-- Copyright 1999 MITEL Corporation
-- All rights reserved.
-- This MITEL SNMP Management Information Base Specification
-- (Specification) embodies MITEL's confidential and
-- proprietary intellectual property. MITEL retains all
-- title and ownership in the Specification, including any
-- revisions.

-- This Specification is supplied "AS IS", and MITEL makes
-- no warranty, either express or implied, as to the use,
-- operation, condition, or performance of the Specification.


MITEL-IPFILTER-MIB
	DEFINITIONS ::= BEGIN

IMPORTS
	MODULE-IDENTITY, OBJECT-TYPE, enterprises,
    Integer32, IpAddress, NOTIFICATION-TYPE
        FROM SNMPv2-SMI
    NOTIFICATION-GROUP
    	FROM SNMPv2-CONF
    ifIndex
    	FROM RFC1213-MIB
    RowStatus
        FROM SNMPv2-TC;

mitelIpGrpFilterGroup      MODULE-IDENTITY
       LAST-UPDATED      "200303240925Z"
       ORGANIZATION      "MITEL Corporation"
       CONTACT-INFO      "Standards Group,
                          Postal:    MITEL Corporation
                          350 Legget Drive, PO Box 13089
                          Kanata, Ontario
                          Canada  K2K 1X3
                          Tel: +1 613 592 2122
                          Fax: +1 613 592 4784
                          E-mail: std@mitel.com"
       DESCRIPTION       "The MITEL IP MIB module."
       REVISION          "200303240925Z"
           DESCRIPTION   "Convert to SMIv2"
       REVISION          "199903010000Z"
           DESCRIPTION   "IP MIB Version 1.0"
::={ mitelRouterIpGroup 1 }

mitel			   OBJECT IDENTIFIER ::= { enterprises 1027}
mitelProprietary 	   OBJECT IDENTIFIER ::= { mitel 4}
mitelPropIpNetworking      OBJECT IDENTIFIER ::= { mitelProprietary 8 }
mitelIpNetRouter           OBJECT IDENTIFIER ::= { mitelPropIpNetworking 1 }
mitelRouterIpGroup 	   OBJECT IDENTIFIER ::= { mitelIpNetRouter 1}

-- NOTIFICATIONS
mitelIdentification 	  OBJECT IDENTIFIER ::= { mitel 1}
mitelIdCallServers 	  OBJECT IDENTIFIER ::= { mitelIdentification 2}
mitelIdCsIpera1000 	  OBJECT IDENTIFIER ::= { mitelIdCallServers 4}

-- ************************************
-- The mitelIPGroup subtree...
-- ************************************

mitelFltGrpAccessRestrictEnable       OBJECT-TYPE
    SYNTAX        INTEGER {
			enabled(1),
			disabled(2)
			}
    MAX-ACCESS        read-write
    STATUS           current
    DESCRIPTION       "This object indicates if the IP Access
		Restriction table is being used to filter
		or forward packets."
    ::= { mitelIpGrpFilterGroup 1 }

--
-- The IP Group Logical Port configuration Table
--

mitelFltGrpLogicalTable OBJECT-TYPE
	SYNTAX SEQUENCE OF MitelIpGrpLogicalEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table containing information about logical IP LAN
		destinations."
	::= { mitelIpGrpFilterGroup 2 }

mitelFltGrpLogicalEntry OBJECT-TYPE
	SYNTAX MitelIpGrpLogicalEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"Each entry of this table contains information about
		a specific logical interface toa local area network.
		Each logical LAN can support routing or bridging
		functions, these are considered virtual interfaces."
	INDEX {ifIndex}
	::= { mitelFltGrpLogicalTable 1 }

MitelIpGrpLogicalEntry ::=
	    SEQUENCE {
		mitelLogTableAccessDef
		  INTEGER,
		mitelLogTableAllowSrcRouting
		  INTEGER
		}

mitelLogTableAccessDef OBJECT-TYPE
	SYNTAX INTEGER {
			filter(1),
			forward(2)
			}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"This object indicates what default access rights
		will apply to IP packets that do not match any of the
		access restrictions."
	::= { mitelFltGrpLogicalEntry 1 }

mitelLogTableAllowSrcRouting OBJECT-TYPE
	SYNTAX INTEGER {
			enabled(1),
			disabled(2)
			}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"This indicates whether IP datagrams received on this
		interface and containing a source route option are to
		be discarded or accepted."
	DEFVAL { 2 }
	::= { mitelFltGrpLogicalEntry 2 }

--
--  The IP Access Restriction Table
--

mitelFltGrpAccessRestrictTable OBJECT-TYPE
	SYNTAX SEQUENCE OF MitelFltGrpAccessRestrictEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"The IP Access REstriction configuration table."
	::= { mitelIpGrpFilterGroup 3 }

mitelFltGrpAccessRestrictEntry OBJECT-TYPE
	SYNTAX MitelFltGrpAccessRestrictEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"Contains information about a single IP Access
		filter."
	INDEX { mitelAccResTableIfIndex,  mitelAccResTableOrder }
	::= { mitelFltGrpAccessRestrictTable 1 }

MitelFltGrpAccessRestrictEntry ::=
  	SEQUENCE {
		mitelAccResTableIfIndex
		  Integer32,
		mitelAccResTableOrder
		  Integer32,
		mitelAccResTableType
		  INTEGER,
		mitelAccResTableSrcAddrFrom
		  IpAddress,
		mitelAccResTableSrcAddrTo
		  IpAddress,
		mitelAccResTableSrcAddrOutsideRange
		  INTEGER,
		mitelAccResTableDstAddrFrom
		  IpAddress,
		mitelAccResTableDstAddrTo
		  IpAddress,
		mitelAccResTableDstAddrOutsideRange
		  INTEGER,
		mitelAccResTableProtocolFrom
		  INTEGER,
		mitelAccResTableProtocolTo
		  INTEGER,
		mitelAccResTableProtocolOutsideRange
		  INTEGER,
		mitelAccResTableSrcPortFrom
		  INTEGER,
		mitelAccResTableSrcPortTo
		  INTEGER,
		mitelAccResTableSrcPortOutsideRange
		  INTEGER,
		mitelAccResTableDstPortFrom
		  INTEGER,
		mitelAccResTableDstPortTo
		  INTEGER,
		mitelAccResTableDstPortOutsideRange
		  INTEGER,
		mitelAccResTableTcpSyn
		  INTEGER,
		mitelAccResTableTcpAck
		  INTEGER,
		mitelAccResTableTcpFin
		  INTEGER,
		mitelAccResTableTcpRst
		  INTEGER,
		mitelAccResTableMatchIn
		  INTEGER,
		mitelAccResTableMatchOut
		  INTEGER,
		mitelAccResTableLog
		  INTEGER,
		mitelAccResTableTrap
		  INTEGER,
		mitelAccResTableStatus
		  RowStatus,
		mitelAccResTableCount
		  Integer32
		}

mitelAccResTableIfIndex OBJECT-TYPE
	SYNTAX Integer32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"Identifies the destination interface to which this
		filter apply."
	::= { mitelFltGrpAccessRestrictEntry 1 }

mitelAccResTableOrder OBJECT-TYPE
	SYNTAX Integer32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"Specifies the order that the filters on a destination
		are searched."
	::= { mitelFltGrpAccessRestrictEntry 2 }

mitelAccResTableType OBJECT-TYPE
	SYNTAX INTEGER {
		filter(1),
		forward(2),
		neither(3)
		}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"This object indicates what action should be taken
		when a match on this entry has occurred."
	::= { mitelFltGrpAccessRestrictEntry 3 }

mitelAccResTableSrcAddrFrom OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                "Defines the lower bound of the source IP address range.
	    When determining address ranges, these four values are
	    sequential: 255.255.255.254, 255.255.255.255, 0.0.0.0, and
	    0.0.0.1."
        ::= { mitelFltGrpAccessRestrictEntry 4 }


mitelAccResTableSrcAddrTo OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                "Defines the upper bound of the source IP address range.
	    When determining address ranges, these four values are
	    sequential: 255.255.255.254, 255.255.255.255, 0.0.0.0, and
	    0.0.0.1."
        ::= { mitelFltGrpAccessRestrictEntry 5 }

mitelAccResTableSrcAddrOutsideRange OBJECT-TYPE
    SYNTAX INTEGER {
   		   enabled(1),
		   disabled(2)
		   }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
   	    "This indicates whether action is taken on values outside of
	    the source IP address range or within that range."
    DEFVAL { 2 }
    ::= {  mitelFltGrpAccessRestrictEntry 6 }

mitelAccResTableDstAddrFrom OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                "Defines the lower bound of the destination IP address range.
	    When determining address ranges, these four values are
	    sequential: 255.255.255.254, 255.255.255.255, 0.0.0.0, and
	    0.0.0.1."
        ::= { mitelFltGrpAccessRestrictEntry 7 }


mitelAccResTableDstAddrTo OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                "Defines the upper bound of the destination IP address range.
	    When determining address ranges, these four values are
	    sequential: 255.255.255.254, 255.255.255.255, 0.0.0.0, and
	    0.0.0.1."
        ::= { mitelFltGrpAccessRestrictEntry 8 }


mitelAccResTableDstAddrOutsideRange OBJECT-TYPE
    SYNTAX INTEGER {
   		   enabled(1),
		   disabled(2)
		   }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
   	    "This indicates whether action is taken on values outside of
	    the destination IP address range or within that range."
    DEFVAL { 2 }
    ::= {  mitelFltGrpAccessRestrictEntry 9 }

mitelAccResTableProtocolFrom OBJECT-TYPE
    SYNTAX  INTEGER (0..255)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the lower bound of the protocol ID range. When
    determining protocol ID ranges, these four values are
    sequential: 254, 255, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 10 }

mitelAccResTableProtocolTo OBJECT-TYPE
    SYNTAX  INTEGER (0..255)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the upper bound of the protocol ID range. When
    determining protocol ID ranges, these four values are
    sequential: 254, 255, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 11 }

mitelAccResTableProtocolOutsideRange OBJECT-TYPE
    SYNTAX INTEGER {
   		   enabled(1),
		   disabled(2)
		   }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
   	    "This indicates whether action is taken on values outside of
	    the protocol ID range or within that range."
    DEFVAL { 2 }
    ::= {  mitelFltGrpAccessRestrictEntry 12 }

mitelAccResTableSrcPortFrom OBJECT-TYPE
    SYNTAX  INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the lower bound of the source port number range. When
    determining port number ranges, these four values are
    sequential: 65534, 65535, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 13 }

mitelAccResTableSrcPortTo OBJECT-TYPE
    SYNTAX  INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the upper bound of the source port number range. When
    determining port number ranges, these four values are
    sequential: 65534, 65535, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 14 }

mitelAccResTableSrcPortOutsideRange OBJECT-TYPE
    SYNTAX INTEGER {
   		   enabled(1),
		   disabled(2)
		   }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
   	    "This indicates whether action is taken on values outside of
	    the source port number range or within that range."
    DEFVAL { 2 }
    ::= {  mitelFltGrpAccessRestrictEntry 15 }

mitelAccResTableDstPortFrom OBJECT-TYPE
    SYNTAX  INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the lower bound of the destination port number range.
    When determining port number ranges, these four values are
    sequential: 65534, 65535, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 16 }

mitelAccResTableDstPortTo OBJECT-TYPE
    SYNTAX  INTEGER (0..65535)
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Defines the upper bound of the destination port number range.
    When determining port number ranges, these four values are
    sequential: 65534, 65535, 0, and 1."
    ::= { mitelFltGrpAccessRestrictEntry 17 }

mitelAccResTableDstPortOutsideRange OBJECT-TYPE
    SYNTAX INTEGER {
   		   enabled(1),
		   disabled(2)
		   }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
   	    "This indicates whether action is taken on values outside of
	    the destination port number range or within that range."
    DEFVAL { 2 }
    ::= {  mitelFltGrpAccessRestrictEntry 18 }

mitelAccResTableTcpSyn OBJECT-TYPE
    SYNTAX  INTEGER {
               any(1),
               zero(2),
       one(3)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "TCP header, synchronize sequence numbers flag."
    ::= { mitelFltGrpAccessRestrictEntry 19 }


mitelAccResTableTcpAck OBJECT-TYPE
    SYNTAX  INTEGER {
               any(1),
               zero(2),
       one(3)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "TCP header, acknowledgment flag."
    ::= { mitelFltGrpAccessRestrictEntry 20 }


mitelAccResTableTcpFin OBJECT-TYPE
    SYNTAX  INTEGER {
               any(1),
               zero(2),
       one(3)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "TCP header, finish flag."
    ::= { mitelFltGrpAccessRestrictEntry 21 }


mitelAccResTableTcpRst OBJECT-TYPE
    SYNTAX  INTEGER {
               any(1),
               zero(2),
       one(3)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "TCP header, reset flag."
    ::= { mitelFltGrpAccessRestrictEntry 22 }


mitelAccResTableMatchIn OBJECT-TYPE
    SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Indicates whether the filter applies to datagrams received
    on the interface. Normally, either mitelAccResTableMatchIn or
    mitelAccResTableMatchOut should be enabled."
    ::= { mitelFltGrpAccessRestrictEntry 23 }


mitelAccResTableMatchOut OBJECT-TYPE
    SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Indicates whether the filter applies to datagrams
    transmitted on the interface. Normally, either
    mitelAccResTableMatchIn or mitelAccResTableMatchOut should be enabled."
    ::= { mitelFltGrpAccessRestrictEntry 24 }


mitelAccResTableLog OBJECT-TYPE
    SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Controls whether a log message is to be produced each time
    a datagram matches the filter."
    ::= { mitelFltGrpAccessRestrictEntry 25 }


mitelAccResTableTrap OBJECT-TYPE
    SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
            }
    MAX-ACCESS  read-write
    STATUS  current
    DESCRIPTION
            "Controls the generation of SNMP trap."
    ::= { mitelFltGrpAccessRestrictEntry 26 }

mitelAccResTableStatus OBJECT-TYPE
    SYNTAX  RowStatus
    MAX-ACCESS  read-create
    STATUS  current
    DESCRIPTION
            "The current status of this entry."
    REFERENCE
            "Textual Conventions for Version 2 of the
            Simple Network Management Protocol (RFC 1443)."
    ::= { mitelFltGrpAccessRestrictEntry 27 }


mitelAccResTableCount OBJECT-TYPE
    SYNTAX  Integer32
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
            "Records the number of datagrams that matched this
    instance."
    ::= { mitelFltGrpAccessRestrictEntry 28 }

--
--  Notification Definitions
--
mitelIpera1000Notifications NOTIFICATION-GROUP
    NOTIFICATIONS	{ mitelAccResTableTrapped }
    STATUS            current
    DESCRIPTION       "Call Server Ipera 1000 Notifications."
    ::= { mitelIdCsIpera1000 0 }

mitelAccResTableTrapped     NOTIFICATION-TYPE
    OBJECTS {
				mitelAccResTableIfIndex,
				mitelAccResTableOrder
    }
    STATUS          current
    DESCRIPTION     "The mitelAccResTableTrapped trap indicates that a datagram has
					matched a mitelFltGrpAccessRestrictEntry that has the
					mitelAccResTableTrap enabled."
 ::= { mitelIpera1000Notifications 402 }

END -- MITEL-IPFILTER-MIB
