--  ******************************************************
--  $Id: zxr10SwitchACL.mib 12 2008-08-26  Caosl $
--
--  zxr10SwitchACL.mib: ZXR10 Switch Access List MIB file
--  
--  August. 2008, Cao shuling
--   
--  Copyright(c) 2008 by ZTE Corporaton
--  All rights reservered
--
--  
--  ******************************************************

ZXR10-SWITCH-ACL-MIB-59 DEFINITIONS ::= BEGIN

IMPORTS
   -- MODULE-IDENTITY, 
    OBJECT-TYPE, 
    NOTIFICATION-TYPE,
    experimental, 
    Integer32, 
    Unsigned32, 
    Counter32
        FROM SNMPv2-SMI

    MODULE-COMPLIANCE, 
    OBJECT-GROUP, 
    NOTIFICATION-GROUP
        FROM SNMPv2-CONF
    enterprises                      
        FROM SNMPv2-SMI
    MacAddress,
    TEXTUAL-CONVENTION,
    RowStatus                           
        FROM SNMPv2-TC

    mgmt, 
    NetworkAddress, 
    IpAddress, 
    Counter, 
    Gauge
        FROM RFC1155-SMI;

    zte OBJECT IDENTIFIER ::= { enterprises 3902 }
    zxr10 OBJECT IDENTIFIER ::= { zte 3}

    zxr10switch OBJECT IDENTIFIER ::= { zxr10 102}
    zxr10ACL OBJECT IDENTIFIER ::= { zxr10switch 2}

   
    --The follow part defined some data types which will be used in this acl mib file later
    DisplayString ::= OCTET STRING
    --  This data type is used to model textual information taken
    --  from the NVT ASCII character set.  By convention, objects
    --  with this syntax are declared as having
    --  SIZE (0..255)
    
         
    zxr10StandardACLTable  OBJECT-TYPE
        SYNTAX  SEQUENCE OF Zxr10StandardACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Standard ACL"
        ::= { zxr10ACL 1 }

    zxr10StandardACLEntry  OBJECT-TYPE
        SYNTAX  Zxr10StandardACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Standard ACL"
        INDEX  { zxr10StandardACLNo,
                 zxr10StandardACLRuleID }
        ::= { zxr10StandardACLTable 1 }
        
    Zxr10StandardACLEntry ::=
        SEQUENCE {
            zxr10StandardACLNo 
                Integer32, 
            zxr10StandardACLName
                DisplayString,  
            zxr10StandardACLAlias
                DisplayString,           
            zxr10StandardACLMatchorder
                INTEGER,   
            zxr10StandardACLRuleID
                Integer32,    
            zxr10StandardACLPermitDeny
                INTEGER,
            zxr10StandardACLSrcAddr
                IpAddress,
            zxr10StandardACLSrcAddrSrcWildcard
                IpAddress,             
            zxr10StandardACLSrcAny
                INTEGER,
            zxr10StandardACLFlag
                INTEGER,
            zxr10StandardACLTimeRangeName
                DisplayString, 
            zxr10StandardACLRuleDescription
                DisplayString      
    }
    
    zxr10StandardACLNo  OBJECT-TYPE
        SYNTAX   Integer32
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Standard ACL number
             <1-99>  Configure standard ACL number
             <1000-1499>  Configure standard ACL number (expanded range)"
        ::= { zxr10StandardACLEntry 1 } 
        
    zxr10StandardACLName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Standard ACL name (1-31 characters)"
        ::= { zxr10StandardACLEntry 2 } 
        
         
    zxr10StandardACLAlias  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Standard ACL alias (1-31 characters)"
        ::= { zxr10StandardACLEntry 3 }  
        
    zxr10StandardACLMatchorder   OBJECT-TYPE  
        SYNTAX   INTEGER{config(0),auto(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Select match order
             auto    Sort rules automatically
             config  Sort rules by configuration order"
        ::= { zxr10StandardACLEntry 4 }   
        
    zxr10StandardACLRuleID  OBJECT-TYPE
        SYNTAX   Integer32(1..100)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "rule
            <1-100>  ACL rule ID"
        ::= { zxr10StandardACLEntry 6 }  
        
    zxr10StandardACLPermitDeny  OBJECT-TYPE
        SYNTAX   INTEGER{permit(0),deny(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "deny    Specify packets to reject
             permit  Specify packets to forward"
        ::= { zxr10StandardACLEntry 7 }  
        
    zxr10StandardACLSrcAddr  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Source address"
        ::= { zxr10StandardACLEntry 8 }  
        
    zxr10StandardACLSrcAddrSrcWildcard  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Wildcard bits"
        ::= { zxr10StandardACLEntry 9 }
        
    zxr10StandardACLSrcAny  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(0),valid(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any source"
        ::= { zxr10StandardACLEntry 10 }  
                 
         
    zxr10StandardACLFlag  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Time range enable or disable flag"
        ::= { zxr10StandardACLEntry 11 }  
        
    zxr10StandardACLTimeRangeName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Configure time range name (1-31 characters)"
        ::= { zxr10StandardACLEntry 12 }   
        
   zxr10StandardACLRuleDescription   OBJECT-TYPE
        SYNTAX    DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "ACL rule description (1-16 characters)"
        ::= { zxr10StandardACLEntry 13 } 
         

--- extened ACL 

    zxr10ExtendedACLTable  OBJECT-TYPE
        SYNTAX  SEQUENCE OF Zxr10ExtendedACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Extended ACL"
        ::= { zxr10ACL 2 }

    zxr10ExtendedACLEntry  OBJECT-TYPE
        SYNTAX  Zxr10ExtendedACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Extended ACL"
        INDEX  { zxr10ExtendedACLNo,
                 zxr10ExtendedACLRuleID }
        ::= { zxr10ExtendedACLTable 1 }
        
    Zxr10ExtendedACLEntry ::=
        SEQUENCE {
            zxr10ExtendedACLNo 
                Integer32,            
            zxr10ExtendedACLName
                DisplayString,            
            zxr10ExtendedACLAlias
                DisplayString,
            zxr10ExtendedACLMatchorder
                INTEGER,      
            zxr10ExtendedACLRuleID
                Integer32,
            zxr10ExtendedACLPermitDeny
                INTEGER,
            zxr10ExtendedACLSrcAddr
                IpAddress,
            zxr10ExtendedACLSrcWildcard
                IpAddress,         
            zxr10ExtendedACLSrcAny
                INTEGER,
            zxr10ExtendedACLDestAddr
                IpAddress,
            zxr10ExtendedACLDestWildcard
                IpAddress,         
            zxr10ExtendedACLDestAny
                INTEGER,
            zxr10ExtendedACLProtocol
                Integer32,
            zxr10ExtendedACLSrcOpr 
                INTEGER,
            zxr10ExtendedACLSrcPort
                Integer32,
            zxr10ExtendedACLSrcPort2
                Integer32,
            zxr10ExtendedACLDestOpr
                INTEGER,
            zxr10ExtendedACLDestPort
                Integer32,
            zxr10ExtendedACLDestPort2
                Integer32,
            zxr10ExtendedACLTCPEstablish
                INTEGER, 
            zxr10ExtendedACLICMPType
                 Integer32,  
            zxr10ExtendedACLICMPCode
                 Integer32,                
            zxr10ExtendedACLPrecedence
                 Integer32,                
            zxr10ExtendedACLTOS
                 Integer32,                
            zxr10ExtendedACLDSCP
                 Integer32,                              
            zxr10ExtendedACLFlag
                 INTEGER,
            zxr10ExtendedACLTimeRangeName                                
                 DisplayString,  
            zxr10ExtendedACLRuleDescription
                DisplayString                    
    }
    
    zxr10ExtendedACLNo  OBJECT-TYPE
        SYNTAX   Integer32
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Extended ACL number
            <100-199>    Configure extended ACL number
            <1500-1999>  Configure extended ACL number (expanded range)"
        ::= { zxr10ExtendedACLEntry 1 }  
        
    zxr10ExtendedACLName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Extended ACL name
             WORD  Configure extended ACL name (1-31 characters)"
        ::= { zxr10ExtendedACLEntry 2 } 
        
         
    zxr10ExtendedACLAlias  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Extended ACL alias
             WORD  ACL alias (1-31 characters)"
        ::= { zxr10ExtendedACLEntry 3 } 
        
    zxr10ExtendedACLMatchorder   OBJECT-TYPE  
        SYNTAX   INTEGER{config(0),auto(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Select match order
             auto    Sort rules automatically
             config  Sort rules by configuration order "
        ::= { zxr10ExtendedACLEntry 4 }               

    zxr10ExtendedACLRuleID  OBJECT-TYPE
        SYNTAX   Integer32(1..100)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "rule
            <1-100>  ACL rule ID"
        ::= { zxr10ExtendedACLEntry 6 }    

    zxr10ExtendedACLPermitDeny  OBJECT-TYPE
        SYNTAX   INTEGER{permit(0),deny(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "deny    Specify packets to reject
             permit  Specify packets to forward"
        ::= { zxr10ExtendedACLEntry 7 }    

    zxr10ExtendedACLSrcAddr  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Source address"
        ::= { zxr10ExtendedACLEntry 8 }    

    zxr10ExtendedACLSrcWildcard  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Wildcard bits"
        ::= { zxr10ExtendedACLEntry 9 } 
        
    zxr10ExtendedACLSrcAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(0),valid(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any source"
        ::= { zxr10ExtendedACLEntry 10 } 
        
    zxr10ExtendedACLDestAddr  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Destination address"
        ::= { zxr10ExtendedACLEntry 11 } 
           
    zxr10ExtendedACLDestWildcard  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Destination wildcard bits"
        ::= { zxr10ExtendedACLEntry 12 } 
        
    zxr10ExtendedACLDestAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(0),valid(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any destination host"
        ::= { zxr10ExtendedACLEntry 13 } 
  
         
    zxr10ExtendedACLProtocol  OBJECT-TYPE
        SYNTAX   Integer32(0..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "255     Any internet protocol (ip)
            <0-254>  An IP protocol number                                                                                                    
  			47       Generic Routing Encapsulation (gre)                                                                                       
  			1        Internet Control Message Protocol (icmp)                                                                                    
  			2        Internet Group Management Protocol (igmp)                                                                                                                                                                                     
  			89       Open Shortest Path First Protocol (ospf)                                                                                   
  			103      Protocol Independent Multicast (pim)                                                                                     
  			6        Transmission Control Protocol (tcp)                                                                                        
  			17       User Datagram Protocol (udp)                                                                                              
  			112      Virtual Router Redundancy Protocol (vrrp)"
        ::= { zxr10ExtendedACLEntry 14 }
            
    zxr10ExtendedACLSrcOpr  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(0),eq(1),ge(2),le(3),range(7)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "eq(1)       Match only tcp,udp packets on a given port number                                                                                
  			 ge(2)       Match only tcp,udp packets with a no lower port number                                                                           
  			 le(3)       Match only tcp,udp packets with a no greater port number                                                                         
  			 range(7)    Match tcp,udp packets with a given port range"
        ::= { zxr10ExtendedACLEntry 15 }    
        
    zxr10ExtendedACLSrcPort  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-65535>    Port number                                                                                                          
             179        Border gateway protocol (bgp)                                                                                          
             53         Domain name service (domain)                                                                                               
             79         Finger                                                                                                            
             21         File transfer protocol (ftp)                                                                                            
             513        Login (rlogin)                                                                                                    
             109        Post office protocol v2 (pop2)                                                                                          
             110        Post office protocol v3 (pop3)                                                                                          
             25         Simple mail transport protocol (smtp)                                                                                    
             23         Telnet                                                                                                           
             80         World wide web (HTTP)"
        ::= { zxr10ExtendedACLEntry 16 }    
        
    zxr10ExtendedACLSrcPort2  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-65535>    Port number                                                                                                          
             179        Border gateway protocol (bgp)                                                                                          
             53         Domain name service (domain)                                                                                               
             79         Finger                                                                                                            
             21         File transfer protocol (ftp)                                                                                            
             513        Login (rlogin)                                                                                                    
             109        Post office protocol v2 (pop2)                                                                                          
             110        Post office protocol v3 (pop3)                                                                                          
             25         Simple mail transport protocol (smtp)                                                                                    
             23         Telnet                                                                                                           
             80         World wide web (HTTP)"
  		::= { zxr10ExtendedACLEntry 17 }    
        
    zxr10ExtendedACLDestOpr  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(0),eq(1),ge(2),le(3),range(7)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "eq(1)       Match only tcp,udp packets on a given port number                                                                                
  			 ge(2)       Match only tcp,udp packets with a no lower port number                                                                           
  			 le(3)       Match only tcp,udp packets with a no greater port number                                                                         
  			 range(7)    Match tcp,udp packets with a given port range"
        ::= { zxr10ExtendedACLEntry 18 }    
        
    zxr10ExtendedACLDestPort  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-65535>    Port number                                                                                                          
             179        Border gateway protocol (bgp)                                                                                          
             53         Domain name service (domain)                                                                                               
             79         Finger                                                                                                            
             21         File transfer protocol (ftp)                                                                                            
             513        Login (rlogin)                                                                                                    
             109        Post office protocol v2 (pop2)                                                                                          
             110        Post office protocol v3 (pop3)                                                                                          
             25         Simple mail transport protocol (smtp)                                                                                    
             23         Telnet                                                                                                           
             80         World wide web (HTTP)"
        ::= { zxr10ExtendedACLEntry 19 }    
        
    zxr10ExtendedACLDestPort2  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-65535>    Port number                                                                                                          
             179        Border gateway protocol (bgp)                                                                                          
             53         Domain name service (domain)                                                                                               
             79         Finger                                                                                                            
             21         File transfer protocol (ftp)                                                                                            
             513        Login (rlogin)                                                                                                    
             109        Post office protocol v2 (pop2)                                                                                          
             110        Post office protocol v3 (pop3)                                                                                          
             25         Simple mail transport protocol (smtp)                                                                                    
             23         Telnet                                                                                                           
             80         World wide web (HTTP)"
        ::= { zxr10ExtendedACLEntry 20 }   
         
    zxr10ExtendedACLTCPEstablish  OBJECT-TYPE
        SYNTAX    INTEGER{true(1),false(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Match established connections"
        ::= { zxr10ExtendedACLEntry 21 }  
        
                       
    zxr10ExtendedACLICMPType  OBJECT-TYPE
        SYNTAX   Integer32(0..254)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-254>      ICMP message type                                                                                           
  			6             Alternate address                                                                                                                                                                                        
  			8             Echo (ping)                                                                                              
  			0             Echo reply                                                                                                                                                                                         
  			16            Information replies                                                                                     
  			15            Information requests                                                                                  
  			18            Mask replies                                                                                           
  			17            Mask requests                                                                                         
  			12            All parameter problems                                                                                                                                                                             
  			5             All redirects                                                                                           
  			9             Router discovery advertisements                                                                        
  			10            Router discovery solicitations                                                                        
  			4             Source quenches                                                                                         
  			11            All time exceededs                                                                                                                                                                       
  			14            Timestamp replies                                                                                      
  			13            Timestamp requests                                                                                                                                                                                      
  			30            Traceroute                                                                                             
  			3             All unreachables "
        ::= { zxr10ExtendedACLEntry 23 }    
        
    zxr10ExtendedACLICMPCode  OBJECT-TYPE
        SYNTAX   Integer32(0..254)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-254>  ICMP message code"
        ::= { zxr10ExtendedACLEntry 24 }    
        
    zxr10ExtendedACLPrecedence  OBJECT-TYPE
        SYNTAX   Integer32(0..7)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-7>  IP precedence"
        ::= { zxr10ExtendedACLEntry 25 }    
        
    zxr10ExtendedACLTOS  OBJECT-TYPE
        SYNTAX   Integer32(0..15)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "IP TOS
             <0-15>  Tos value"
        ::= { zxr10ExtendedACLEntry 26 }  
          
    zxr10ExtendedACLDSCP  OBJECT-TYPE
        SYNTAX   Integer32(0..63)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-63>  Dscp value"
        ::= { zxr10ExtendedACLEntry 27 }    
               
    zxr10ExtendedACLFlag  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Time range enable or disable flag"
        ::= { zxr10ExtendedACLEntry 28 }    
        
    zxr10ExtendedACLTimeRangeName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
             "Configure time range name (1-31 characters)"
        ::= { zxr10ExtendedACLEntry 29 }    
        
    zxr10ExtendedACLRuleDescription   OBJECT-TYPE
        SYNTAX    DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "ACL rule description (1-16 characters)"
        ::= { zxr10ExtendedACLEntry 30 }       
              
  
    --- link ACL

    zxr10LinkACLTable  OBJECT-TYPE
        SYNTAX  SEQUENCE OF Zxr10LinkACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Link ACL"
        ::= { zxr10ACL 3 }

    zxr10LinkACLEntry  OBJECT-TYPE
        SYNTAX  Zxr10LinkACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Link ACL"
        INDEX  { zxr10LinkACLNo,
                 zxr10LinkACLRuleID }
        ::= { zxr10LinkACLTable 1 }
        
    Zxr10LinkACLEntry ::=
        SEQUENCE {
            zxr10LinkACLNo 
                Integer32,            
            zxr10LinkACLName
                DisplayString,               
            zxr10LinkACLAlias
                DisplayString,
            zxr10LinkACLMatchorder
                INTEGER, 
            zxr10LinkACLRuleID
                Integer32,
            zxr10LinkACLPermitDeny
                INTEGER,
            zxr10LinkACLProtocol
                Integer32,          
            zxr10LinkACLCos
                Integer32,  
            zxr10LinkACLDoutVlanID
                Integer32,
            zxr10LinkACLInMAC
                MacAddress,
            zxr10LinkACLInMACWildcard
                MacAddress,        
            zxr10LinkACLInMACAny
                INTEGER,  
            zxr10LinkACLOutMAC 
                MacAddress,
            zxr10LinkACLOutMACWildCard
                MacAddress,         
            zxr10LinkACLOutMACAny
                INTEGER,                 
            zxr10LinkACLFlag
                INTEGER,
            zxr10LinkACLTimeRangeName
                DisplayString, 
            zxr10LinkACLRuleDescription
                DisplayString        
    }
    
    zxr10LinkACLNo  OBJECT-TYPE
        SYNTAX   Integer32(200..299)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Link ACL number
            <200-299>  Configure link ACL number"
        ::= { zxr10LinkACLEntry 1 }  
        
    zxr10LinkACLName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Link ACL name (1-31 characters)"
        ::= { zxr10LinkACLEntry 2 } 
            
    zxr10LinkACLAlias  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Link ACL alias (1-31 characters)"
        ::= { zxr10LinkACLEntry 3 }
        
    zxr10LinkACLMatchorder   OBJECT-TYPE  
        SYNTAX   INTEGER{config(0),auto(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Select match order
             auto    Sort rules automatically
             config  Sort rules by configuration order  "
        ::= { zxr10LinkACLEntry 4 }      

    zxr10LinkACLRuleID  OBJECT-TYPE
        SYNTAX   Integer32(1..1000)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "rule
            <1-100>  ACL rule ID"
        ::= { zxr10LinkACLEntry 6 }    

    zxr10LinkACLPermitDeny  OBJECT-TYPE
        SYNTAX   INTEGER{permit(0),deny(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "deny    Specify packets to reject
             permit  Specify packets to forward"
        ::= { zxr10LinkACLEntry 7 }    

    zxr10LinkACLProtocol  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
           "65535            Any protocol type(any)
            <1536-65534>     Ether protocol number                                                                                                                                                                                               
  			2054             Address resolution protocol (arp)                                                                                 
  			2048             Internet protocol (ip) "
        ::= { zxr10LinkACLEntry 8 }  
        
    zxr10LinkACLCos   OBJECT-TYPE
        SYNTAX   Integer32(0..7)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-7>  Cos vlan-priority"
        ::= { zxr10LinkACLEntry 9 }
        
    zxr10LinkACLDoutVlanID   OBJECT-TYPE
        SYNTAX   Integer32(1..4094)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<1-4094>  Source outer vlan id"
        ::= { zxr10LinkACLEntry 12 } 
  
           
    zxr10LinkACLInMAC  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Source-mac"
        ::= { zxr10LinkACLEntry 13 }
            
    zxr10LinkACLInMACWildcard  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Source wildcard bits"
        ::= { zxr10LinkACLEntry 14 }
        
    zxr10LinkACLInMACAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any source host"
        ::= { zxr10LinkACLEntry 15 }     
        
    zxr10LinkACLOutMAC  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Destination-mac"
        ::= { zxr10LinkACLEntry 16 }

    zxr10LinkACLOutMACWildCard  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Destination wildcard bits"
        ::= { zxr10LinkACLEntry 17 }  
        
    zxr10LinkACLOutMACAny    OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any destination host"
        ::= { zxr10LinkACLEntry 18 }  
                                 
    zxr10LinkACLFlag  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Time range enable or disable flag"
        ::= { zxr10LinkACLEntry 19 }   

    zxr10LinkACLTimeRangeName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Configure time range name (1-31 characters)"
        ::= { zxr10LinkACLEntry 20 }  
        
    zxr10LinkACLRuleDescription   OBJECT-TYPE
        SYNTAX    DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "ACL rule description (1-16 characters)"
        ::= { zxr10LinkACLEntry 21 }              
          
        
--- Hybrid ACL
 

    zxr10HybridACLTable  OBJECT-TYPE
        SYNTAX  SEQUENCE OF Zxr10HybridACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Hybrid ACL"
        ::= { zxr10ACL 4 }

    zxr10HybridACLEntry  OBJECT-TYPE
        SYNTAX  Zxr10HybridACLEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "Hybrid ACL"
        INDEX  { zxr10HybridACLNo,
                 zxr10HybridACLRuleID }
        ::= { zxr10HybridACLTable 1 }
        
    Zxr10HybridACLEntry ::=
        SEQUENCE {
            zxr10HybridACLNo 
                Integer32,               
            zxr10HybridACLName
                DisplayString,               
            zxr10HybridACLAlias
                DisplayString,
            zxr10HybridACLMatchorder
                INTEGER,                   
            zxr10HybridACLRuleID
                Integer32,
            zxr10HybridACLPermitDeny
                INTEGER, 
            zxr10HybridACLProtocol
                Integer32,
            zxr10HybridACLSrcAddr
                IpAddress,
            zxr10HybridACLSrcAddrWildcard
                IpAddress,              
            zxr10HybridACLSrcAny
                INTEGER,    
            zxr10HybridACLDestAddr
                IpAddress,
            zxr10HybridACLDestAddrWildcard
                IpAddress,             
            zxr10HybridACLDestAny
                INTEGER, 
            zxr10HybridACLSrcOpr 
                INTEGER,
            zxr10HybridACLSrcPort
                Integer32,
            zxr10HybridACLDestOpr
                INTEGER,
            zxr10HybridACLDestPort
                Integer32,           
            zxr10HybridACLIPNumber
                Integer32,       
            zxr10HybridACLCos
                Integer32,  
            zxr10HybridACLDoutVlanID
                Integer32,                           
            zxr10HybridACLInMAC
                MacAddress,
            zxr10HybridACLInMACWildcard
                MacAddress, 
            zxr10HybridACLInMACAny
                INTEGER,             
            zxr10HybridACLOutMAC
                MacAddress,
            zxr10HybridACLOutMACWildcard
                MacAddress,
            zxr10HybridACLOutMACAny
                INTEGER,
            zxr10HybridACLFlag                                
                INTEGER,
            zxr10HybridACLTimeRangeName   
                DisplayString, 
            zxr10HybridACLRuleDescription
                DisplayString                
    }
    
    zxr10HybridACLNo  OBJECT-TYPE
        SYNTAX   Integer32(300..349)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " Hybrid ACL number
             <300-349>  Configure hybrid ACL number"
        ::= { zxr10HybridACLEntry 1 }    
   
    zxr10HybridACLName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Hybrid ACL name (1-31 characters)"
        ::= { zxr10HybridACLEntry 2 } 
        
         
    zxr10HybridACLAlias  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Hybrid ACL alias (1-31 characters)"
        ::= { zxr10HybridACLEntry 3 }  
        
    zxr10HybridACLMatchorder   OBJECT-TYPE  
        SYNTAX   INTEGER{config(0),auto(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Select match order
             auto    Sort rules automatically
             config  Sort rules by configuration order"
        ::= { zxr10HybridACLEntry 4 }  
                                                                                        
    zxr10HybridACLRuleID  OBJECT-TYPE
        SYNTAX   Integer32(1..100)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "rule
            <1-100>  ACL rule ID"
        ::= { zxr10HybridACLEntry 6 }    

    zxr10HybridACLPermitDeny  OBJECT-TYPE
        SYNTAX   INTEGER{permit(0),deny(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "deny    Specify packets to reject
             permit  Specify packets to forward"
        ::= { zxr10HybridACLEntry 7 } 
        
    zxr10HybridACLProtocol  OBJECT-TYPE
        SYNTAX   Integer32(0..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
          " 255       Any internet protocol 
            <0-254>   An IP protocol number                                                                                                    
  			47        Generic Routing Encapsulation (gre)                                                                                       
  			2         Internet Group Management Protocol (igmp)                                                                                                                                                                                    
  			89        Open Shortest Path First Protocol (ospf)                                                                                   
  			103       Protocol Independent Multicast (pim)                                                                                     
  			6         Transmission control protocol (tcp)                                                                                           
  			17        User datagram protocol (udp)                                                                                                  
  			112       Virtual Router Redundancy Protocol (vrrp)"
        ::= { zxr10HybridACLEntry 8 }       

    zxr10HybridACLSrcAddr  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Source address"
        ::= { zxr10HybridACLEntry 9 }    

    zxr10HybridACLSrcAddrWildcard  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Wildcard bits"
        ::= { zxr10HybridACLEntry 10 }  
        
    zxr10HybridACLSrcAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(0),valid(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any source"
        ::= { zxr10HybridACLEntry 11 }   
        
    zxr10HybridACLDestAddr  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Destination address"
        ::= { zxr10HybridACLEntry 12 } 
           
    zxr10HybridACLDestAddrWildcard  OBJECT-TYPE
        SYNTAX   IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "A.B.C.D  Destination wildcard bits"
        ::= { zxr10HybridACLEntry 13 }  
        
    zxr10HybridACLDestAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(0),valid(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any destination host"
        ::= { zxr10HybridACLEntry 14 }       
                     
    zxr10HybridACLSrcOpr  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(0),eq(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "eq(1)  Match only tcp,udp packets on a given port number"
        ::= { zxr10HybridACLEntry 15 }    
        
    zxr10HybridACLSrcPort  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-65535>  Port number                                                                                                            
  			179        Border gateway protocol (bgp)                                                                                          
  			53         Domain name service (domain)                                                                                               
  			79         Finger                                                                                                             
  			21         File transfer protocol (ftp)                                                                                            
  			513        Login (rlogin)                                                                                                    
  			109        Post office protocol v2 (pop2)                                                                                          
  			110        Post office protocol v3 (pop3)                                                                                          
  			25         Simple mail transport protocol (smtp)                                                                                    
  			23         Telnet                                                                                                             
  			80         World wide web (HTTP, 80) "
        ::= { zxr10HybridACLEntry 16 }    
          
    zxr10HybridACLDestOpr  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(0),eq(1)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "eq  Match only packets on a given port number"
        ::= { zxr10HybridACLEntry 17 }    
        
    zxr10HybridACLDestPort  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
           "<0-65535>  Port number                                                                                                            
  			179        Border gateway protocol (bgp)                                                                                          
  			53         Domain name service (domain)                                                                                               
  			79         Finger                                                                                                             
  			21         File transfer protocol (ftp)                                                                                            
  			513        Login (rlogin)                                                                                                    
  			109        Post office protocol v2 (pop2)                                                                                          
  			110        Post office protocol v3 (pop3)                                                                                          
  			25         Simple mail transport protocol (smtp)                                                                                    
  			23         Telnet                                                                                                             
  			80         World wide web (HTTP, 80)"
        ::= { zxr10HybridACLEntry 18 }    
                           
   zxr10HybridACLIPNumber  OBJECT-TYPE
        SYNTAX   Integer32(0..65535)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "65535         Any ether protocol type
            <0-65534>      Ether IP protocol number                                                                                                                                                                                               
  			 2054          Address resolution protocol (arp)                                                                                 
  			 2048          Internet protocol (ip) "
        ::= { zxr10HybridACLEntry 23 }    
                 
   zxr10HybridACLCos   OBJECT-TYPE  
        SYNTAX   Integer32(0..7)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<0-7>  Cos vlan-priority"
        ::= { zxr10HybridACLEntry 24 }
          
    zxr10HybridACLDoutVlanID   OBJECT-TYPE
        SYNTAX   Integer32 (1..4094)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "<1-4094>  Source outer vlan id"
        ::= { zxr10HybridACLEntry 27 } 
                  
    zxr10HybridACLInMAC  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Source-mac"
        ::= { zxr10HybridACLEntry 28 }    
        
    zxr10HybridACLInMACWildcard  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Source wildcard bits"
        ::= { zxr10HybridACLEntry 29 }  
        
    zxr10HybridACLInMACAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any source host"
        ::= { zxr10HybridACLEntry 30 } 
          
    zxr10HybridACLOutMAC  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Destination-mac"
        ::= { zxr10HybridACLEntry 31 }  
          
    zxr10HybridACLOutMACWildcard  OBJECT-TYPE
        SYNTAX   MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "xxxx.xxxx.xxxx  Destination wildcard bits"
        ::= { zxr10HybridACLEntry 32 }  
    
     zxr10HybridACLOutMACAny  OBJECT-TYPE 
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Any destination host"
        ::= { zxr10HybridACLEntry 33 }   
               
    zxr10HybridACLFlag  OBJECT-TYPE
        SYNTAX   INTEGER{invalid(1),valid(0)}
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Time range enable or disable flag"
        ::= { zxr10HybridACLEntry 34 }         
        
    zxr10HybridACLTimeRangeName  OBJECT-TYPE
        SYNTAX   DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Configure time range name (1-31 characters)"
        ::= { zxr10HybridACLEntry 35 }    
        
    zxr10HybridACLRuleDescription   OBJECT-TYPE
        SYNTAX    DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "ACL Rule Description (1-16 characters)"
        ::= { zxr10HybridACLEntry 36 }     
         

        END 
              
                        
