-- COPYRIGHT NOTICE
-- Copyright (c) Hewlett Packard Company, 2005
-- All rights reserved
-- 
--

BLADETYPE2-ACL-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, IpAddress
        FROM SNMPv2-SMI
    MacAddress
        FROM SNMPv2-TC
    hpSwitchBladeType2-Mgmt 
        FROM HP-SWITCH-PL-MIB
    ;

acl MODULE-IDENTITY
    LAST-UPDATED "200510120000Z" --  12 October 2005
    ORGANIZATION "Hewlett Packard Company"
    CONTACT-INFO "customerservice@hp.com"
    DESCRIPTION
        "The MIB module for the Access Control List configuration
         and statistics."
    ::= { hpSwitchBladeType2-Mgmt 9 }

-- MIB_INSERT_START
-- ----------------------------------------------------------------------------
-- { INSERT:  bt2acl
-- ----------------------------------------------------------------------------

acConfig   OBJECT IDENTIFIER ::= { acl 1 }

acList      OBJECT IDENTIFIER ::= { acConfig 1 }
aclBlock    OBJECT IDENTIFIER ::= { acConfig 2 }
aclGroup    OBJECT IDENTIFIER ::= { acConfig 3 }

-- ---------------------------------------------------------- --
-- Access Control List (ACL) Configuration
-- ---------------------------------------------------------- --

aclCurCfgTable  OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of current ACL configuration."
    ::= { acList 1 }

aclCurCfgEntry  OBJECT-TYPE
    SYNTAX      AclCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Current information about a particular ACL configuration entry."
    INDEX { aclCurCfgIndex }
    ::= { aclCurCfgTable 1 }

AclCurCfgEntry  ::= SEQUENCE {
    aclCurCfgIndex              Unsigned32,
    aclCurCfgBlock              Unsigned32,
    aclCurCfgGroup              Unsigned32,
    aclCurCfgFilterAction       INTEGER,
    aclCurCfgFilterActionSetCOS INTEGER,
    aclCurCfgEthFmt             INTEGER,
    aclCurCfgTagFmt             INTEGER,
    aclCurCfgSrcMACAddress      MacAddress,
    aclCurCfgSrcMACMask         MacAddress,
    aclCurCfgDstMACAddress      MacAddress,
    aclCurCfgDstMACMask         MacAddress,
    aclCurCfgEthernetTypeName   INTEGER,
    aclCurCfgEthernetTypeValue  INTEGER,
    aclCurCfgVLanId             INTEGER,
    aclCurCfgVLanMask           INTEGER,
    aclCurCfg8021pPriority      INTEGER,
    aclCurCfgTypeOfService      INTEGER,
    aclCurCfgProtocol           INTEGER,
    aclCurCfgSrcIPAddress       IpAddress,
    aclCurCfgSrcIPMask          IpAddress,
    aclCurCfgDstIPAddress       IpAddress,
    aclCurCfgDstIPMask          IpAddress,
    aclCurCfgSrcPort            INTEGER,
    aclCurCfgSrcPortMask        INTEGER,
    aclCurCfgDstPort            INTEGER,
    aclCurCfgDstPortMask        INTEGER,
    aclCurCfgTCPFlags           BITS,
    aclCurCfgTCPFlagsMask       BITS,
    aclCurCfgEgressPorts        OCTET STRING,
    aclCurCfgStatistics         INTEGER
    }

aclCurCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL entry."
    ::= { aclCurCfgEntry 1 }

aclCurCfgBlock  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index of the ACL block to which this ACL entry is a member of.
        A value of zero means the ACL is not a member of any block."
    ::= { aclCurCfgEntry 2 }

aclCurCfgGroup  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index of the ACL group to which this ACL entry is a member of.
        A value of zero means the ACL is not a member of any group."
    ::= { aclCurCfgEntry 3 }

aclCurCfgFilterAction  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    permit(1),
                    deny(2),
                    setcos(3)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The action to be performed on a packet that matches the filter
        settings of this ACL entry."
    ::= { aclCurCfgEntry 4 }

aclCurCfgFilterActionSetCOS  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    cos0(1),
                    cos1(2),
                    cos2(3),
                    cos3(4),
                    cos4(5),
                    cos5(6),
                    cos6(7),
                    cos7(8)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value to be used when the action to be performed is setCOS
        for this ACL entry."
    ::= { aclCurCfgEntry 5 }

aclCurCfgEthFmt  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    ethernet2(1),
                    snap(2),
                    llc(3),
                    ieee802dot3(4)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The packet ethernet format to be filtered."
    ::= { aclCurCfgEntry 6 }

aclCurCfgTagFmt  OBJECT-TYPE
    SYNTAX      INTEGER {
                    untagged(1),
                    tagged(2)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The packet tag format to be filtered."
    ::= { aclCurCfgEntry 7 }

aclCurCfgSrcMACAddress  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The source MAC address to be filtered."
    ::= { aclCurCfgEntry 9 }

aclCurCfgSrcMACMask  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The address mask applied to aclCurCfgSrcMACAddress for filtering."
    ::= { aclCurCfgEntry 10 }

aclCurCfgDstMACAddress  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The destination MAC address to be filtered."
    ::= { aclCurCfgEntry 11 }

aclCurCfgDstMACMask  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The address mask applied to aclCurCfgDstMACAddress for filtering."
    ::= { aclCurCfgEntry 12 }

aclCurCfgEthernetTypeName  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    arp(1),
                    ipv4(2),
                    ipv6(3),
                    mpls(4),
                    rarp(5),
                    any(6),
                    other(7)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The Ethernet type to be filtered. If the value of this
        object is other(7), the value of aclNewCfgEthernetTypeValue
        indicates the ethernet type that will be filtered."
    ::= { aclCurCfgEntry 13 }

aclCurCfgEthernetTypeValue  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The Ethernet type value to be filtered. The value of this
        object is equivalent to the value of aclNewCfgEthernetTypeName
        except when the value of aclNewCfgEthernetTypeName is other(7),
        which can be any user-defined value for this object."
    ::= { aclCurCfgEntry 14 }

aclCurCfgVLanId  OBJECT-TYPE
    SYNTAX      INTEGER (0..4095)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The virtual LAN identifier to be filtered."
    ::= { aclCurCfgEntry 15 }

aclCurCfgVLanMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..4095)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The mask applied to aclCurCfgVLanId for filtering."
    ::= { aclCurCfgEntry 16 }

aclCurCfg8021pPriority  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    priority0(1),
                    priority1(2),
                    priority2(3),
                    priority3(4),
                    priority4(5),
                    priority5(6),
                    priority6(7),
                    priority7(8)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The 802.1p priority to be filtered."
    ::= { aclCurCfgEntry 17 }

aclCurCfgTypeOfService  OBJECT-TYPE
    SYNTAX      INTEGER (0..255)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The type of service to be filtered."
    ::= { aclCurCfgEntry 18 }

aclCurCfgProtocol  OBJECT-TYPE
    SYNTAX      INTEGER (0..255)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The protocol to be filtered."
    ::= { aclCurCfgEntry 19 }

aclCurCfgSrcIPAddress  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The source IP address to be filtered."
    ::= { aclCurCfgEntry 20 }

aclCurCfgSrcIPMask  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The address mask applied to aclCurCfgSrcIPAddress for filtering."
    ::= { aclCurCfgEntry 21 }

aclCurCfgDstIPAddress  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The destination IP address to be filtered."
    ::= { aclCurCfgEntry 22 }

aclCurCfgDstIPMask  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The address mask applied to aclCurCfgDstIPAddress for filtering."
    ::= { aclCurCfgEntry 23 }

aclCurCfgSrcPort  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The source TCP/UDP port number to be filtered."
    ::= { aclCurCfgEntry 24 }

aclCurCfgSrcPortMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The mask applied to aclCurCfgSrcPort for filtering."
    ::= { aclCurCfgEntry 25 }

aclCurCfgDstPort  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The destination TCP/UDP port number to be filtered."
    ::= { aclCurCfgEntry 26 }

aclCurCfgDstPortMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The mask applied to aclCurCfgDstPort for filtering."
    ::= { aclCurCfgEntry 27 }

aclCurCfgTCPFlags  OBJECT-TYPE
    SYNTAX      BITS {
                    reserved1(0),
                    reserved2(1),
                    tcpURG(2),
                    tcpACK(3),
                    tcpPSH(4),
                    tcpRST(5),
                    tcpSYN(6),
                    tcpFIN(7)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The TCP flags to be filtered.
         OCTET
         xxxxxxxx
         ||||..||
         ||||..||_tcpFIN(7)
         ||||..|__tcpSYN(6)
         ||||
         ||||_____tcpACK(3)
         |||______tcpURG(2)
         ||_______reserved2(1)
         |________reserved1(0)

         where:
         - reserved1 - 0;
         - reserved2 - 0;
         - x - 0 or 1;
        "
    ::= { aclCurCfgEntry 28 }

aclCurCfgTCPFlagsMask  OBJECT-TYPE
    SYNTAX      BITS {
                    reserved1(0),
                    reserved2(1),
                    tcpURG(2),
                    tcpACK(3),
                    tcpPSH(4),
                    tcpRST(5),
                    tcpSYN(6),
                    tcpFIN(7)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The TCP flags mask.
         OCTET
         xxxxxxxx
         ||||..||
         ||||..||_tcpFIN(7)
         ||||..|__tcpSYN(6)
         ||||
         ||||_____tcpACK(3)
         |||______tcpURG(2)
         ||_______reserved2(1)
         |________reserved1(0)

         where:
         - reserved1 - 0;
         - reserved2 - 0;
         - x - 0 or 1;
        "
    ::= { aclCurCfgEntry 39 }

aclCurCfgEgressPorts  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The port list in the ACL configured for egress filtering.
         The ports are presented in bitmap format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ port 9
            ||    ||
            ||    ||___ port 8
            ||    |____ port 7
            ||      .    .   .
            ||_________ port 2
            |__________ port 1

         where x:
            1 - the represented port is configured for filtering.
            0 - the represented port is not configured for filtering."
    ::= { aclCurCfgEntry 29 }

aclCurCfgStatistics  OBJECT-TYPE
    SYNTAX      INTEGER {
                    disable(0),
                    enable(1)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Whether statistics collection for this ACL is enabled or not."
    ::= { aclCurCfgEntry 30 }


--
-- New ACL Configuration Table
--

aclNewCfgTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of new ACL configuration."
    ::= { acList 2 }

aclNewCfgEntry OBJECT-TYPE
    SYNTAX      AclNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "New information about a particular ACL configuration."
    INDEX { aclNewCfgIndex }
    ::= { aclNewCfgTable 1 }

AclNewCfgEntry ::= SEQUENCE {
    aclNewCfgIndex              Unsigned32,
    aclNewCfgBlock              Unsigned32,
    aclNewCfgGroup              Unsigned32,
    aclNewCfgFilterAction       INTEGER,
    aclNewCfgFilterActionSetCOS INTEGER,
    aclNewCfgEthFmt       INTEGER,
    aclNewCfgTagFmt       INTEGER,
    aclNewCfgSrcMACAddress      MacAddress,
    aclNewCfgSrcMACMask         MacAddress,
    aclNewCfgDstMACAddress      MacAddress,
    aclNewCfgDstMACMask         MacAddress,
    aclNewCfgEthernetTypeName   INTEGER,
    aclNewCfgEthernetTypeValue  INTEGER,
    aclNewCfgVLanId             INTEGER,
    aclNewCfgVLanMask           INTEGER,
    aclNewCfg8021pPriority      INTEGER,
    aclNewCfgTypeOfService      INTEGER,
    aclNewCfgProtocol           INTEGER,
    aclNewCfgSrcIPAddress       IpAddress,
    aclNewCfgSrcIPMask          IpAddress,
    aclNewCfgDstIPAddress       IpAddress,
    aclNewCfgDstIPMask          IpAddress,
    aclNewCfgSrcPort            INTEGER,
    aclNewCfgSrcPortMask        INTEGER,
    aclNewCfgDstPort            INTEGER,
    aclNewCfgDstPortMask        INTEGER,
    aclNewCfgTCPFlags           BITS,
    aclNewCfgTCPFlagsMask       BITS,
    aclNewCfgEgressPorts        OCTET STRING,
    aclNewCfgStatistics         INTEGER,
    aclNewCfgAddEgressPort      Unsigned32,
    aclNewCfgRemoveEgressPort   Unsigned32,
    aclNewCfgDelete             INTEGER
    }

aclNewCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL entry."
    ::= { aclNewCfgEntry 1 }

aclNewCfgBlock  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index of the ACL block to which this ACL entry is a member of.
        A value of zero means the ACL is not a member of any block."
    ::= { aclNewCfgEntry 2 }

aclNewCfgGroup  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index of the ACL group to which this ACL entry is a member of.
        A value of zero means the ACL is not a member of any group."
    ::= { aclNewCfgEntry 3 }

aclNewCfgFilterAction  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    permit(1),
                    deny(2),
                    setcos(3)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The action to be performed on a packet that matches the filter
        settings of this ACL entry."
    ::= { aclNewCfgEntry 4 }

aclNewCfgFilterActionSetCOS  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    cos0(1),
                    cos1(2),
                    cos2(3),
                    cos3(4),
                    cos4(5),
                    cos5(6),
                    cos6(7),
                    cos7(8)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The COS queue to be used when the action for this ACL entry is
        set to SetCOS."
    ::= { aclNewCfgEntry 5 }

aclNewCfgEthFmt  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    ethernet2(1),
                    snap(2),
                    llc(3),
                    ieee802dot3(4)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The packet ethernet format to be filtered."
    ::= { aclNewCfgEntry 6 }

aclNewCfgTagFmt  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(1),
                    tagged(2)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The packet tagging format to be filtered."
    ::= { aclNewCfgEntry 7 }

aclNewCfgSrcMACAddress  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The source MAC address to be filtered. Whenever this object is
        set to a nonzero value, the aclNewCfgSrcMACMask object, if not
        yet set, will be automatically set to ff:ff:ff:ff:ff."
    ::= { aclNewCfgEntry 9 }

aclNewCfgSrcMACMask  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The address mask to be applied to aclNewCfgSrcMACAddress
         for filtering."
    ::= { aclNewCfgEntry 10 }

aclNewCfgDstMACAddress  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The destination MAC address to be filtered. Whenever this object
        is set to a nonzero value, the aclNewCfgDstMACMask object, if not
        yet set, will be automatically set to ff:ff:ff:ff:ff."
    ::= { aclNewCfgEntry 11 }

aclNewCfgDstMACMask  OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The address mask to be applied to aclNewCfgDstMACAddress
         for filtering."
    ::= { aclNewCfgEntry 12 }

aclNewCfgEthernetTypeName  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    arp(1),
                    ipv4(2),
                    ipv6(3),
                    mpls(4),
                    rarp(5),
                    any(6),
                    other(7)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The Ethernet type to be filtered. If the value of this
        object is other(7), the value of aclNewCfgEthernetTypeValue
        indicates the ethernet type that will be filtered. If this
        object is set to a value other than other(7), the value of
        the aclNewCfgEthernetTypeValue object is automatically set,
        as follows:

        aclNewCfgEthernetTypeName   aclNewCfgEthernetTypeValue
            none(0)                         0
            arp(1)                       2054  (0x0806)
            ipv4(2)                      2048  (0x0800)
            ipv6(3)                     34525  (0x86dd)
            mpls(4)                     34887  (0x8847)
            rarp(5)                     32821  (0x8035)
            any(6)                      65535  (0xffff)
        "
    ::= { aclNewCfgEntry 13 }

aclNewCfgEthernetTypeValue  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The Ethernet type value to be filtered. The value of this
        object is equivalent to the value of aclNewCfgEthernetTypeName
        except when the value of aclNewCfgEthernetTypeName is other(7),
        which can be any user-defined value for this object."
    ::= { aclNewCfgEntry 14 }

aclNewCfgVLanId  OBJECT-TYPE
    SYNTAX      INTEGER (1..4095)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The virtual LAN identifier to be filtered. Whenever this object
        is set to a nonzero value, the aclNewCfgVLanMask object, if not
        yet set, will be automatically set to 4095 (0xfff)."
    ::= { aclNewCfgEntry 15 }

aclNewCfgVLanMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..4095)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The mask to be applied to aclNewCfgVLanId for filtering."
    ::= { aclNewCfgEntry 16 }

aclNewCfg8021pPriority  OBJECT-TYPE
    SYNTAX      INTEGER {
                    none(0),
                    priority0(1),
                    priority1(2),
                    priority2(3),
                    priority3(4),
                    priority4(5),
                    priority5(6),
                    priority6(7),
                    priority7(8)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The 802.1p priority to be filtered."
    ::= { aclNewCfgEntry 17 }

aclNewCfgTypeOfService  OBJECT-TYPE
    SYNTAX      INTEGER (0..255)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The type of service to be filtered."
    ::= { aclNewCfgEntry 18 }

aclNewCfgProtocol  OBJECT-TYPE
    SYNTAX      INTEGER (0..255)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The protocol to be filtered."
    ::= { aclNewCfgEntry 19 }

aclNewCfgSrcIPAddress  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The source IP address to be filtered. Whenever this object is set
        to a nonzero value, the aclNewCfgSrcIPMask object, if not yet set,
        will be automatically set to 255.255.255.255."
    ::= { aclNewCfgEntry 20 }

aclNewCfgSrcIPMask  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The address mask to be applied to aclNewCfgSrcIPAddress
         for filtering."
    ::= { aclNewCfgEntry 21 }

aclNewCfgDstIPAddress  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The destination IP address to be filtered. Whenever this object is set
        to a nonzero value, the aclNewCfgDstIPMask object, if not yet set,
        will be automatically set to 255.255.255.255."
    ::= { aclNewCfgEntry 22 }

aclNewCfgDstIPMask  OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The address mask to be applied to aclNewCfgDstIPAddress for filtering."
    ::= { aclNewCfgEntry 23 }

aclNewCfgSrcPort  OBJECT-TYPE
    SYNTAX      INTEGER (1..65535)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The source TCP/UDP port number to be filtered. Whenever this
        object is set if the aclNewCfgSrcPortMask object is not set
        will be automatically set to 65535 (0xffff)."
    ::= { aclNewCfgEntry 24 }

aclNewCfgSrcPortMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The mask to be applied to aclNewCfgSrcPort for filtering."
    ::= { aclNewCfgEntry 25 }

aclNewCfgDstPort  OBJECT-TYPE
    SYNTAX      INTEGER (1..65535)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The destination TCP/UDP port number to be filtered.  Whenever this
        object is set the aclNewCfgSrcPortMask object, if not yet set, will 
        be automatically set to 65535 (0xffff)."
    ::= { aclNewCfgEntry 26 }

aclNewCfgDstPortMask  OBJECT-TYPE
    SYNTAX      INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The mask to be applied to aclNewCfgDstPort for filtering."
    ::= { aclNewCfgEntry 27 }

aclNewCfgTCPFlags  OBJECT-TYPE
    SYNTAX      BITS {
                    reserved1(0),
                    reserved2(1),
                    tcpURG(2),
                    tcpACK(3),
                    tcpPSH(4),
                    tcpRST(5),
                    tcpSYN(6),
                    tcpFIN(7)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The TCP flags to be filtered.
         The TCP flags are presented in bitmap format, as follows:
         OCTET
         xxxxxxxx
         ||||..||
         ||||..||_tcpFIN(7)
         ||||..|__tcpSYN(6)
         ||||
         ||||_____tcpACK(3)
         |||______tcpURG(2)
         ||_______reserved2(1)
         |________reserved1(0)

         where:
         - reserved1 - 0;
         - reserved2 - 0;
         - x - 0 or 1;
        "
    ::= { aclNewCfgEntry 28 }

aclNewCfgTCPFlagsMask  OBJECT-TYPE
    SYNTAX      BITS {
                    reserved1(0),
                    reserved2(1),
                    tcpURG(2),
                    tcpACK(3),
                    tcpPSH(4),
                    tcpRST(5),
                    tcpSYN(6),
                    tcpFIN(7)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The TCP flags mask.
         The TCP flags are presented in bitmap format, as follows:
         OCTET
         xxxxxxxx
         ||||..||
         ||||..||_tcpFIN(7)
         ||||..|__tcpSYN(6)
         ||||
         ||||_____tcpACK(3)
         |||______tcpURG(2)
         ||_______reserved2(1)
         |________reserved1(0)

         where:
         - reserved1 - 0;
         - reserved2 - 0;
         - x - 0 or 1;
         Default value is 0x3f."
    ::= { aclNewCfgEntry 39 }

aclNewCfgEgressPorts  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The port list in the ACL configured for egress filtering.
         The ports are presented in bitmap format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ port 9
            ||    ||
            ||    ||___ port 8
            ||    |____ port 7
            ||      .    .   .
            ||_________ port 2
            |__________ port 1

         where x:
            1 - the represented port is configured for filtering.
            0 - the represented port is not configured for filtering."
    ::= { aclNewCfgEntry 29 }

aclNewCfgStatistics  OBJECT-TYPE
    SYNTAX      INTEGER {
                    disable(0),
                    enable(1)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Whether statistics collection for this ACL is enabled or not."
    ::= { aclNewCfgEntry 30 }

aclNewCfgAddEgressPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The port to be added to the specified ACL for egress filtering.
        A value of zero is always returned when this object is read."
    ::= { aclNewCfgEntry 31 }

aclNewCfgRemoveEgressPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The port to be removed from the specified ACL.  A value of zero
        is always returned when this object is read."
    ::= { aclNewCfgEntry 32 }

aclNewCfgDelete OBJECT-TYPE
    SYNTAX      INTEGER {
                    other(1),
                    delete(2)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This is an action object to delete an ACL entry.  A value of
        other(1) is always returned when this object is read."
    ::= { aclNewCfgEntry 33 }


-- ---------------------------------------------------------- --
-- ACL Block Configuration
-- ---------------------------------------------------------- --

aclBlockCurCfgTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclBlockCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of current ACL block configuration."
    ::= { aclBlock 1 }

aclBlockCurCfgEntry OBJECT-TYPE
    SYNTAX      AclBlockCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Current information about a particular ACL block configuration."
    INDEX { aclBlockCurCfgIndex }
    ::= { aclBlockCurCfgTable 1 }

AclBlockCurCfgEntry ::= SEQUENCE {
    aclBlockCurCfgIndex        Unsigned32,
    aclBlockCurCfgMemberAcls   OCTET STRING
    }

aclBlockCurCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL block entry."
    ::= { aclBlockCurCfgEntry 1 }

aclBlockCurCfgMemberAcls  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL members of this ACL block, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL 9
            ||    ||
            ||    ||___ ACL 8
            ||    |____ ACL 7
            ||      .    .   .
            ||_________ ACL 2
            |__________ ACL 1

         where x:
            1 - the represented ACL is a member of the block.
            0 - the represented ACL is not a member of the block."
    ::= { aclBlockCurCfgEntry 2 }

aclBlockNewCfgTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclBlockNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of new ACL block configuration."
    ::= { aclBlock 2 }

aclBlockNewCfgEntry OBJECT-TYPE
    SYNTAX      AclBlockNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "New information about a particular ACL block configuration."
    INDEX { aclBlockNewCfgIndex }
    ::= { aclBlockNewCfgTable 1 }

AclBlockNewCfgEntry ::= SEQUENCE {
    aclBlockNewCfgIndex        Unsigned32,
    aclBlockNewCfgMemberAcls   OCTET STRING,
    aclBlockNewCfgAddAcl       Unsigned32,
    aclBlockNewCfgRemoveAcl    Unsigned32,
    aclBlockNewCfgDelete       INTEGER
    }

aclBlockNewCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL block entry."
    ::= { aclBlockNewCfgEntry 1 }

aclBlockNewCfgMemberAcls  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL members of this ACL block, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL 9
            ||    ||
            ||    ||___ ACL 8
            ||    |____ ACL 7
            ||      .    .   .
            ||_________ ACL 2
            |__________ ACL 1

         where x:
            1 - the represented ACL is a member of the block.
            0 - the represented ACL is not a member of the block."
    ::= { aclBlockNewCfgEntry 2 }

aclBlockNewCfgAddAcl  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL entry to be added into this ACL block.
        A successful set operation on this object will also set the bit
        corresponding to the ACL entry in the aclBlockNewCfgMemberAcls
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclBlockNewCfgEntry 3 }

aclBlockNewCfgRemoveAcl  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL entry to be removed from this ACL block.
        A successful set operation on this object will unset the bit
        corresponding to the ACL entry in the aclBlockNewCfgMemberAcls
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclBlockNewCfgEntry 4 }

aclBlockNewCfgDelete  OBJECT-TYPE
    SYNTAX      INTEGER {
                    other(1),
                    delete(2)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This is an action object to delete an ACL block.  A value of
        other(1) is always returned when this object is read."
    ::= { aclBlockNewCfgEntry 5 }


-- ---------------------------------------------------------- --
-- ACL Group Configuration
-- ---------------------------------------------------------- --

aclGroupCurCfgTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclGroupCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of current ACL Group configuration."
    ::= { aclGroup 1 }

aclGroupCurCfgEntry OBJECT-TYPE
    SYNTAX      AclGroupCurCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Information about a particular ACL configuration."
    INDEX { aclGroupCurCfgIndex }
    ::= { aclGroupCurCfgTable 1 }

AclGroupCurCfgEntry ::= SEQUENCE {
    aclGroupCurCfgIndex        Unsigned32,
    aclGroupCurCfgMemberAcls   OCTET STRING,
    aclGroupCurCfgMemberBlocks OCTET STRING
    }

aclGroupCurCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL Group entry."
    ::= { aclGroupCurCfgEntry 1 }

aclGroupCurCfgMemberAcls  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL members of this ACL group, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL 9
            ||    ||
            ||    ||___ ACL 8
            ||    |____ ACL 7
            ||      .    .   .
            ||_________ ACL 2
            |__________ ACL 1

         where x:
            1 - the represented ACL is a member of the group.
            0 - the represented ACL is not a member of the group."
    ::= { aclGroupCurCfgEntry 2 }

aclGroupCurCfgMemberBlocks  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL block members of this ACL group, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL Block 9
            ||    ||
            ||    ||___ ACL Block 8
            ||    |____ ACL Block 7
            ||      .    .   .   .
            ||_________ ACL Block 2
            |__________ ACL Block 1

         where x:
            1 - the represented ACL block is a member of the group.
            0 - the represented ACL block is not a member of the group."
    ::= { aclGroupCurCfgEntry 3 }

aclGroupNewCfgTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AclGroupNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The table of new ACL Group configuration."
    ::= { aclGroup 2 }

aclGroupNewCfgEntry OBJECT-TYPE
    SYNTAX      AclGroupNewCfgEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "New information about a particular ACL configuration."
    INDEX { aclGroupNewCfgIndex }
    ::= { aclGroupNewCfgTable 1 }

AclGroupNewCfgEntry ::= SEQUENCE {
    aclGroupNewCfgIndex        Unsigned32,
    aclGroupNewCfgMemberAcls   OCTET STRING,
    aclGroupNewCfgMemberBlocks OCTET STRING,
    aclGroupNewCfgAddAcl       Unsigned32,
    aclGroupNewCfgRemoveAcl    Unsigned32,
    aclGroupNewCfgAddBlock     Unsigned32,
    aclGroupNewCfgRemoveBlock  Unsigned32,
    aclGroupNewCfgDelete       INTEGER
    }

aclGroupNewCfgIndex  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "The index associated with this ACL Group entry."
    ::= { aclGroupNewCfgEntry 1 }

aclGroupNewCfgMemberAcls  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL members of this ACL group, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL 9
            ||    ||
            ||    ||___ ACL 8
            ||    |____ ACL 7
            ||      .    .   .
            ||_________ ACL 2
            |__________ ACL 1

         where x:
            1 - the represented ACL is a member of the group.
            0 - the represented ACL is not a member of the group."
    ::= { aclGroupNewCfgEntry 2 }

aclGroupNewCfgMemberBlocks  OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The ACL block members of this ACL group, presented in bitmap
         format, as follows:

            OCTET 1  OCTET 2  .....
            xxxxxxxx xxxxxxxx .....
            ||    || |
            ||    || |_ ACL Block 9
            ||    ||
            ||    ||___ ACL Block 8
            ||    |____ ACL Block 7
            ||      .    .   .   .
            ||_________ ACL Block 2
            |__________ ACL Block 1

         where x:
            1 - the represented ACL block is a member of the group.
            0 - the represented ACL block is not a member of the group."
    ::= { aclGroupNewCfgEntry 3 }

aclGroupNewCfgAddAcl  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL entry to be added into this ACL group.
        A successful set operation on this object will also set the bit
        corresponding to the ACL entry in the aclGroupNewCfgMemberAcls
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclGroupNewCfgEntry 4 }

aclGroupNewCfgRemoveAcl  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL entry to be removed from this ACL group.
        A successful set operation on this object will unset the bit
        corresponding to the ACL entry in the aclGroupNewCfgMemberAcls
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclGroupNewCfgEntry 5 }

aclGroupNewCfgAddBlock  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL block entry to be added into this ACL group.
        A successful set operation on this object will also set the bit
        corresponding to the ACL block entry in the aclGroupNewCfgMemberBlocks
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclGroupNewCfgEntry 6 }

aclGroupNewCfgRemoveBlock  OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The index of the ACL block entry to be removed from this ACL group.
        A successful set operation on this object will unset the bit
        corresponding to the ACL block entry in the aclGroupNewCfgMemberBlocks
        bitmap. A value of zero is always returned when this object
        is read."
    ::= { aclGroupNewCfgEntry 7 }

aclGroupNewCfgDelete  OBJECT-TYPE
    SYNTAX      INTEGER {
                    other(1),
                    delete(2)
                }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This is an action object to delete an ACL group.  A value of other(1)
        is always returned when this object is read."
    ::= { aclGroupNewCfgEntry 8 }


-- ----------------------------------------------------------------------------
-- } INSERT:  bt2acl
-- ----------------------------------------------------------------------------

END


