integer32,
|
|
cnatConfTimeoutTcpIdle Integer32,
|
|
cnatConfTimeoutTcpNeg Integer32,
|
|
cnatConfTimeoutOther Integer32,
|
|
cnatConfMaxBindLeaseTime Integer32,
|
|
cnatConfMaxBindIdleTime Integer32,
|
|
cnatConfStorageType StorageType,
|
|
cnatConfStatus RowStatus
|
|
}
|
|
|
|
cnatConfName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The locally arbitrary, but unique identifier
|
|
associated with this cnatConfEntry."
|
|
::= { cnatConfEntry 1 }
|
|
|
|
cnatConfServiceType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
basicNat (1),
|
|
napt (2),
|
|
bidirectionalNat (3),
|
|
twiceNat (4),
|
|
multihomedNat (5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An indication of the direction in which new sessions
|
|
are permitted and the extent of translation done within
|
|
the IP and transport headers."
|
|
::= { cnatConfEntry 2 }
|
|
|
|
cnatConfTimeoutIcmpIdle OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of time for which an ICMP protocol session,
|
|
associated with this configuration, is allowed to remain
|
|
valid without any activity."
|
|
-- 1 minute
|
|
DEFVAL { 60 }
|
|
::= { cnatConfEntry 3 }
|
|
|
|
|
|
cnatConfTimeoutUdpIdle OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of time for which a UDP protocol session,
|
|
associated with this configuration, is allowed to remain
|
|
valid without any activity."
|
|
-- 5 minutes
|
|
DEFVAL { 300 }
|
|
::= { cnatConfEntry 4 }
|
|
|
|
cnatConfTimeoutTcpIdle OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of time for which a TCP protocol session,
|
|
associated with this configuration, is allowed to remain
|
|
valid without any activity. This timeout value applies
|
|
to a TCP session during its data transfer phase."
|
|
-- 24 hours
|
|
DEFVAL { 86400 }
|
|
::= { cnatConfEntry 5 }
|
|
|
|
cnatConfTimeoutTcpNeg OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of time for which a TCP protocol session,
|
|
associated with this configuration, is allowed to remain
|
|
valid without any activity. This timeout value applies
|
|
to a TCP session during its establishment and termination
|
|
phases."
|
|
-- 1 minute
|
|
DEFVAL { 60 }
|
|
::= { cnatConfEntry 6 }
|
|
|
|
cnatConfTimeoutOther OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of time for which a protocol session
|
|
other than ICMP, UDP and TCP, associated with this
|
|
configuration, is allowed to remain valid, without
|
|
any activity."
|
|
::= { cnatConfEntry 7 }
|
|
|
|
cnatConfMaxBindLeaseTime OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum lease time for the BIND, associated with
|
|
this configuration. Unless the lease time is renewed, a
|
|
BIND will not be valid past the lease time. As a special
|
|
case, a value of 0 may be assumed to indicate no lease
|
|
time limit. Typically, this attribute is of relevance
|
|
only in conjunction with Realm-Specific-IP (RSIP)
|
|
operation."
|
|
DEFVAL { 0 }
|
|
::= { cnatConfEntry 8 }
|
|
|
|
cnatConfMaxBindIdleTime OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum time, associated with this configuration,
|
|
to allow a dynamic BIND to remain valid with no NAT
|
|
session hanging off this BIND. By default for NATIVE
|
|
NAT maximum Idle time is 0. External agents could
|
|
control this parameter differently. Static Binds and
|
|
lease time limited BINDs are not affected by this
|
|
parameter."
|
|
DEFVAL { 0 }
|
|
::= { cnatConfEntry 9 }
|
|
|
|
cnatConfStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for this conceptual row."
|
|
REFERENCE
|
|
"Textual Conventions for SMIv2, Section 2."
|
|
DEFVAL { nonVolatile }
|
|
::= { cnatConfEntry 10 }
|
|
|
|
cnatConfStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row."
|
|
::= { cnatConfEntry 11 }
|
|
|
|
|
|
-- The Static Address Map Table
|
|
|
|
cnatConfStaticAddrMapTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatConfStaticAddrMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists configuration for static NAT
|
|
entries. This table has an expansion dependent
|
|
relationship on the cnatConfTable. When an SNMP entity
|
|
deletes a conceptual row from the cnatConfTable, then
|
|
the corresponding entries are deleted from
|
|
cnatConfStaticAddrMapTable."
|
|
::= { cnatConfig 2 }
|
|
|
|
cnatConfStaticAddrMapEntry OBJECT-TYPE
|
|
SYNTAX CnatConfStaticAddrMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A description of a static NAT entry. This entry
|
|
contributes to the static NAT table of the device."
|
|
INDEX { cnatConfName, cnatConfStaticAddrMapName }
|
|
::= { cnatConfStaticAddrMapTable 1 }
|
|
|
|
CnatConfStaticAddrMapEntry ::= SEQUENCE {
|
|
cnatConfStaticAddrMapName SnmpAdminString,
|
|
cnatConfStaticAddrMapType INTEGER,
|
|
cnatConfStaticLocalAddrFrom IpAddress,
|
|
cnatConfStaticLocalAddrTo IpAddress,
|
|
cnatConfStaticLocalPortFrom Integer32,
|
|
cnatConfStaticLocalPortTo Integer32,
|
|
cnatConfStaticGlobalAddrFrom IpAddress,
|
|
cnatConfStaticGlobalAddrTo IpAddress,
|
|
cnatConfStaticGlobalPortFrom Integer32,
|
|
cnatConfStaticGlobalPortTo Integer32,
|
|
cnatConfStaticProtocol BITS,
|
|
cnatConfStaticAddrMapStorageType StorageType,
|
|
cnatConfStaticAddrMapStatus RowStatus
|
|
}
|
|
|
|
cnatConfStaticAddrMapName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary, but unique identifier associated with this
|
|
cnatConfStaticAddrMapEntry. The value of this object is
|
|
unique across both the static address map and the dynamic
|
|
address map tables."
|
|
::= { cnatConfStaticAddrMapEntry 1 }
|
|
|
|
|
|
|
|
cnatConfStaticAddrMapType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inbound (1),
|
|
outbound (2),
|
|
both (3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Address (and Transport-ID) maps may be defined for both
|
|
inbound and outbound direction. Outbound address map
|
|
refers to mapping a selected set of addresses from
|
|
private realm to a selected set of addresses in external
|
|
realm; whereas inbound address map refers to mapping a
|
|
set of addresses from the external realm to private
|
|
realm."
|
|
::= { cnatConfStaticAddrMapEntry 2 }
|
|
|
|
cnatConfStaticLocalAddrFrom OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the first IP address of the range
|
|
of IP addresses mapped by this translation entry."
|
|
::= { cnatConfStaticAddrMapEntry 3 }
|
|
|
|
cnatConfStaticLocalAddrTo OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the last IP address of the range of
|
|
IP addresses mapped by this translation entry. If only
|
|
a single address being mapped, the value of this object
|
|
is equal to the value of cnatConfStaticLocalAddrFrom. The
|
|
number addresses in the range defined by
|
|
cnatConfStaticLocalAddrFrom and cnatConfStaticLocalAddrTo
|
|
should be equal to the number of addresses in the range
|
|
defined by cnatConfStaticGlobalAddrFrom and
|
|
cnatConfStaticGlobalAddrTo."
|
|
::= { cnatConfStaticAddrMapEntry 4 }
|
|
|
|
|
|
|
|
cnatConfStaticLocalPortFrom OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the first port number in the range of ports being
|
|
mapped. If the translation specifies a single port, then
|
|
the value of this object is equal to the value of
|
|
cnatConfStaticLocalPortTo."
|
|
::= { cnatConfStaticAddrMapEntry 5 }
|
|
|
|
cnatConfStaticLocalPortTo OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the last port number in the range of ports being mapped.
|
|
If the translation specifies a single port, then the
|
|
value of this object is equal to the value of
|
|
cnatConfStaticLocalPortFrom."
|
|
::= { cnatConfStaticAddrMapEntry 6 }
|
|
|
|
cnatConfStaticGlobalAddrFrom OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the first IP address of the range of
|
|
IP addresses being mapped to."
|
|
::= { cnatConfStaticAddrMapEntry 7 }
|
|
|
|
cnatConfStaticGlobalAddrTo OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the last IP address of the range of
|
|
IP addresses being mapped to. If only a single address is
|
|
being mapped to, the value of this object is equal to the
|
|
value of cnatConfStaticGlobalAddrFrom.The number addresses
|
|
in the range defined by cnatConfStaticGlobalAddrFrom and
|
|
cnatConfStaticGlobalAddrTo should be equal to the number
|
|
of addresses in the range defined by
|
|
cnatConfStaticLocalAddrFrom and
|
|
cnatConfStaticLocalAddrTo. "
|
|
::= { cnatConfStaticAddrMapEntry 8 }
|
|
|
|
cnatConfStaticGlobalPortFrom OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the first port number in the range of ports being mapped
|
|
to. If the translation specifies a single port, then the
|
|
value of this object is equal to the value
|
|
cnatConfStaticGlobalPortTo."
|
|
::= { cnatConfStaticAddrMapEntry 9 }
|
|
|
|
cnatConfStaticGlobalPortTo OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual describes
|
|
NAPT, then the value of this object specifies the last
|
|
port number in the range of ports being to. If the
|
|
translation specifies a single port, then the value of
|
|
this object is equal to the value of
|
|
cnatConfStaticGlobalPortFrom."
|
|
::= { cnatConfStaticAddrMapEntry 10 }
|
|
|
|
cnatConfStaticProtocol OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
all (0),
|
|
other (1),
|
|
icmp (2),
|
|
udp (3),
|
|
tcp (4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies a protocol identifier. If the
|
|
value of this object is '0', then this basic NAT entry
|
|
applies to all IP traffic. If the value of this object
|
|
is non-zero, then this NAT entry only applies to IP
|
|
traffic with the specified protocol."
|
|
::= { cnatConfStaticAddrMapEntry 11 }
|
|
|
|
cnatConfStaticAddrMapStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for this conceptual row."
|
|
REFERENCE
|
|
"Textual Conventions for SMIv2, Section 2."
|
|
DEFVAL { nonVolatile }
|
|
::= { cnatConfStaticAddrMapEntry 12 }
|
|
|
|
cnatConfStaticAddrMapStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row.
|
|
|
|
To create a row in this table, a manager must set this
|
|
object to either createAndGo(4) or createAndWait(5)."
|
|
::= { cnatConfStaticAddrMapEntry 13 }
|
|
|
|
|
|
-- The Dynamic Address Map Table
|
|
|
|
cnatConfDynAddrMapTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatConfDynAddrMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists dynamic NAT entries. This table has an
|
|
expansion dependent relationship on the cnatConfTable.
|
|
When an SNMP entity deletes a conceptual row from the
|
|
cnatConfTable, then the corresponding entries are deleted
|
|
from cnatConfDynAddrMapTable."
|
|
::= { cnatConfig 3 }
|
|
|
|
cnatConfDynAddrMapEntry OBJECT-TYPE
|
|
SYNTAX CnatConfDynAddrMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A description of a dynamic NAT entry. This entry
|
|
contributes to the dynamic NAT table of the device."
|
|
INDEX { cnatConfName, cnatConfDynAddrMapName }
|
|
::= { cnatConfDynAddrMapTable 1 }
|
|
|
|
CnatConfDynAddrMapEntry ::= SEQUENCE {
|
|
cnatConfDynAddrMapName SnmpAdminString,
|
|
cnatConfDynAddressMapType INTEGER,
|
|
cnatConfDynLocalAddrFrom IpAddress,
|
|
cnatConfDynLocalAddrTo IpAddress,
|
|
cnatConfDynLocalPortFrom Integer32,
|
|
cnatConfDynLocalPortTo Integer32,
|
|
cnatConfDynGlobalAddrFrom IpAddress,
|
|
cnatConfDynGlobalAddrTo IpAddress,
|
|
cnatConfDynGlobalPortFrom Integer32,
|
|
cnatConfDynGlobalPortTo Integer32,
|
|
cnatConfDynProtocol BITS,
|
|
cnatConfDynAddrMapStorageType StorageType,
|
|
cnatConfDynAddrMapStatus RowStatus
|
|
}
|
|
|
|
cnatConfDynAddrMapName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary, but unique identifier associated with this
|
|
cnatConfDynAddrMapEntry. The value of this object is
|
|
unique across both the static address map and the dynamic
|
|
address map tables."
|
|
::= { cnatConfDynAddrMapEntry 1 }
|
|
|
|
cnatConfDynAddressMapType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inbound (1),
|
|
outbound (2),
|
|
both (3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Address (and Transport-ID) maps may be defined for both
|
|
inbound and outbound direction. Outbound address map
|
|
refers to mapping a selected set of addresses from
|
|
private realm to a selected set of addresses in external
|
|
realm; whereas inbound address map refers to mapping a
|
|
set of addresses from the external realm to private
|
|
realm."
|
|
::= { cnatConfDynAddrMapEntry 2 }
|
|
|
|
cnatConfDynLocalAddrFrom OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the first IP address of the range
|
|
of IP addresses mapped by this translation entry."
|
|
::= { cnatConfDynAddrMapEntry 3 }
|
|
|
|
cnatConfDynLocalAddrTo OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the last IP address of the range of
|
|
IP addresses mapped by this translation entry."
|
|
::= { cnatConfDynAddrMapEntry 4 }
|
|
|
|
cnatConfDynLocalPortFrom OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the first port number in the range of ports being mapped.
|
|
If the translation specifies a single port, then the
|
|
value of this object is equal to the value of
|
|
cnatConfDynLocalPortTo."
|
|
::= { cnatConfDynAddrMapEntry 5 }
|
|
|
|
cnatConfDynLocalPortTo OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the last port number in the range of ports being mapped.
|
|
If the translation specifies a single port, then the
|
|
value of this object is equal to the value of
|
|
cnatConfDynLocalPortFrom."
|
|
::= { cnatConfDynAddrMapEntry 6 }
|
|
|
|
cnatConfDynGlobalAddrFrom OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the first IP address of the range
|
|
of IP addresses being mapped to."
|
|
::= { cnatConfDynAddrMapEntry 7 }
|
|
|
|
cnatConfDynGlobalAddrTo OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the last IP address of the range of
|
|
IP addresses being mapped to."
|
|
::= { cnatConfDynAddrMapEntry 8 }
|
|
|
|
cnatConfDynGlobalPortFrom OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the first port number in the range of ports being mapped
|
|
to. If the translation specifies a single port, then the
|
|
value of this object is equal to the value of
|
|
cnatConfDynGlobalPortTo."
|
|
::= { cnatConfDynAddrMapEntry 9 }
|
|
|
|
|
|
cnatConfDynGlobalPortTo OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this conceptual row describes a basic NAT, then the
|
|
value of this object is '0'. If this conceptual row
|
|
describes NAPT, then the value of this object specifies
|
|
the last port number in the range of ports being mapped
|
|
to. If the translation specifies a single port, then the
|
|
value of this object is equal to the value of
|
|
cnatConfDynGlobalPortFrom."
|
|
::= { cnatConfDynAddrMapEntry 10 }
|
|
|
|
cnatConfDynProtocol OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
all (0),
|
|
other (1),
|
|
icmp (2),
|
|
udp (3),
|
|
tcp (4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies a protocol identifier. If the
|
|
value of this object is '0', then this basic NAT entry
|
|
applies to all IP traffic. If the value of this object is
|
|
non-zero, then this NAT entry only applies to IP traffic
|
|
with the specified protocol."
|
|
::= { cnatConfDynAddrMapEntry 11 }
|
|
|
|
cnatConfDynAddrMapStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for this conceptual row."
|
|
REFERENCE
|
|
"Textual Conventions for SMIv2, Section 2."
|
|
DEFVAL { nonVolatile }
|
|
::= { cnatConfDynAddrMapEntry 12 }
|
|
|
|
cnatConfDynAddrMapStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row.
|
|
|
|
To create a row in this table, a manager must set this
|
|
object to either createAndGo(4) or createAndWait(5)."
|
|
::= { cnatConfDynAddrMapEntry 13 }
|
|
|
|
-- NAT Interface Table
|
|
|
|
cnatInterfaceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table holds information regarding the interface
|
|
on which NAT is enabled."
|
|
::= { cnatConfig 4 }
|
|
|
|
cnatInterfaceEntry OBJECT-TYPE
|
|
SYNTAX CnatInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry in the NAT Interface Table holds
|
|
information regarding an interface on which NAT is
|
|
enabled."
|
|
INDEX { cnatInterfaceIndex }
|
|
::= { cnatInterfaceTable 1 }
|
|
|
|
CnatInterfaceEntry ::= SEQUENCE {
|
|
cnatInterfaceIndex InterfaceIndex,
|
|
cnatInterfaceRealm INTEGER,
|
|
cnatInterfaceStorageType StorageType,
|
|
cnatInterfaceStatus RowStatus
|
|
}
|
|
|
|
cnatInterfaceIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ifIndex of the interface on which NAT is enabled."
|
|
::= { cnatInterfaceEntry 1 }
|
|
|
|
cnatInterfaceRealm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
private (1),
|
|
public (2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies whether this interface is
|
|
connected to the private or the public realm."
|
|
DEFVAL { public }
|
|
::= { cnatInterfaceEntry 2 }
|
|
|
|
cnatInterfaceStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for this conceptual row."
|
|
REFERENCE
|
|
"Textual Conventions for SMIv2, Section 2."
|
|
DEFVAL { nonVolatile }
|
|
::= { cnatInterfaceEntry 3 }
|
|
|
|
cnatInterfaceStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Status of NAT on this interface. An active status
|
|
indicates that NAT is enabled on this interface."
|
|
::= { cnatInterfaceEntry 4 }
|
|
|
|
|
|
-- The BIND Group
|
|
|
|
-- Address Bind section
|
|
|
|
cnatAddrBindNumberOfEntries OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object maintains a count of the number of entries
|
|
that currently exist in the cnatAddrBindTable."
|
|
::= { cnatBind 1 }
|
|
|
|
-- The NAT Address BIND Table
|
|
|
|
cnatAddrBindTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatAddrBindEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table holds information about the currently
|
|
active NAT BINDs."
|
|
::= { cnatBind 2 }
|
|
|
|
cnatAddrBindEntry OBJECT-TYPE
|
|
SYNTAX CnatAddrBindEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry in the NAT BIND table holds information
|
|
about a NAT BIND that is currently active."
|
|
INDEX { cnatAddrBindLocalAddr }
|
|
::= { cnatAddrBindTable 1 }
|
|
|
|
CnatAddrBindEntry ::= SEQUENCE {
|
|
cnatAddrBindLocalAddr IpAddress,
|
|
cnatAddrBindGlobalAddr IpAddress,
|
|
cnatAddrBindId Unsigned32,
|
|
cnatAddrBindDirection INTEGER,
|
|
cnatAddrBindType INTEGER,
|
|
cnatAddrBindConfName SnmpAdminString,
|
|
cnatAddrBindSessionCount Gauge32,
|
|
cnatAddrBindCurrentIdleTime TimeTicks,
|
|
cnatAddrBindInTranslate Counter32,
|
|
cnatAddrBindOutTranslate Counter32
|
|
}
|
|
|
|
cnatAddrBindLocalAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the private-realm specific network
|
|
layer address, which maps to the public-realm address
|
|
represented by cnatAddrBindGlobalAddr."
|
|
::= { cnatAddrBindEntry 1 }
|
|
|
|
cnatAddrBindGlobalAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the public-realm network layer
|
|
address that maps to the private-realm network layer
|
|
address represented by cnatAddrBindLocalAddr."
|
|
::= { cnatAddrBindEntry 2 }
|
|
|
|
cnatAddrBindId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents a BIND id that is dynamically
|
|
assigned to each BIND by a NAT enabled device. Each
|
|
BIND is represented by a unique BIND id across both,
|
|
the Address bind and Address-Port bind tables."
|
|
::= { cnatAddrBindEntry 3 }
|
|
|
|
cnatAddrBindDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
uniDirectional (1),
|
|
biDirectional (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the direction of the BIND. A
|
|
BIND may be either uni-directional or bi-directional,
|
|
same as the orientation of the address map, based on
|
|
which this bind is formed. The direction of this bind
|
|
is with reference to the private realm."
|
|
::= { cnatAddrBindEntry 4 }
|
|
|
|
cnatAddrBindType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
static (1),
|
|
dynamic (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the BIND is static or
|
|
dynamic."
|
|
::= { cnatAddrBindEntry 5 }
|
|
|
|
cnatAddrBindConfName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is a pointer to the cnatConfTable entry (and
|
|
the parameters of that entry) which was used in creating
|
|
this BIND."
|
|
::= { cnatAddrBindEntry 6 }
|
|
|
|
cnatAddrBindSessionCount OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of sessions currently using this BIND."
|
|
::= { cnatAddrBindEntry 7 }
|
|
|
|
cnatAddrBindCurrentIdleTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"At any given instance of time, this object indicates the
|
|
time that this BIND has been idle with no sessions
|
|
attached to it. The value represented by this object is
|
|
of relevance only when the value of Maximum Idle time
|
|
(cnatConfMaxBindIdleTime) is non-zero."
|
|
::= { cnatAddrBindEntry 8 }
|
|
|
|
cnatAddrBindInTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of inbound packets that were translated as per
|
|
this BIND entry."
|
|
::= { cnatAddrBindEntry 9 }
|
|
|
|
cnatAddrBindOutTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of outbound packets that were translated as
|
|
per this BIND entry."
|
|
::= { cnatAddrBindEntry 10 }
|
|
|
|
-- Address-Port Bind section
|
|
|
|
cnatAddrPortBindNumberOfEntries OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object maintains a count of the number of entries
|
|
that currently exist in the cnatAddrPortBindTable."
|
|
::= { cnatBind 3 }
|
|
|
|
-- The NAT Address-Port BIND Table
|
|
|
|
cnatAddrPortBindTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatAddrPortBindEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table holds information about the currently
|
|
active NAPT BINDs."
|
|
::= { cnatBind 4 }
|
|
|
|
cnatAddrPortBindEntry OBJECT-TYPE
|
|
SYNTAX CnatAddrPortBindEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry in the this table holds information
|
|
a NAPT BIND that is currently active."
|
|
INDEX { cnatAddrPortBindLocalAddr, cnatAddrPortBindLocalPort,
|
|
cnatAddrPortBindProtocol }
|
|
::= { cnatAddrPortBindTable 1 }
|
|
|
|
CnatAddrPortBindEntry ::= SEQUENCE {
|
|
cnatAddrPortBindLocalAddr IpAddress,
|
|
cnatAddrPortBindLocalPort Integer32,
|
|
cnatAddrPortBindProtocol BITS,
|
|
cnatAddrPortBindGlobalAddr IpAddress,
|
|
cnatAddrPortBindGlobalPort Integer32,
|
|
cnatAddrPortBindId Unsigned32,
|
|
cnatAddrPortBindDirection INTEGER,
|
|
cnatAddrPortBindType INTEGER,
|
|
cnatAddrPortBindConfName SnmpAdminString,
|
|
cnatAddrPortBindSessionCount Gauge32,
|
|
cnatAddrPortBindCurrentIdleTime TimeTicks,
|
|
cnatAddrPortBindInTranslate Counter32,
|
|
cnatAddrPortBindOutTranslate Counter32
|
|
}
|
|
|
|
cnatAddrPortBindLocalAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the private-realm specific network
|
|
layer address which, in conjunction with
|
|
cnatAddrPortBindLocalPort, maps to the public-realm
|
|
network layer address and transport id represented by
|
|
cnatAddrPortBindGlobalAddr and cnatAddrPortBindGlobalPort
|
|
respectively."
|
|
::= { cnatAddrPortBindEntry 1 }
|
|
|
|
cnatAddrPortBindLocalPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the private-realm specific port
|
|
number (or query ID in case of ICMP messages) which, in
|
|
conjunction with cnatAddrPortBindLocalAddr, maps to the
|
|
public-realm network layer address and transport id
|
|
represented by cnatAddrPortBindGlobalAddr and
|
|
cnatAddrPortBindGlobalPort respectively."
|
|
::= { cnatAddrPortBindEntry 2 }
|
|
|
|
cnatAddrPortBindProtocol OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
all (0),
|
|
other (1),
|
|
icmp (2),
|
|
udp (3),
|
|
tcp (4)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies a protocol identifier. If the
|
|
value of this object is '0', then this BIND entry
|
|
applies to all IP traffic. If the value of this object is
|
|
non-zero, then this NAT entry only applies to IP traffic
|
|
with the specified protocol."
|
|
::= { cnatAddrPortBindEntry 3 }
|
|
|
|
cnatAddrPortBindGlobalAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the public-realm specific network
|
|
layer address that, in conjunction with
|
|
cnatAddrPortBindGlobalPort, maps to the private-realm
|
|
network layer address and transport id represented by
|
|
cnatAddrPortBindLocalAddr and cnatAddrPortBindLocalPort
|
|
respectively."
|
|
::= { cnatAddrPortBindEntry 4 }
|
|
|
|
cnatAddrPortBindGlobalPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the port number (or query id in
|
|
case of ICMP) that, in conjunction with
|
|
cnatAddrPortBindGlobalAddr, maps to the private-realm
|
|
network layer address and transport id represented by
|
|
cnatAddrPortBindLocalAddr and cnatAddrPortBindLocalPort
|
|
respectively."
|
|
::= { cnatAddrPortBindEntry 5 }
|
|
|
|
cnatAddrPortBindId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents a BIND id that is dynamically
|
|
assigned to each BIND by a NAT enabled device. Each
|
|
BIND is represented by a unique BIND id across both,
|
|
the Address Bind and Address-Port Bind tables."
|
|
::= { cnatAddrPortBindEntry 6 }
|
|
|
|
cnatAddrPortBindDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
uniDirectional (1),
|
|
biDirectional (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the direction of the BIND. A
|
|
BIND may be either uni-directional or bi-directional,
|
|
same as the orientation of the address map, based on
|
|
which this bind is formed. The direction of this bind
|
|
is with reference to the private realm."
|
|
::= { cnatAddrPortBindEntry 7 }
|
|
|
|
cnatAddrPortBindType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
static (1),
|
|
dynamic (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the BIND is static or
|
|
dynamic."
|
|
::= { cnatAddrPortBindEntry 8 }
|
|
|
|
cnatAddrPortBindConfName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is a pointer to the cnatConfTable entry (and
|
|
the parameters of that entry) which was used in creating
|
|
this BIND."
|
|
::= { cnatAddrPortBindEntry 9 }
|
|
|
|
cnatAddrPortBindSessionCount OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of sessions currently using this BIND."
|
|
::= { cnatAddrPortBindEntry 10 }
|
|
|
|
cnatAddrPortBindCurrentIdleTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"At any given instance of time, this object indicates the
|
|
time that this BIND has been idle with no sessions
|
|
attached to it. The value represented by this object is
|
|
of relevance only when the value of Maximum Idle time
|
|
(cnatConfMaxBindIdleTime) is non-zero."
|
|
::= { cnatAddrPortBindEntry 11 }
|
|
|
|
cnatAddrPortBindInTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of inbound packets that were translated as per
|
|
this BIND entry."
|
|
::= { cnatAddrPortBindEntry 12 }
|
|
|
|
cnatAddrPortBindOutTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of outbound packets that were translated as per
|
|
this BIND entry."
|
|
::= { cnatAddrPortBindEntry 13 }
|
|
|
|
|
|
-- The Session Table
|
|
|
|
cnatSessionTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table containing one entry for each
|
|
NAT session currently active on this NAT device."
|
|
::= { cnatBind 5 }
|
|
|
|
cnatSessionEntry OBJECT-TYPE
|
|
SYNTAX CnatSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) containing information
|
|
about an active NAT session on this NAT device."
|
|
INDEX { cnatSessionBindId, cnatSessionId }
|
|
::= { cnatSessionTable 1 }
|
|
|
|
CnatSessionEntry ::= SEQUENCE {
|
|
cnatSessionBindId Unsigned32,
|
|
cnatSessionId Unsigned32,
|
|
cnatSessionDirection INTEGER,
|
|
cnatSessionUpTime TimeTicks,
|
|
cnatSessionProtocolType NATProtocolType,
|
|
cnatSessionOrigPrivateAddr IpAddress,
|
|
cnatSessionTransPrivateAddr IpAddress,
|
|
cnatSessionOrigPrivatePort Integer32,
|
|
cnatSessionTransPrivatePort Integer32,
|
|
cnatSessionOrigPublicAddr IpAddress,
|
|
cnatSessionTransPublicAddr IpAddress,
|
|
cnatSessionOrigPublicPort Integer32,
|
|
cnatSessionTransPublicPort Integer32,
|
|
cnatSessionCurrentIdletime TimeTicks,
|
|
cnatSessionSecondBindId Unsigned32,
|
|
cnatSessionInTranslate Counter32,
|
|
cnatSessionOutTranslate Counter32
|
|
}
|
|
|
|
cnatSessionBindId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents a BIND id that is dynamically
|
|
assigned to each BIND by a NAT enabled device. This
|
|
bind id is that same as represented by the BindId
|
|
objects in the Address bind and Address-Port bind
|
|
tables."
|
|
::= { cnatSessionEntry 1 }
|
|
|
|
cnatSessionId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The session ID for this NAT session."
|
|
::= { cnatSessionEntry 2 }
|
|
|
|
cnatSessionDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inbound (1),
|
|
outbound (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of this session with respect to the
|
|
local network. 'inbound' indicates that this session
|
|
was initiated from the public network into the private
|
|
network. 'outbound' indicates that this session was
|
|
initiated from the private network into the public
|
|
network."
|
|
::= { cnatSessionEntry 3 }
|
|
|
|
cnatSessionUpTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The up time of this session in one-hundredths of a
|
|
second."
|
|
::= { cnatSessionEntry 4 }
|
|
|
|
cnatSessionProtocolType OBJECT-TYPE
|
|
SYNTAX NATProtocolType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol type of this session.
|
|
|
|
TCP and UDP sessions are uniquely identified by the
|
|
tuple of (source IP address, source UDP/TCP port,
|
|
destination IP address, destination TCP/UCP port).
|
|
ICMP query sessions are identified by the tuple of
|
|
(source IP address, ICMP query ID, destination IP
|
|
address)."
|
|
::= { cnatSessionEntry 5 }
|
|
|
|
cnatSessionOrigPrivateAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The original IP address of the session endpoint that
|
|
lies in the private network."
|
|
::= { cnatSessionEntry 6 }
|
|
|
|
cnatSessionTransPrivateAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The translated IP address of the session endpoint that
|
|
lies in the private network. The value of this object
|
|
is equal to that of the original public IP Address
|
|
(cnatSessionOrigPrivateAddr) when there is no
|
|
translation."
|
|
::= { cnatSessionEntry 7 }
|
|
|
|
cnatSessionOrigPrivatePort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The original transport port of the session endpoint that
|
|
belongs to the private network. If this is an ICMP session
|
|
then the value is the ICMP request ID."
|
|
::= { cnatSessionEntry 8 }
|
|
|
|
cnatSessionTransPrivatePort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The translated transport port of the session that lies in
|
|
the private network. The value of this object is equal to
|
|
that of the original transport port
|
|
(cnatSessionOrigPrivatePort) when there is no translation."
|
|
|
|
::= { cnatSessionEntry 9 }
|
|
|
|
cnatSessionOrigPublicAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The original IP address of the session endpoint that lies
|
|
in the public network."
|
|
::= { cnatSessionEntry 10 }
|
|
|
|
cnatSessionTransPublicAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The translated IP address of the session endpoint that
|
|
belongs to the public network. The value of this object
|
|
is equal to that of the original public IP Address
|
|
(cnatSessionOrigPublicAddr) when there is no
|
|
translation."
|
|
::= { cnatSessionEntry 11 }
|
|
|
|
cnatSessionOrigPublicPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The original transport port of the session endpoint that
|
|
belongs to the public network. If this is an ICMP
|
|
session then the value contains the ICMP request ID."
|
|
::= { cnatSessionEntry 12 }
|
|
|
|
cnatSessionTransPublicPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The translated transport port of the session endpoint
|
|
that belongs to the public network. The value of this
|
|
object is equal to that of the original transport port
|
|
(cnatSessionOrigPublicPort) when there is no
|
|
translation."
|
|
::= { cnatSessionEntry 13 }
|
|
|
|
cnatSessionCurrentIdletime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time in one-hundredths of a second since a packet
|
|
belonging to this session was last detected."
|
|
::= { cnatSessionEntry 14 }
|
|
|
|
cnatSessionSecondBindId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The natBindId of the 'other' NAT binding incase of Twice
|
|
NAT. An instance of this object contains a valid value
|
|
only if the binding type for this session is TwiceNAT."
|
|
::= { cnatSessionEntry 15 }
|
|
|
|
cnatSessionInTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of inbound packets that were translated by
|
|
this session."
|
|
::= { cnatSessionEntry 16 }
|
|
|
|
cnatSessionOutTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of outbound packets that were translated by
|
|
this session."
|
|
::= { cnatSessionEntry 17 }
|
|
|
|
-- The Statistics Group
|
|
|
|
-- The Protocol Stats table
|
|
|
|
cnatProtocolStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatProtocolStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table containing per protocol NAT
|
|
statistics."
|
|
::= { cnatStatistics 1 }
|
|
|
|
cnatProtocolStatsEntry OBJECT-TYPE
|
|
SYNTAX CnatProtocolStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) containing NAT statistics
|
|
pertaining to a particular protocol."
|
|
INDEX { cnatProtocolStatsName }
|
|
::= { cnatProtocolStatsTable 1 }
|
|
|
|
CnatProtocolStatsEntry ::= SEQUENCE {
|
|
cnatProtocolStatsName NATProtocolType,
|
|
cnatProtocolStatsInTranslate Counter32,
|
|
cnatProtocolStatsOutTranslate Counter32,
|
|
cnatProtocolStatsRejectCount Counter32
|
|
}
|
|
|
|
cnatProtocolStatsName OBJECT-TYPE
|
|
SYNTAX NATProtocolType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the protocol pertaining to which
|
|
statistics are reported."
|
|
::= { cnatProtocolStatsEntry 1 }
|
|
|
|
cnatProtocolStatsInTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of inbound packets, pertaining to the protocol
|
|
identified by cnatProtocolStatsName, that underwent NAT."
|
|
::= { cnatProtocolStatsEntry 2 }
|
|
|
|
cnatProtocolStatsOutTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of outbound packets, pertaining to the protocol
|
|
identified by cnatProtocolStatsName, that underwent NAT."
|
|
::= { cnatProtocolStatsEntry 3 }
|
|
|
|
cnatProtocolStatsRejectCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets, pertaining to the protocol
|
|
identified by cnatProtocolStatsName, that had to be
|
|
rejected/dropped due to lack of resources. These
|
|
rejections could be due to session timeout, resource
|
|
unavailability etc."
|
|
::= { cnatProtocolStatsEntry 4 }
|
|
|
|
-- The Address Map Stats table
|
|
|
|
cnatAddrMapStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatAddrMapStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table containing per address map NAT
|
|
statistics."
|
|
::= { cnatStatistics 2 }
|
|
|
|
cnatAddrMapStatsEntry OBJECT-TYPE
|
|
SYNTAX CnatAddrMapStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) containing NAT statistics per
|
|
address map."
|
|
INDEX { cnatAddrMapStatsConfName, cnatAddrMapStatsMapName }
|
|
::= { cnatAddrMapStatsTable 1 }
|
|
|
|
CnatAddrMapStatsEntry ::= SEQUENCE {
|
|
cnatAddrMapStatsConfName SnmpAdminString,
|
|
cnatAddrMapStatsMapName SnmpAdminString,
|
|
cnatAddrMapStatsInTranslate Counter32,
|
|
cnatAddrMapStatsOutTranslate Counter32,
|
|
cnatAddrMapStatsNoResource Counter32,
|
|
cnatAddrMapStatsAddrUsed Gauge32
|
|
}
|
|
|
|
cnatAddrMapStatsConfName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the configuration (from the cnatConfTable),
|
|
regarding which statistics are being reported. The
|
|
configuration name along with Map name uniquely
|
|
identifies an entry across both (static and dynamic)
|
|
Address Map tables."
|
|
::= { cnatAddrMapStatsEntry 1 }
|
|
|
|
cnatAddrMapStatsMapName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the Address Map (from the
|
|
cnatConfStaticAddrMapTable/cnatConfDynAddrMapTable),
|
|
regarding which statistics are being reported. The
|
|
configuration name along with Map name uniquely
|
|
identifies an entry across both (static and dynamic)
|
|
Address Map tables."
|
|
::= { cnatAddrMapStatsEntry 2 }
|
|
|
|
cnatAddrMapStatsInTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of inbound packets, pertaining to this address
|
|
map entry, that were translated."
|
|
::= { cnatAddrMapStatsEntry 3 }
|
|
|
|
cnatAddrMapStatsOutTranslate OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of outbound packets, pertaining to this
|
|
address map entry, that were translated."
|
|
::= { cnatAddrMapStatsEntry 4 }
|
|
|
|
cnatAddrMapStatsNoResource OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets, pertaining to this address map
|
|
entry, that were dropped due to lack of addresses in the
|
|
address pool identified by this address map. The value of
|
|
this object should always be zero in case of static
|
|
address map."
|
|
::= { cnatAddrMapStatsEntry 5 }
|
|
|
|
cnatAddrMapStatsAddrUsed OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of addresses, pertaining to this address map,
|
|
that are currently being used from the nat pool. The
|
|
value of this object is irrelevant if the address map in
|
|
question is a static address map."
|
|
::= { cnatAddrMapStatsEntry 6 }
|
|
|
|
-- The Interface Stats table
|
|
|
|
cnatInterfaceStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CnatInterfaceStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table augments the cnatInterfaceTable and provides
|
|
statistics information pertaining to the specified
|
|
interface."
|
|
::= { cnatStatistics 3 }
|
|
|
|
cnatInterfaceStatsEntry OBJECT-TYPE
|
|
SYNTAX CnatInterfaceStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry of the cnatInterfaceStatsTable represents stats
|
|
pertaining to one interface, which is identified by its
|
|
ifIndex."
|
|
AUGMENTS { cnatInterfaceEntry }
|
|
::= { cnatInterfaceStatsTable 1 }
|
|
|
|
CnatInterfaceStatsEntry ::= SEQUENCE {
|
|
cnatInterfacePktsIn Counter32,
|
|
cnatInterfacePktsOut Counter32
|
|
}
|
|
|
|
cnatInterfacePktsIn OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of packets received on this interface that
|
|
were translated."
|
|
::= { cnatInterfaceStatsEntry 1 }
|
|
|
|
cnatInterfacePktsOut OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of translated packets that were sent out this
|
|
interface."
|
|
::= { cnatInterfaceStatsEntry 2 }
|
|
|
|
|
|
-- Notifications
|
|
|
|
ciscoNatMIBNotificationPrefix OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 2 }
|
|
ciscoNatMIBNotifications OBJECT IDENTIFIER ::=
|
|
{ ciscoNatMIBNotificationPrefix 0 }
|
|
|
|
|
|
-- Conformance information
|
|
|
|
ciscoNatMIBConformance OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 3 }
|
|
ciscoNatMIBCompliances OBJECT IDENTIFIER ::= { ciscoNatMIBConformance 1
|
|
}
|
|
ciscoNatMIBGroups OBJECT IDENTIFIER ::= { ciscoNatMIBConformance 2
|
|
}
|
|
|
|
-- Compliance statements
|
|
|
|
ciscoNatMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for devices running NAT."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS { cnatConfigGroup, cnatBindGroup }
|
|
::= { ciscoNatMIBCompliances 1 }
|
|
|
|
-- Units of conformance
|
|
|
|
cnatConfigGroup OBJECT-GROUP
|
|
OBJECTS { cnatConfServiceType,
|
|
cnatConfTimeoutIcmpIdle,
|
|
cnatConfTimeoutUdpIdle,
|
|
cnatConfTimeoutTcpIdle,
|
|
cnatConfTimeoutTcpNeg,
|
|
cnatConfTimeoutOther,
|
|
cnatConfMaxBindLeaseTime,
|
|
cnatConfMaxBindIdleTime,
|
|
cnatConfStorageType,
|
|
cnatConfStatus,
|
|
cnatConfStaticAddrMapType,
|
|
cnatConfStaticLocalAddrFrom,
|
|
cnatConfStaticLocalAddrTo,
|
|
cnatConfStaticLocalPortFrom,
|
|
cnatConfStaticLocalPortTo,
|
|
cnatConfStaticGlobalAddrFrom,
|
|
cnatConfStaticGlobalAddrTo,
|
|
cnatConfStaticGlobalPortFrom,
|
|
cnatConfStaticGlobalPortTo,
|
|
cnatConfStaticProtocol,
|
|
cnatConfStaticAddrMapStorageType,
|
|
cnatConfStaticAddrMapStatus,
|
|
cnatConfDynAddressMapType,
|
|
cnatConfDynLocalAddrFrom,
|
|
cnatConfDynLocalAddrTo,
|
|
cnatConfDynLocalPortFrom,
|
|
cnatConfDynLocalPortTo,
|
|
cnatConfDynGlobalAddrFrom,
|
|
cnatConfDynGlobalAddrTo,
|
|
cnatConfDynGlobalPortFrom,
|
|
cnatConfDynGlobalPortTo,
|
|
cnatConfDynProtocol,
|
|
cnatConfDynAddrMapStorageType,
|
|
cnatConfDynAddrMapStatus,
|
|
cnatInterfaceRealm,
|
|
cnatInterfaceStorageType,
|
|
cnatInterfaceStatus }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of configuration-related information
|
|
required to support management of devices supporting
|
|
NAT."
|
|
::= { ciscoNatMIBGroups 1 }
|
|
|
|
|
|
cnatBindGroup OBJECT-GROUP
|
|
OBJECTS { cnatAddrBindNumberOfEntries,
|
|
cnatAddrBindGlobalAddr,
|
|
cnatAddrBindId,
|
|
cnatAddrBindDirection,
|
|
cnatAddrBindType,
|
|
cnatAddrBindConfName,
|
|
cnatAddrBindSessionCount,
|
|
cnatAddrBindCurrentIdleTime,
|
|
cnatAddrBindInTranslate,
|
|
cnatAddrBindOutTranslate,
|
|
cnatAddrPortBindNumberOfEntries,
|
|
cnatAddrPortBindGlobalAddr,
|
|
cnatAddrPortBindGlobalPort,
|
|
cnatAddrPortBindId,
|
|
cnatAddrPortBindDirection,
|
|
cnatAddrPortBindType,
|
|
cnatAddrPortBindConfName,
|
|
cnatAddrPortBindSessionCount,
|
|
cnatAddrPortBindCurrentIdleTime,
|
|
cnatAddrPortBindInTranslate,
|
|
cnatAddrPortBindOutTranslate,
|
|
cnatSessionDirection,
|
|
cnatSessionUpTime,
|
|
cnatSessionProtocolType,
|
|
cnatSessionOrigPrivateAddr,
|
|
cnatSessionTransPrivateAddr,
|
|
cnatSessionOrigPrivatePort,
|
|
cnatSessionTransPrivatePort,
|
|
cnatSessionOrigPublicAddr,
|
|
cnatSessionTransPublicAddr,
|
|
cnatSessionOrigPublicPort,
|
|
cnatSessionTransPublicPort,
|
|
cnatSessionCurrentIdletime,
|
|
cnatSessionSecondBindId,
|
|
cnatSessionInTranslate,
|
|
cnatSessionOutTranslate }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of BIND-related objects required to support
|
|
management of devices supporting NAT."
|
|
::= { ciscoNatMIBGroups 2 }
|
|
|
|
|
|
cnatStatsGroup OBJECT-GROUP
|
|
OBJECTS { cnatProtocolStatsInTranslate,
|
|
cnatProtocolStatsOutTranslate,
|
|
cnatProtocolStatsRejectCount,
|
|
cnatAddrMapStatsInTranslate,
|
|
cnatAddrMapStatsOutTranslate,
|
|
cnatAddrMapStatsNoResource,
|
|
cnatAddrMapStatsAddrUsed,
|
|
cnatInterfacePktsIn,
|
|
cnatInterfacePktsOut }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of NAT statistics related objects required
|
|
to support troubleshooting/monitoring NAT operation."
|
|
::= { ciscoNatMIBGroups 3 }
|
|
|
|
END
|
|
|
|
|
|
|