-- *****************************************************************
-- MY-ACL-MIB.mib:  My Acl MIB file
--
-- $Copyright$
-- 
-- *****************************************************************
--

MY-ACL-MIB DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY,
        OBJECT-TYPE,
        NOTIFICATION-TYPE,
        Integer32,
        Counter32
                FROM SNMPv2-SMI
        TruthValue,
        DisplayString,
        RowStatus,
        MacAddress
                FROM SNMPv2-TC
        MODULE-COMPLIANCE,
        OBJECT-GROUP
                FROM SNMPv2-CONF
        IfIndex,
        ConfigStatus
                FROM MY-TC        
        myMgmt
                FROM MY-SMI;

myAclMIB MODULE-IDENTITY
        LAST-UPDATED "200203200000Z"
        ORGANIZATION "$Company$"
        CONTACT-INFO
                " 
                Tel: $Telephone$ 

                E-mail: $E-mail$"
        DESCRIPTION
                "This module defines my acl mibs."
        REVISION      "200203200000Z"
        DESCRIPTION
                "Initial version of this MIB module."
        ::= { myMgmt 17}

--ACLNO ::= TEXTUAL-CONVENTION
--    STATUS current
--    DESCRIPTION
--        " Serial number of Access control list entry, Access control list entry of 
--          bigger ACL number will have  higher implement priority. One ACL number 
--          corresponding to only one entry."
--    SYNTAX      INTEGER

-- Access control list
myAclMIBObjects OBJECT IDENTIFIER ::= { myAclMIB 1 }


myAclTable OBJECT-TYPE
        SYNTAX SEQUENCE OF MyAclEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
               "A table of acl request entries."
        ::= { myAclMIBObjects 1 }
    
myAclEntry OBJECT-TYPE
        SYNTAX MyAclEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
                "Entry contains acl name and mode."  
        INDEX { myAclName }
        ::= { myAclTable 1 }
        
MyAclEntry ::= 
        SEQUENCE {
                myAclName DisplayString,
                myAclMode INTEGER,
                myAclEntryStatus ConfigStatus
        } 
           
myAclName OBJECT-TYPE
        SYNTAX DisplayString(SIZE (1..32))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Access list name of this entry.This value is unique for every entry
            When this string be used as an index,Value of a sub-identifier equal 
            ASCII value of corresponding character(first sub-identifier corresponds
            first character of string). The number of sub-identifiers of this string
            must be 32,If length of string is less than 32 the sub-identifier(0x0) 
            will be filled in tail."
        ::= { myAclEntry  1 }
                
myAclMode OBJECT-TYPE
        SYNTAX INTEGER{
               acl-ip-standard(1),   
               acl-ip-extended(2),   
               acl-mac-extended(3),  
               acl-expert(4)        
            }
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
               " Config mode of this ACL"
        ::= { myAclEntry 2 }    

myAclEntryStatus OBJECT-TYPE
        SYNTAX ConfigStatus
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "Status of this entry, set its value to invalid will delete this entry.
            set its value to valid has no effect."
        ::= { myAclEntry 3 }

myAceTable OBJECT-TYPE
        SYNTAX SEQUENCE OF MyAceEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
               "A table of ACE request entries."
        ::= { myAclMIBObjects 2 }
    
myAceEntry OBJECT-TYPE
        SYNTAX MyAceEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
                "Entry contains ace parameters and results.
                
                A management station wishing to create an entry should
                first generate a pseudo-random serial number to be used
                as the index to a ace entry of a acl.  The station should
                then create the associated entry.
                
                We must set all specifies valid values for the 
                non-defaulted configuration objects, certainly, it should
                also modify  the default values for the other configuration 
                objects if the defaults are not appropriate.
                                       
                Once the appropriate instance of all the configuration
                objects have been created or set,the row status should be set
                to active to initiate the request."  
        INDEX { myAceAclName,myAceIndex }
        ::= { myAceTable 1 }
        
MyAceEntry ::= 
        SEQUENCE {
                myAceAclName DisplayString,
                myAceIndex Integer32,
                myAceIfAnyVID TruthValue,
                myAceVID Unsigned32,
                myAceIfAnySourceIp TruthValue,
                myAceSourceIp IpAddress,
                myAceIfAnySourceWildCard TruthValue,
                myAceSourceWildCard IpAddress,
                myAceIfAnySourceMacAddr TruthValue,
                myAceSourceMacAddr MacAddress,
                myAceIfAnyDestIp TruthValue,
                myAceDestIp IpAddress,
                myAceIfAnyDestWildCard TruthValue,
                myAceDestIpWildCard IpAddress,
                myAceIfAnyDestMacAddr TruthValue,
                myAceDestMacAddr MacAddress,
                myAceIfAnyEtherLikeType TruthValue,
                myAceEtherLikeType Integer32,
                myAceIfAnyIpProtocolField TruthValue,
                myAceIpProtocolField Integer32,
                myAceIfAnySourceProtocolPort TruthValue,
                myAceSourceProtocolPort Integer32,
                myAceIfAnyDestProtocolPort TruthValue,
                myAceDestProtocolPort Integer32,
                myAceIfAnyProtocolType TruthValue,
                myAceProtocolType Integer32,
                myAceFlowAction INTEGER,
                myAceEntryStauts RowStatus,
                myAceTimeRangeName DisplayString
        }

myAceAclName OBJECT-TYPE
        SYNTAX DisplayString(SIZE (1..32))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Access list name of this ace belong to.
            When this string be used as an index,Value of a sub-identifier equal 
            ASCII value of corresponding character(first sub-identifier corresponds
            first character of string). The number of sub-identifiers of this string
            must be 32,If length of string is less than 32 the sub-identifier(0x0) 
            will be filled in tail."
        ::= { myAceEntry  1 }

myAceIndex OBJECT-TYPE
        SYNTAX Integer32(1..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
               "Object which specifies a unique entry in the
                myAclTable.  A management station wishing
                to initiate a acl operation should use a
                pseudo-random value for this object when creating
                or modifying an instance of a myAclEntry.
                The RowStatus semantics of the myAclEntryStatus
                object will prevent access conflicts."
        ::= { myAceEntry 2 }
   
myAceIfAnyVID OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "VID of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 3 }
   
myAceVID OBJECT-TYPE
        SYNTAX Unsigned32(0..4094)
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "VID of Ace flow definition."
        ::= { myAceEntry 4 }
    
myAceIfAnySourceIp OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source Ip of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 5 }
            
myAceSourceIp OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Sourece ip address of Ace flow definition."
        ::= { myAceEntry 6 }

myAceIfAnySourceWildCard OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source Ip wild card of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 7 }
                
myAceSourceWildCard OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Sourece ip wild card(in reverse ip address mask)of Ace flow definition."
        ::= { myAceEntry 8 }        

myAceIfAnySourceMacAddr OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source mac address of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 9 }
                
myAceSourceMacAddr OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Sourece Mac address of Ace flow definition."
        ::= { myAceEntry 10 }                
 
myAceIfAnyDestIp OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Destination Ip wild card of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 11 }
         
myAceDestIp OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Destination ip address of Ace flow definition."
        ::= { myAceEntry 12 }

myAceIfAnyDestWildCard OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source Ip wild card of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 13 }
                
myAceDestIpWildCard OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Destination ip wild card(in reverse ip address mask) of Ace flow definition."
        ::= { myAceEntry 14 }        

myAceIfAnyDestMacAddr OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source Ip wild card of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 15 }
                
myAceDestMacAddr OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Destination Mac address of Ace flow definition."
        ::= { myAceEntry 16 }

myAceIfAnyEtherLikeType OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Ether Like Type in MAC packet will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 17 }
            
myAceEtherLikeType OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Ether Like Type in MAC packet of Ace flow definition. "
        ::= { myAceEntry 18 }

myAceIfAnyIpProtocolField OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Source Ip wild card of class will not be checked if this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 19 }
            
myAceIpProtocolField OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of protocol field in IP packet of Ace flow definition."
        ::= { myAceEntry 20 }
      
myAceIfAnySourceProtocolPort OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of source protocol port in IP packet will not be checked if 
             this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 21 }
        
myAceSourceProtocolPort OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of source protocol port in IP packet of Ace flow definition. It is 
             significative only to those protocol which support this field."
        ::= { myAceEntry 22 }

myAceIfAnyDestProtocolPort OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "he value of destination protocol port in IP packet will not be checked if 
            this value is true."
        DEFVAL{ true }
        ::= { myAceEntry 23 }
        
myAceDestProtocolPort OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of destination protocol port in IP packet of Ace flow definition. It is 
             significative only to those protocol which support this field(tcp,udp)."
        ::= { myAceEntry 24 }        

myAceIfAnyProtocolType OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of protocol type field in IP packet will not be checked if this 
            value is true."
        DEFVAL{ true }
        ::= { myAceEntry 25 }
            
myAceProtocolType OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The value of protocol type field in IP packet of Ace flow definition. It is 
             significative only to those protocol which support this field(icmp,igmp)."
        ::= { myAceEntry 26 }            
                
myAceFlowAction OBJECT-TYPE
        SYNTAX INTEGER{
               permit(1),
               delay(2) 
        }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Permit indicate that the kind of  flow which entry define will be allow to access ,
             delay indicate that the kind of flow which entry define will be refuse to access"
        ::= { myAceEntry 27 }
    
myAceEntryStauts OBJECT-TYPE
        SYNTAX RowStatus
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "entry status for this list."
        ::= { myAceEntry 28 }

myAceTimeRangeName OBJECT-TYPE
    SYNTAX      DisplayString(SIZE (0..32))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Name of time-range of this ACE match. It indicate that 
         this ACE doesn't match any time-range if this string is null"
    ::= { myAceEntry 29 }
        

myAclIfTable OBJECT-TYPE
        SYNTAX SEQUENCE OF MyAclIfEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "list of ACL interface objects."
        ::= { myAclMIBObjects 3 }
    
myAclIfEntry OBJECT-TYPE
        SYNTAX MyAclIfEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Entry ACL interface information."
        INDEX { myAclIfIndex }
        ::= { myAclIfTable 1 }

MyAclIfEntry ::=
        SEQUENCE {
            myAclIfIndex IfIndex,
            myAclIfMaxEntryNum Integer32,
            myAclIfCurruntEntryNum Integer32,
            myIfInAclName  DisplayString,
            myIfOutAclName DisplayString
        }

myAclIfIndex OBJECT-TYPE
        SYNTAX IfIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            " "
        ::= { myAclIfEntry 1 }

myAclIfMaxEntryNum OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
               "Max num of ACL entry(ACE) in a interface."
        ::= { myAclIfEntry 2 }

myAclIfCurruntEntryNum OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
               "Currunt valid num of ACL entry(ACE) in a interface."
        ::= { myAclIfEntry 3 }
        
myIfInAclName OBJECT-TYPE
        SYNTAX DisplayString(SIZE (0..32))
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Access list name of ACL of this interface match for input. 
            It indicate that this interface doesn't match any ACL for input 
            if this string is null"
        ::= { myAclIfEntry  4 }        
        
myIfOutAclName OBJECT-TYPE
        SYNTAX DisplayString(SIZE (0..32))
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Access list name of ACL of this interface match for output. 
            It indicate that this interface doesn't match any ACL for output 
            if this string is null
            
            This relation function apply only L3 interface."
        ::= { myAclIfEntry  5 }

-- conformance information

myAclMIBConformance OBJECT IDENTIFIER ::= { myAclMIB 2 }
myAclMIBCompliances OBJECT IDENTIFIER ::= { myAclMIBConformance 1 }
myAclMIBGroups      OBJECT IDENTIFIER ::= { myAclMIBConformance 2 }


-- compliance statements

myAclMIBCompliance MODULE-COMPLIANCE
        STATUS  current
        DESCRIPTION
                "The compliance statement for entities which implement
                the My Acl MIB"
        MODULE  -- this module
                MANDATORY-GROUPS { myAclMIBGroup }
        ::= { myAclMIBCompliances 1 }
        
        
-- units of conformance

myAclMIBGroup OBJECT-GROUP
        OBJECTS {
                myAclName,
                myAclMode,
                myAclEntryStatus,
        
                myAceAclName,
                myAceIndex,
                myAceIfAnyVID,
                myAceVID,
                myAceIfAnySourceIp,
                myAceSourceIp,
                myAceIfAnySourceWildCard,
                myAceSourceWildCard,
                myAceIfAnySourceMacAddr,
                myAceSourceMacAddr,
                myAceIfAnyDestIp,
                myAceDestIp,
                myAceIfAnyDestWildCard,
                myAceDestIpWildCard,
                myAceIfAnyDestMacAddr,
                myAceDestMacAddr,
                myAceIfAnyEtherLikeType,
                myAceEtherLikeType,
                myAceIfAnyIpProtocolField,
                myAceIpProtocolField,
                myAceIfAnySourceProtocolPort,
                myAceSourceProtocolPort,
                myAceIfAnyDestProtocolPort,
                myAceDestProtocolPort,
                myAceProtocolType,
                myAceProtocolType,
                myAceFlowAction,
                myAceEntryStauts,
                myAceTimeRangeName,
                
                myAclIfIndex,
                myAclIfMaxEntryNum,
                myAclIfCurruntEntryNum,
                myIfInAclName,
                myIfOutAclName
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing acl (echo) ability to a
                My agent."
        ::= { myAclMIBGroups 1 }        
        
END
