Configure the rule for ipv6 advanced acl group.
The indexes of the table are hwAclIpv6AdvancedAclNum, hwAclIpv6AdvancedSubitem.
|
OID |
Object |
Syntax |
Max Access |
Description |
Implemented Specifications |
|---|---|---|---|---|---|
|
1.3.6.1.4.1.2011.5.1.1.13.1.1 |
hwAclIpv6AdvancedAclNum |
Integer32 |
read-only |
The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535). |
This object is implemented as defined in the corresponding MIB files. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.2 |
hwAclIpv6AdvancedSubitem |
Unsigned32 |
read-only |
The object specifies the number of an ipv6 advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically;otherwise,this rule will not be created. |
The actually supported value range is 0-4294967294. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.3 |
hwAclIpv6AdvancedAct |
INTEGER{permit(1),deny(2)} |
read-create |
The object indicates the action of an ipv6 advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.4 |
hwAclIpv6AdvancedProtocol |
Integer32{(0,255)} |
read-create |
The value of this object identifies the number of the protocol over IPv6. The value ranges from 0 to 255. The value 0 indicates the IPv6 protocol. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.5 |
hwAclIpv6AdvancedSrcIp |
OCTET STRING{(16,16)} |
read-create |
The object indicates the source IPv6-address of an ipv6 advanced acl rule. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.6 |
hwAclIpv6AdvancedSrcPrefix |
Integer32{(0,128)} |
read-create |
The value of this object identifies the mask length of the source IPv6 address. The value ranges from 0 to 128. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.7 |
hwAclIpv6AdvancedSrcOp |
INTEGER{lt(1),eq(2),gt(3),neq(4),range(5),invalid(255)} |
read-create |
The object indicates the source Port operation symbol of an ipv6 advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.8 |
hwAclIpv6AdvancedSrcPort1 |
Integer32{(0,65535)} |
read-create |
This object indicates the end source port number. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.9 |
hwAclIpv6AdvancedSrcPort2 |
Integer32{(0,65535)} |
read-create |
This object indicates the start source port number. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.10 |
hwAclIpv6AdvancedDestIp |
OCTET STRING{(16,16)} |
read-create |
The object indicates the destination IPv6-address of an ipv6 advanced acl rule. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.11 |
hwAclIpv6AdvancedDestPrefix |
Integer32{(0,128)} |
read-create |
The value of this object identifies the mask length of the destination IPv6 address. The value ranges from 0 to 128. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.12 |
hwAclIpv6AdvancedDestOp |
INTEGER{lt(1),eq(2),gt(3),neq(4),range(5),invalid(255)} |
read-create |
The object indicates the destination Port operation symbol of an ipv6 advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.13 |
hwAclIpv6AdvancedDestPort1 |
Integer32{(0,65535)} |
read-create |
This object indicates the largest destination port number. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.14 |
hwAclIpv6AdvancedDestPort2 |
Integer32{(0,65535)} |
read-create |
This object indicates the smallest destination port number. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.15 |
hwAclIpv6AdvancedPrecedence |
Integer32{(0,7),(255,255)} |
read-create |
The value of this object identifies the precedence sub-field. It is the higher three bits of the ToS field in an IPv6 header. The value ranges from 0 to 7. The invalid value is 255. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.16 |
hwAclIpv6AdvancedTos |
Integer32{(0,15),(255,255)} |
read-create |
The value of this object identifies the ToS sub-field. This field covers four bits after the higher three bits of the ToS field in an IPv6 header. The value ranges from 0 to 15. The invalid value is 255. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.17 |
hwAclIpv6AdvancedDscp |
Integer32{(0,63),(255,255)} |
read-create |
The value of this object identifies the higher seven bits of the ToS field in an IPv6 header. The value ranges from 0 to 63. The invalid value is 255. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.18 |
hwAclIpv6AdvancedEstablish |
INTEGER{true(1),false(2)} |
read-create |
The object indicates whether or not establishing. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.19 |
hwAclIpv6AdvancedTimeRangeIndex |
Integer32{(0,256)} |
read-create |
The value of this object identifies the index of the time range during which an ACL6 rule can be applied. The value ranges from 0 to 256. The value 0 indicates that no time range is specified for the rule. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.20 |
hwAclIpv6AdvancedIcmpType |
Integer32{(0,255),(65535,65535)} |
read-create |
The value of this object identifies the ICMPv6 message type. The value ranges from 0 to 255. The value 65535 is invalid. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.21 |
hwAclIpv6AdvancedIcmpCode |
Integer32{(0,255),(65535,65535)} |
read-create |
The value of this obejct identifies the code of an ICMPv6 message. The value ranges from 0 to 255. The value 65535 is invalid. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.22 |
hwAclIpv6AdvancedFragment |
INTEGER{fragmentSubseq(0),fragment(1),none(255)} |
read-create |
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.24 |
hwAclIpv6AdvancedEnable |
INTEGER{enabled(1),disabled(2)} |
read-only |
The object indicates whether the rule is valid or invalid. |
This object is implemented as defined in the corresponding MIB files. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.25 |
hwAclIpv6AdvancedCount |
Counter64 |
read-only |
This object indicates the number of packets matched by a rule. A maximum of 64 bits are supported. |
The actually supported value range is 0-4294967295. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.26 |
hwAclIpv6AdvancedVrfName |
OCTET STRING{(0,31)} |
read-create |
This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.27 |
hwAclIpv6AdvancedRowStatus |
INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)} |
read-create |
RowStatus, Now support three state:CreateAndGo,Active,Destroy. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.32 |
hwAclIpv6AdvancedIcmpTypeEnd |
Integer32{(0,255),(65535,65535)} |
read-create |
The value of this object identifies the ICMPv6 message type. The value ranges from 0 to 255. The value 65535 is invalid. This object is used together with hwAclIpv6AdvancedIcmpType to indicate the value range of the ICMPv6 type. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.33 |
hwAclIpv6AdvancedVrfAny |
INTEGER{true(1),false(2)} |
read-create |
The object indicates whether or not matching any VPN-instance. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.34 |
hwAclIpv6AdvancedSrcPoolName |
OCTET STRING{(0,32)} |
read-create |
The object indicates the source Ipv6 pool name. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.36 |
hwAclIpv6AdvancedTcpFlag |
Integer32{(-1,-1),(0,63)} |
read-create |
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1. |
The actually supported access is read-only. |
|
1.3.6.1.4.1.2011.5.1.1.13.1.37 |
hwAclIpv6AdvancedTcpFlagMask |
Integer32{(0,63)} |
read-create |
The object indicates the mask of tcp-flag. The invalid value is 0. |
The actually supported access is read-only. |