--    ============================================================================
-- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
-- Description:  This MIB file is used for configuration of NAT.
--                include :1.NAT pool
--                         2.NAT out bound
--                         3.NAT inside server
--                         4.NAT agetime
--                         5.NAT blacklist
--                         6.NAT statistics information
--                         7.NAT DNS
-- Reference:
-- Version: V1.2
-- History:
-- V1.0 2004/09/17 created by xiaoshuchao
-- V1.1 2005/06/01 Modified by liguanmin
--      Modify the value range of the node hpnicfNATOutboundPoolIdx
-- V1.2 2007/05/22 Modified by tangjiafeng
--      Modify the value range of the node hpnicfNATSessionPeerPort
-- ============================================================================
HPN-ICF-NAT-MIB DEFINITIONS ::= BEGIN

                IMPORTS
                        hpnicfCommon
                                FROM HPN-ICF-OID-MIB
                        ifIndex
                                FROM RFC1213-MIB
                        TimeTicks, IpAddress, Integer32, Counter32, OBJECT-TYPE,
                        MODULE-IDENTITY
                                FROM SNMPv2-SMI
                        RowStatus, DisplayString
                                FROM SNMPv2-TC;


                hpnicfNat MODULE-IDENTITY
                        LAST-UPDATED "200409170100Z"            -- September 17, 2004 at 01:00 GMT
                        ORGANIZATION
                            ""
                        CONTACT-INFO
                            ""
                        DESCRIPTION
                                "This MIB contains objects to manage configuration of NAT.
                                There are no constraints on this MIB."
                        REVISION "200501201518Z"                -- January 20, 2005 at 15:18 GMT
                        DESCRIPTION
                                "The initial revision of this MIB module."
                        ::= { hpnicfCommon 18 }




--
-- Node definitions
--

-- Global Variants
                hpnicfNATGlobalVars OBJECT IDENTIFIER ::= { hpnicfNat 1 }


--                     **************Global Variants***************
-- NAT Clear Session
                hpnicfNATClearSession OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 1 }


                hpnicfNATClearSessionSlotNo OBJECT-TYPE
                        SYNTAX INTEGER (1..14 | 255)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board in which administrator wants to
                                clear data of the session. In router, the value is 255
                                because no NAT board in it. This node only supports 'set' operation.
                                The return value of 'get' operation is meaningless."
                        ::= { hpnicfNATClearSession 1 }


--     NAT blacklist UserConnectLimitPara
                hpnicfNATBLConnectLimitPara OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 2 }


                hpnicfNATBLConnectHighValue OBJECT-TYPE
                        SYNTAX INTEGER (20..20000)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The maximal connection amount.  If the connection amount exceeds the
                                value, the IP address will be added into blacklist.  The IP address
                                will not be removed from blacklist until the connection amount is
                                less than the minimal connection amount."
                        DEFVAL { 500 }
                        ::= { hpnicfNATBLConnectLimitPara 1 }


                hpnicfNATBLConnectLowValue OBJECT-TYPE
                        SYNTAX INTEGER (20..20000)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The minimal connection amount."
                        DEFVAL { 200 }
                        ::= { hpnicfNATBLConnectLimitPara 2 }


                hpnicfNATBLConnectHighRate OBJECT-TYPE
                        SYNTAX INTEGER (20..21474836)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The maximal connection rate(in second).  If the connection rate exceed the
                                value, the IP address will be added into blacklist.  The IP address
                                will not be removed from blacklist until the connection rate is
                                less than the minimal connection rate."
                        DEFVAL { 250 }
                        ::= { hpnicfNATBLConnectLimitPara 3 }


                hpnicfNATBLConnectLowRate OBJECT-TYPE
                        SYNTAX INTEGER (20..21474836)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The minimal connection rate(in second)."
                        DEFVAL { 100 }
                        ::= { hpnicfNATBLConnectLimitPara 4 }


                hpnicfNATBLSpecialConnectHighRate OBJECT-TYPE
                        SYNTAX INTEGER (20..21474836)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The maximal special connection rate(in second).  When administrator
                                wants to control the speed of connection, he can selects the connection
                                speed rate or special connection rate."
                        DEFVAL { 250 }
                        ::= { hpnicfNATBLConnectLimitPara 5 }


                hpnicfNATBLSpecialConnectLowRate OBJECT-TYPE
                        SYNTAX INTEGER (20..21474836)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The minimal special connection rate(in second)."
                        DEFVAL { 100 }
                        ::= { hpnicfNATBLConnectLimitPara 6 }


--     NAT blacklist property control Enable
                hpnicfNATBLCtrlEnable OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 3 }


                hpnicfNATBLConnectSumEnable OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                enable(1),
                                disable(2)
                                }
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "Enable or disable the connection amount control."
                        DEFVAL { disable }
                        ::= { hpnicfNATBLCtrlEnable 1 }


                hpnicfNATBLConnectRateEnable OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                enable(1),
                                disable(2)
                                }
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "Enable or disable the connection rate control."
                        DEFVAL { disable }
                        ::= { hpnicfNATBLCtrlEnable 2 }


--     NAT NP aging-time
                hpnicfNATNPTimer OBJECT IDENTIFIER ::= { hpnicfNATGlobalVars 4 }


                hpnicfNATNPAgingTime OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                fast(1),
                                slow(2)
                                }
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "There are two kinds of aging time in NP.  One is fast and the other is
                                slow.  Administrator can select one or other.  The defalult is fast."
                        DEFVAL { fast }
                        ::= { hpnicfNATNPTimer 1 }


                hpnicfNATMibObjects OBJECT IDENTIFIER ::= { hpnicfNat 2 }


--                      **************MibObjects***************
-- NAT address pool table
                hpnicfNATPoolInfoTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATPoolInfoEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "NAT address pool table : The address in the pool is
                                the IP address in the global network. The pool can span
                                255 IP addresses.All address pools configured by administrator
                                are recorded in this table."
                        ::= { hpnicfNATMibObjects 1 }


                hpnicfNATPoolInfoEntry OBJECT-TYPE
                        SYNTAX HpnicfNATPoolInfoEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of NAT address pool table."
                        INDEX { hpnicfNATPoolIdx }
                        ::= { hpnicfNATPoolInfoTable 1 }


                HpnicfNATPoolInfoEntry ::=
                        SEQUENCE {
                                hpnicfNATPoolIdx
                                        Integer32,
                                hpnicfNATPoolStartIpAddr
                                        IpAddress,
                                hpnicfNATPoolEndIpAddr
                                        IpAddress,
                                hpnicfNATPoolSlotNo
                                        INTEGER,
                                hpnicfNATPoolRefCounter
                                        Integer32,
                                hpnicfNATPoolRowStatus
                                        RowStatus
                         }

                hpnicfNATPoolIdx OBJECT-TYPE
                        SYNTAX Integer32 (1..320)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Index of the address pool: The index uniquely indicates
                                the address pool in the system, and its range is from 1 to 320. "
                        ::= { hpnicfNATPoolInfoEntry 1 }


                hpnicfNATPoolStartIpAddr OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The start IP address of address pool:
                                It must be less than or equal to the end IP address."
                        ::= { hpnicfNATPoolInfoEntry 2 }


                hpnicfNATPoolEndIpAddr OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The end IP address of address pool:
                                It must be more than or equal to the start IP address."
                        ::= { hpnicfNATPoolInfoEntry 3 }


                hpnicfNATPoolSlotNo OBJECT-TYPE
                        SYNTAX INTEGER (1..14 | 255)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board to which the address pool is bound.
                                The address translation is processed by this NAT board .
                                The relation between address pool and slotNo is n:1.
                                When the address pool is not bound to the NAT board,the value is 255. "
                        ::= { hpnicfNATPoolInfoEntry 4 }


                hpnicfNATPoolRefCounter OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The counter of reference.  A address pool can be associated with
                                more than one ACL and the counter of reference is recorded in this
                                field.  When the address pool is not associated with ACL, the value is 0."
                        ::= { hpnicfNATPoolInfoEntry 5 }


                hpnicfNATPoolRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                If hpnicfNATPoolIdx, hpnicfNATPoolStartIpAddr and
                                hpnicfNATPoolEndIpAddr were provided correctly,
                                its value is changed 'active'."
                        ::= { hpnicfNATPoolInfoEntry 6 }


--     NAT Out bound Table
                hpnicfNATOutboundTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATOutboundEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "NAT out bound table: through associating ACL number,
                                address pool with NAT board, administrator can designate
                                which inside IP address can be translated to global IP
                                address in the pool and the translation is processed by
                                which NAT board."
                        ::= { hpnicfNATMibObjects 2 }


                hpnicfNATOutboundEntry OBJECT-TYPE
                        SYNTAX HpnicfNATOutboundEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of NAT out bound table."
                        INDEX { ifIndex, hpnicfNATOutboundAclNo }
                        ::= { hpnicfNATOutboundTable 1 }


                HpnicfNATOutboundEntry ::=
                        SEQUENCE {
                                hpnicfNATOutboundAclNo
                                        INTEGER,
                                hpnicfNATOutboundPoolIdx
                                        INTEGER,
                                hpnicfNATOutboundIsNoPat
                                        INTEGER,
                                hpnicfNATOutboundSlotNo
                                        Integer32,
                                hpnicfNATOutboundRowStatus
                                        RowStatus
                         }

                hpnicfNATOutboundAclNo OBJECT-TYPE
                        SYNTAX INTEGER (2000..3999)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The number of ACL(Access Control List).  When the packet accords with
                                the rule in the ACL, its source IP address will be translated to IP
                                address in Address pool."
                        ::= { hpnicfNATOutboundEntry 1 }


                hpnicfNATOutboundPoolIdx OBJECT-TYPE
                        SYNTAX INTEGER (0..320 | 2147483647)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The index of address pool in hpnicfNATPoolInfoTable.
                                when administrator doesn't use the address pool and
                                use the IP address of the interface as the address of
                                global network, the value is 2147483647."
                        ::= { hpnicfNATOutboundEntry 2 }


                hpnicfNATOutboundIsNoPat OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                true(1),
                                false(2)
                                }
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Whether to use no pat manner.  The translation of no pat
                                is that the translation doesn't use the port information of packet."
                        DEFVAL { false }
                        ::= { hpnicfNATOutboundEntry 3 }


                hpnicfNATOutboundSlotNo OBJECT-TYPE
                        SYNTAX Integer32 (1..14 | 255)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board.  In router, the value is 255 because no NAT board in it."
                        ::= { hpnicfNATOutboundEntry 4 }


                hpnicfNATOutboundRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                If hpnicfNATOutboundAclNo or hpnicfNATOutboundAclNo
                                and hpnicfNATOutboundPoolIdx were provided correctly,
                                its value is changed 'active'."
                        ::= { hpnicfNATOutboundEntry 5 }


--     NAT inside Server Table
                hpnicfNATServerTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATServerEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "NAT inside Server Table.  Administrator can configure server in the
                                private network which can provide service for people in the public network.
                                The translation map is :
                                (InsideIP     , InsidePort--> GlobalIP, GlobalPort    )
                                (InsideIP + 1 , InsidePort--> GlobalIP, GlobalPort + 1)
                                (InsideIP + 2 , InsidePort--> GlobalIP, GlobalPort + 2)
                                ...
                                ...
                                ...
                                (InsideIP+n(=InsideIP2),InsidePort--> GlobalIP,GlobalPort+n(=GlobalPort2))
                                "
                        ::= { hpnicfNATMibObjects 3 }


                hpnicfNATServerEntry OBJECT-TYPE
                        SYNTAX HpnicfNATServerEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of NAT inside server table."
                        INDEX { ifIndex, hpnicfNATServerProType, hpnicfNATServerGlobalIP, hpnicfNATServerStartGlobalPort, hpnicfNATServerVpnIndex
                                 }
                        ::= { hpnicfNATServerTable 1 }


                HpnicfNATServerEntry ::=
                        SEQUENCE {
                                hpnicfNATServerProType
                                        INTEGER,
                                hpnicfNATServerGlobalIP
                                        IpAddress,
                                hpnicfNATServerStartGlobalPort
                                        INTEGER,
                                hpnicfNATServerEndGlobalPort
                                        INTEGER,
                                hpnicfNATServerStartInsideIP
                                        IpAddress,
                                hpnicfNATServerEndInsideIP
                                        IpAddress,
                                hpnicfNATServerInsidePort
                                        INTEGER,
                                hpnicfNATServerSlotNo
                                        Integer32,
                                hpnicfNATServerVpnIndex
                                        Integer32,
                                hpnicfNATServerAclNumber
                                        Integer32,
                                hpnicfNATServerRowStatus
                                        RowStatus
                         }

                hpnicfNATServerProType OBJECT-TYPE
                        SYNTAX INTEGER (1..255)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The type of protocol: icmp(1), tcp(6), udp(17) and others."
                        ::= { hpnicfNATServerEntry 1 }


                hpnicfNATServerGlobalIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The global IP address of Inside Server."
                        ::= { hpnicfNATServerEntry 2 }


                hpnicfNATServerStartGlobalPort OBJECT-TYPE
                        SYNTAX INTEGER (0..65535)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The start global port of Inside Server.
                                When the port need not be configured, the value is 0."
                        ::= { hpnicfNATServerEntry 3 }


                hpnicfNATServerEndGlobalPort OBJECT-TYPE
                        SYNTAX INTEGER (0..65535)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The end global port of Inside Server.  When administrator doesn't
                                configure a series of inside server, the value is 0.
                                If the value is not zero, the value of (GlobalPort2-GlobalPort)
                                must be equal to (InsideIP2 - InsideIP)."
                        ::= { hpnicfNATServerEntry 4 }


                hpnicfNATServerStartInsideIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The start private IP address of Inside Server."
                        ::= { hpnicfNATServerEntry 5 }


                hpnicfNATServerEndInsideIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The end private IP address of Inside Server.  When administrator doesn't
                                configure a series of inside server, the value is 0.0.0.0."
                        ::= { hpnicfNATServerEntry 6 }


                hpnicfNATServerInsidePort OBJECT-TYPE
                        SYNTAX INTEGER (0..65535)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The private port of Inside Server."
                        ::= { hpnicfNATServerEntry 7 }


                hpnicfNATServerSlotNo OBJECT-TYPE
                        SYNTAX Integer32 (1..14 | 255)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board.  In router, the value is 255 because no NAT board in it."
                        ::= { hpnicfNATServerEntry 8 }


                hpnicfNATServerVpnIndex OBJECT-TYPE
                        SYNTAX Integer32 (0..65535)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The VPN index of server."
                        ::= { hpnicfNATServerEntry 10 }


                hpnicfNATServerAclNumber OBJECT-TYPE
                        SYNTAX Integer32 (1..10000)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Number of basic or advanced acl."
                        ::= { hpnicfNATServerEntry 11 }


                hpnicfNATServerRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                If hpnicfNATServerProType, hpnicfNATServerGlobalIP, hpnicfNATServerGlobalPort
                                and hpnicfNATServerInsideIP were provided correctly,
                                its value is changed 'active'."
                        ::= { hpnicfNATServerEntry 12 }


--     NAT Time out Table
                hpnicfNATTimeOutTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATTimeOutEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "NAT Time out Table. When a connection is established,
                                if there are not any actives in this connection between
                                the time, it will be disconnected."
                        ::= { hpnicfNATMibObjects 4 }


                hpnicfNATTimeOutEntry OBJECT-TYPE
                        SYNTAX HpnicfNATTimeOutEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of NAT Time out Table."
                        INDEX { hpnicfNATTimeOutProtocol }
                        ::= { hpnicfNATTimeOutTable 1 }


                HpnicfNATTimeOutEntry ::=
                        SEQUENCE {
                                hpnicfNATTimeOutProtocol
                                        INTEGER,
                                hpnicfNATTimeOutTimeValue
                                        INTEGER
                         }

                hpnicfNATTimeOutProtocol OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                tcp(1),
                                udp(2),
                                icmp(3),
                                pptp(4),
                                dns(5),
                                tcpFin(6),
                                tcpSyn(7),
                                ftpCtrl(8),
                                ftpData(9)
                                }
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The type of protocol."
                        ::= { hpnicfNATTimeOutEntry 1 }


                hpnicfNATTimeOutTimeValue OBJECT-TYPE
                        SYNTAX INTEGER (10..86400)
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "The time of time out."
                        ::= { hpnicfNATTimeOutEntry 2 }


--     NAT blacklist Enable(start/stop) Table
                hpnicfNATBLEnableTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATBLEnableEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "NAT blacklist function Enable Table.  In this table, administrator can decide
                                whether to start the function of blacklist in the NAT board.
                                When the function of blacklist can't be set for a NAT board,
                                the number of NAT board is 256."
                        ::= { hpnicfNATMibObjects 5 }


                hpnicfNATBLEnableEntry OBJECT-TYPE
                        SYNTAX HpnicfNATBLEnableEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of NAT blacklist Enable Table."
                        INDEX { hpnicfNATBLEnableSlotNo }
                        ::= { hpnicfNATBLEnableTable 1 }


                HpnicfNATBLEnableEntry ::=
                        SEQUENCE {
                                hpnicfNATBLEnableSlotNo
                                        Integer32,
                                hpnicfNATBLEnable
                                        INTEGER
                         }

                hpnicfNATBLEnableSlotNo OBJECT-TYPE
                        SYNTAX Integer32 (1..14 | 255)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board.
                                When the function of blacklist can't be set for a NAT board,
                                the value is 255."
                        ::= { hpnicfNATBLEnableEntry 1 }


                hpnicfNATBLEnable OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                enable(1),
                                disable(2)
                                }
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "Start or stop of function of balcklist."
                        DEFVAL { disable }
                        ::= { hpnicfNATBLEnableEntry 2 }


--     NAT special IP ConnectLimitPara Table
                hpnicfNATBLIPConnectLimitParaTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATBLIPConnectLimitParaEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The table of connection control of special IP address.  In this table, administrator can decide to
                                adopt which manner to control the connection which IP address is the
                                special IP address."
                        ::= { hpnicfNATMibObjects 6 }


                hpnicfNATBLIPConnectLimitParaEntry OBJECT-TYPE
                        SYNTAX HpnicfNATBLIPConnectLimitParaEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of the table of connection control of special IP address."
                        INDEX { hpnicfNATBLIPConnectLimitParaIP }
                        ::= { hpnicfNATBLIPConnectLimitParaTable 1 }


                HpnicfNATBLIPConnectLimitParaEntry ::=
                        SEQUENCE {
                                hpnicfNATBLIPConnectLimitParaIP
                                        IpAddress,
                                hpnicfNATBLIPConnectHighValue
                                        INTEGER,
                                hpnicfNATBLIPConnectLowValue
                                        INTEGER,
                                hpnicfNATBLIPUseSpecialConnectRate
                                        INTEGER,
                                hpnicfNATBLIPConnectLimitRowStatus
                                        RowStatus
                         }

                hpnicfNATBLIPConnectLimitParaIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The special IP address.  The IP is private IP address."
                        ::= { hpnicfNATBLIPConnectLimitParaEntry 1 }


                hpnicfNATBLIPConnectHighValue OBJECT-TYPE
                        SYNTAX INTEGER (20..20000)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The maximal connection amount.  It must be more than the minimal connection amount."
                        DEFVAL { 500 }
                        ::= { hpnicfNATBLIPConnectLimitParaEntry 2 }


                hpnicfNATBLIPConnectLowValue OBJECT-TYPE
                        SYNTAX INTEGER (20..20000)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "The minimal connection amount.  It must be less than the maximal connection amount."
                        DEFVAL { 200 }
                        ::= { hpnicfNATBLIPConnectLimitParaEntry 3 }


                hpnicfNATBLIPUseSpecialConnectRate OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                true(1),
                                false(2)
                                }
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Whether to use the special connection rate control."
                        DEFVAL { false }
                        ::= { hpnicfNATBLIPConnectLimitParaEntry 4 }


                hpnicfNATBLIPConnectLimitRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                 If hpnicfNATBLIPConnectHighValue, hpnicfNATBLIPConnectLowValue
                                 and hpnicfNATBLIPUseSpecialConnectRate were provided correctly,
                                 its value is changed 'active'."
                        ::= { hpnicfNATBLIPConnectLimitParaEntry 5 }


--     NAT blacklist Manager Table
                hpnicfNATBLManagerTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATBLManagerEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The management table of blacklist.
                                The table doesn't support 'getnext' operation."
                        ::= { hpnicfNATMibObjects 7 }


                hpnicfNATBLManagerEntry OBJECT-TYPE
                        SYNTAX HpnicfNATBLManagerEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of management table of blacklist."
                        INDEX { hpnicfNATBLIpAdress, hpnicfNATBLSlotNo }
                        ::= { hpnicfNATBLManagerTable 1 }


                HpnicfNATBLManagerEntry ::=
                        SEQUENCE {
                                hpnicfNATBLIpAdress
                                        IpAddress,
                                hpnicfNATBLSlotNo
                                        INTEGER,
                                hpnicfNATBLConSum
                                        Integer32,
                                hpnicfNATBLConSpd
                                        INTEGER
                         }

                hpnicfNATBLIpAdress OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The IP address of entry of blacklist."
                        ::= { hpnicfNATBLManagerEntry 1 }


                hpnicfNATBLSlotNo OBJECT-TYPE
                        SYNTAX INTEGER (1..14)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board."
                        ::= { hpnicfNATBLManagerEntry 2 }


                hpnicfNATBLConSum OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The connection amount."
                        ::= { hpnicfNATBLManagerEntry 3 }


                hpnicfNATBLConSpd OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                red(1),
                                yellow(2),
                                green(3)
                                }
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The state of connection rate:
                                red(1)   : the connection rate is above the upper limit.
                                yellow(2): the connection rate is between the upper and lower limit.
                                green(3) : the conneciton rate is below the lower limit."
                        ::= { hpnicfNATBLManagerEntry 4 }


--     NAT Statistics Info
                hpnicfNATStatTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATStatEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The statistics information table of NAT module."
                        ::= { hpnicfNATMibObjects 8 }


                hpnicfNATStatEntry OBJECT-TYPE
                        SYNTAX HpnicfNATStatEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of statistics information table of NAT module."
                        INDEX { hpnicfNATStatNATBoardNo }
                        ::= { hpnicfNATStatTable 1 }


                HpnicfNATStatEntry ::=
                        SEQUENCE {
                                hpnicfNATStatNATBoardNo
                                        Integer32,
                                hpnicfNATStatActiveTblCount
                                        Counter32,
                                hpnicfNATStatActiveTblCountInNP
                                        Counter32,
                                hpnicfNATStatActiveNatTblCount
                                        Counter32,
                                hpnicfNATStatActiveSvrTblCount
                                        Counter32,
                                hpnicfNATStatActivePoolTblCount
                                        Counter32,
                                hpnicfNATStatNumOfUsedPort
                                        Counter32,
                                hpnicfNATStatNumOfGoodPkt
                                        Counter32,
                                hpnicfNATStatNumOfBadPkt
                                        Counter32,
                                hpnicfNATStaticSessionCount
                                        Integer32,
                                hpnicfNATFragmentSessionCount
                                        Integer32,
                                hpnicfNATSequenceSessionCount
                                        Integer32,
                                hpnicfNATLogCount
                                        Integer32
                         }

                hpnicfNATStatNATBoardNo OBJECT-TYPE
                        SYNTAX Integer32 (1..14 | 255)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The number of NAT board.  In router, the value is 255 because no NAT board in it."
                        ::= { hpnicfNATStatEntry 1 }


                hpnicfNATStatActiveTblCount OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active PAT session count In software."
                        ::= { hpnicfNATStatEntry 2 }


                hpnicfNATStatActiveTblCountInNP OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active PAT session count In NP."
                        ::= { hpnicfNATStatEntry 3 }


                hpnicfNATStatActiveNatTblCount OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active NO-PAT session count."
                        ::= { hpnicfNATStatEntry 4 }


                hpnicfNATStatActiveSvrTblCount OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active SERVER session count."
                        ::= { hpnicfNATStatEntry 5 }


                hpnicfNATStatActivePoolTblCount OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active address pool session count."
                        ::= { hpnicfNATStatEntry 6 }


                hpnicfNATStatNumOfUsedPort OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The number of used port in NP."
                        ::= { hpnicfNATStatEntry 7 }


                hpnicfNATStatNumOfGoodPkt OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The number of good packet in NP."
                        ::= { hpnicfNATStatEntry 8 }


                hpnicfNATStatNumOfBadPkt OBJECT-TYPE
                        SYNTAX Counter32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The number of bad packet in NP."
                        ::= { hpnicfNATStatEntry 9 }


                hpnicfNATStaticSessionCount OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active STATIC session count."
                        ::= { hpnicfNATStatEntry 10 }


                hpnicfNATFragmentSessionCount OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active fragment packet session count."
                        ::= { hpnicfNATStatEntry 11 }


                hpnicfNATSequenceSessionCount OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Active session table count hash by private IP."
                        ::= { hpnicfNATStatEntry 12 }


                hpnicfNATLogCount OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "Buffered Nat LOG table count."
                        ::= { hpnicfNATStatEntry 13 }


--     nat session
                hpnicfNATSessionTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATSessionEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The nat session information table.  There is the address translation information in the table.
                                The sketch map of connection is
                                pc1(private Net)------------------>NAT Device ------------------>Server(public Net)
                                InsideIP, InsidePort---->translating to GlobalIP, GlobalPort------>PeerIP, PeerPort.
                                "
                        ::= { hpnicfNATMibObjects 9 }


                hpnicfNATSessionEntry OBJECT-TYPE
                        SYNTAX HpnicfNATSessionEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of session information table."
                        INDEX { hpnicfNATSessionHashNumber, hpnicfNATSessionProtocol, hpnicfNATSessionInsideIP, hpnicfNATSessionInsidePort, hpnicfNATSessionPeerIP,
                                hpnicfNATSessionPeerPort, hpnicfNATSessionVpnIndex }
                        ::= { hpnicfNATSessionTable 1 }


                HpnicfNATSessionEntry ::=
                        SEQUENCE {
                                hpnicfNATSessionHashNumber
                                        Integer32,
                                hpnicfNATSessionProtocol
                                        INTEGER,
                                hpnicfNATSessionGlobalIP
                                        IpAddress,
                                hpnicfNATSessionGlobalPort
                                        Integer32,
                                hpnicfNATSessionInsideIP
                                        IpAddress,
                                hpnicfNATSessionInsidePort
                                        Integer32,
                                hpnicfNATSessionPeerIP
                                        IpAddress,
                                hpnicfNATSessionPeerPort
                                        Integer32,
                                hpnicfNATSessionVpnIndex
                                        Integer32,
                                hpnicfNATSessionTTL
                                        Integer32,
                                hpnicfNATSessionStatus
                                        Integer32,
                                hpnicfNATSessionLeftTime
                                        TimeTicks
                         }

                hpnicfNATSessionHashNumber OBJECT-TYPE
                        SYNTAX Integer32 (1..300000)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The row number of the hash table."
                        ::= { hpnicfNATSessionEntry 1 }


                hpnicfNATSessionProtocol OBJECT-TYPE
                        SYNTAX INTEGER (1..255)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The protocol type of session."
                        ::= { hpnicfNATSessionEntry 2 }


                hpnicfNATSessionGlobalIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The global IP of session. "
                        ::= { hpnicfNATSessionEntry 3 }


                hpnicfNATSessionGlobalPort OBJECT-TYPE
                        SYNTAX Integer32 (0..65535)
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The global port of session."
                        ::= { hpnicfNATSessionEntry 4 }


                hpnicfNATSessionInsideIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The Inside IP of session."
                        ::= { hpnicfNATSessionEntry 5 }


                hpnicfNATSessionInsidePort OBJECT-TYPE
                        SYNTAX Integer32 (0..65535)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The Inside port of session."
                        ::= { hpnicfNATSessionEntry 6 }


                hpnicfNATSessionPeerIP OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The peer IP of session."
                        ::= { hpnicfNATSessionEntry 7 }


                hpnicfNATSessionPeerPort OBJECT-TYPE
                        SYNTAX Integer32 (0..65535)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The peer port of session."
                        ::= { hpnicfNATSessionEntry 8 }


                hpnicfNATSessionVpnIndex OBJECT-TYPE
                        SYNTAX Integer32 (0..255)
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The VPN index of session."
                        ::= { hpnicfNATSessionEntry 9 }


                hpnicfNATSessionTTL OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The TTL of session."
                        ::= { hpnicfNATSessionEntry 10 }


                hpnicfNATSessionStatus OBJECT-TYPE
                        SYNTAX Integer32
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The status of session."
                        ::= { hpnicfNATSessionEntry 11 }


                hpnicfNATSessionLeftTime OBJECT-TYPE
                        SYNTAX TimeTicks
                        MAX-ACCESS read-only
                        STATUS current
                        DESCRIPTION
                                "The Left time of session."
                        ::= { hpnicfNATSessionEntry 12 }


                hpnicfNATStaticConfTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATStaticConfEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Static Nat configuration table."
                        ::= { hpnicfNATMibObjects 10 }


                hpnicfNATStaticConfEntry OBJECT-TYPE
                        SYNTAX HpnicfNATStaticConfEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Configure static Nat."
                        INDEX { hpnicfNATStaticInsideIp }
                        ::= { hpnicfNATStaticConfTable 1 }


                HpnicfNATStaticConfEntry ::=
                        SEQUENCE {
                                hpnicfNATStaticInsideIp
                                        IpAddress,
                                hpnicfNATStaticGlobalIp
                                        IpAddress,
                                hpnicfNATStaticRowStatus
                                        RowStatus
                         }

                hpnicfNATStaticInsideIp OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Inside ip address."
                        ::= { hpnicfNATStaticConfEntry 1 }


                hpnicfNATStaticGlobalIp OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Global Ip address."
                        ::= { hpnicfNATStaticConfEntry 2 }


                hpnicfNATStaticRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                If hpnicfNATStaticInsideIp and hpnicfNATStaticGlobalIp were provided correctly,
                                its value is changed 'active'."
                        ::= { hpnicfNATStaticConfEntry 3 }


                hpnicfNATStaticEnableTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATStaticEnableEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Active the static Nat on interface."
                        ::= { hpnicfNATMibObjects 11 }


                hpnicfNATStaticEnableEntry OBJECT-TYPE
                        SYNTAX HpnicfNATStaticEnableEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Active the static Nat on interface."
                        INDEX { ifIndex }
                        ::= { hpnicfNATStaticEnableTable 1 }


                HpnicfNATStaticEnableEntry ::=
                        SEQUENCE {
                                hpnicfNATStaticEnable
                                        INTEGER
                         }

                hpnicfNATStaticEnable OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                disable(0),
                                enable(1)
                                }
                        MAX-ACCESS read-write
                        STATUS current
                        DESCRIPTION
                                "Enable/disable the static Nat on the interface(hpnicfNatStaticEnableIfIndex).
                                disable  (0)
                                enable   (1)
                                                            "
                        ::= { hpnicfNATStaticEnableEntry 2 }


                hpnicfNATDnsMapTable OBJECT-TYPE
                        SYNTAX SEQUENCE OF HpnicfNATDnsMapEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "This table is used to set mapping of DNS."
                        ::= { hpnicfNATMibObjects 12 }


                hpnicfNATDnsMapEntry OBJECT-TYPE
                        SYNTAX HpnicfNATDnsMapEntry
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "The entry of hpnicfNATDnsMapTable."
                        INDEX { hpnicfNATDnsMapDomainName }
                        ::= { hpnicfNATDnsMapTable 1 }


                HpnicfNATDnsMapEntry ::=
                        SEQUENCE {
                                hpnicfNATDnsMapDomainName
                                        DisplayString,
                                hpnicfNATDnsMapGlobalIp
                                        IpAddress,
                                hpnicfNATDnsMapGlobalPort
                                        Integer32,
                                hpnicfNATDnsMapProtocolType
                                        INTEGER,
                                hpnicfNATDnsMapLastUseTime
                                        TimeTicks,
                                hpnicfNATDnsMapRowStatus
                                        RowStatus
                         }

                hpnicfNATDnsMapDomainName OBJECT-TYPE
                        SYNTAX DisplayString
                        MAX-ACCESS not-accessible
                        STATUS current
                        DESCRIPTION
                                "Domain name."
                        ::= { hpnicfNATDnsMapEntry 1 }


                hpnicfNATDnsMapGlobalIp OBJECT-TYPE
                        SYNTAX IpAddress
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Global IP address."
                        ::= { hpnicfNATDnsMapEntry 2 }


                hpnicfNATDnsMapGlobalPort OBJECT-TYPE
                        SYNTAX Integer32 (1..65535)
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                " Global port number."
                        ::= { hpnicfNATDnsMapEntry 3 }


                hpnicfNATDnsMapProtocolType OBJECT-TYPE
                        SYNTAX INTEGER
                                {
                                any(0),
                                typeTCP(1),
                                typeUDP(2)
                                }
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "TCP   Transmission Control Protocol.
                                UDP   User Datagram Protocol."
                        ::= { hpnicfNATDnsMapEntry 4 }


                hpnicfNATDnsMapLastUseTime OBJECT-TYPE
                        SYNTAX TimeTicks
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Its value is the time that the device uses
                                from startup to last use 'Dns Map'record.
                                If the value is 0,the device never use this
                                record."
                        ::= { hpnicfNATDnsMapEntry 5 }


                hpnicfNATDnsMapRowStatus OBJECT-TYPE
                        SYNTAX RowStatus
                        MAX-ACCESS read-create
                        STATUS current
                        DESCRIPTION
                                "Only support 'destroy' and 'createAndGo'.
                                If hpnicfNATDnsMapDomainName, hpnicfNATDnsMapGlobalIp
                                and hpnicfNATDnsMapGlobalPortor hpnicfNATDnsMapDomainName,
                                hpnicfNATDnsMapGlobalIp, hpnicfNATDnsMapGlobalPort and
                                hpnicfNATDnsMapProtocolType were provided correctly,
                                its value is changed 'active'."
                        ::= { hpnicfNATDnsMapEntry 6 }



        END
