-
Notifications
You must be signed in to change notification settings - Fork 124
/
Copy pathCISCO-UNIFIED-FIREWALL-MIB-V1SMI.my
3313 lines (3026 loc) · 103 KB
/
CISCO-UNIFIED-FIREWALL-MIB-V1SMI.my
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
-- MIB file created 01-Mar-2006 18:08:46, by
-- SMICng version 2.2.11-beta(PRO)(Solaris), January 20, 2001. Enterprise key cisco.com
CISCO-UNIFIED-FIREWALL-MIB DEFINITIONS ::= BEGIN
-- From file: "CISCO-UNIFIED-FIREWALL-MIB.my"
-- Compile options "4 7 F H N O W 03 06 0B 0G 0N 0T"
IMPORTS
TruthValue, TimeStamp
FROM SNMPv2-TC-v1
InetAddressType, InetAddress, InetPortNumber
FROM INET-ADDRESS-MIB
ciscoMgmt
FROM CISCO-SMI
CFWNetworkProtocol, CFWApplicationProtocol, CFWPolicy,
CFWPolicyTarget, CFWPolicyTargetType, CFWUrlfVendorId,
CFWUrlServerStatus
FROM CISCO-FIREWALL-TC
dot1dTpFdbPort, dot1dTpFdbStatus
FROM BRIDGE-MIB
Gauge, Counter
FROM RFC1155-SMI
OBJECT-TYPE
FROM RFC-1212
TRAP-TYPE
FROM RFC-1215;
ciscoUnifiedFirewallMIB OBJECT IDENTIFIER ::= { ciscoMgmt 491 }
-- MODULE-IDENTITY
-- LastUpdated
-- 200509220000Z
-- OrgName
-- Cisco Systems
-- ContactInfo
-- Cisco Systems
-- Customer Service
--
-- Postal: 170 W Tasman Drive
-- San Jose, CA 95134
-- USA
--
-- Tel: +1 800 553-NETS
-- E-mail: [email protected]
-- Descr
-- Overview of Cisco Firewall MIB
-- ==============================
-- This MIB Module models status and performance
-- statistics pertaining to the common features supported
-- by Cisco firewall implementations. For each firewall
-- feature, capability (if applicable) and statistics are
-- defined. Supporting the configuration of firewall
-- features is outside the scope of this MIB.
--
-- Following are the major firewall features:
--
-- 1) 'Stateful Packet Filtering'
-- Creating and maintaining the state of authorized
-- traffic flows dynamically to permit only
-- flows authorized by the policy is a mandatory
-- function of a firewall.
-- This MIB instruments the activity and memory
-- usage by this function.
--
-- 2) 'Application Inspection'
-- This refers to the function of inspecting the
-- headers of layer 3 and layer 4 protocols and
-- creating dynamic entries in the connection
-- table for traffic flows spawned by an already
-- established traffic flow.
--
-- This MIB reflects the protocols that are being
-- inspected.
--
-- 3) 'URL Filtering'
-- This refers to the function of facilitating
-- or restricting URL access requests through
-- the firewall by consulting either local policy
-- or that configured on a dedicated URL filtering
-- server.
--
-- This MIB instruments the URL filtering activity,
-- the status and activity of distinct URL filtering
-- servers configured on the firewall and the
-- impact of the performance of the URL filtering
-- servers on the latency and throughput of the
-- firewall.
--
-- 4) 'Proxy Authentication'
-- This refers to the function of authenticating
-- and/or authorizing users on behalf of servers
-- on the secure side of the firewall. This operation
-- could affect the throughput of the firewall.
--
-- The MIB objects pertaining to Proxy Authentication
-- will be defined in a subsequent revision of this
-- MIB.
--
--
-- 5) 'Transparent Mode Operation'
-- A firewall could operate as a bridge and yet
-- filter traffic based on layer 3-layer 7 control
-- and payload information. Operating in this mode
-- makes it easy to implement a firewall without
-- fragmenting existing subnets. Another advantage
-- of this mode of operation is enhanced security.
--
-- This MIB instruments the status, activity,
-- and performance of the firewall in this mode.
-- Please note that to fully manage a firewall
-- operating in this mode, the firewall must also
-- support the bridge MIB (BRIDGE-MIB).
--
--
-- 6) 'Advanced Application Inspection and Control'
-- This function is also termed 'Application
-- Firewall' and pertains to inspecting payload and
-- headers of application traffic to make sure the
-- traffic flows conform to the configured security
-- policy.
--
-- Monitoring this function entails identifying the
-- security alerts generated by this function and
-- measuring the impact on firewall performance by
-- this task. Application Firewall will be
-- instrumented in a separate MIB dedicated for the
-- function.
--
-- 7) 'Failover' or 'Redundancy'
-- Redundancy configuration is essential for business
-- critical firewalls.
--
-- Instrumenting this function entails reflecting
-- the configuration of redundancy and identifying
-- failover events.
--
-- The MIB objects pertaining to Proxy Authentication
-- will be defined in a subsequent revision of this
-- MIB.
--
--
-- The management information for each firewall feature
-- is defined in a distinct module compliance unit. The
-- compliance units corresponding to basic features of
-- firewalls are defined as mandatory.
--
-- Acronyms
-- ========
-- Following are definitions of some terms used in this
-- module. Please refer to the module conformance for a
-- glossary of feature-specific terms.
--
-- `Firewall'
-- A firewall is a set of related programs,
-- implemented on a host or a network device, that
-- protects the resources of a private network from
-- users from other networks. Common firewalling
-- functions include stateful packet filtering,
-- proxy authentication of users on behalf of
-- applications on the secure side of the firewall,
-- URL access control, inspection of payload of
-- traffic streams to determine security threats.
--
-- `Layer2 Firewall' or 'Transparent Firewall'
-- A firewall device that operates as a bridge
-- while performing firewalling function.
--
-- `Connection'
-- The record in the firewall of a traffic strean
-- that has been authorized to flow through the
-- firewall.
--
-- `Half Open Connection'
-- For a connection oriented protocol: a connection
-- that has not reached the established on both the
-- sides of the connection.
-- For a connection-less protocol: the connection
-- corresponding to a traffic stream where traffic
-- flow has occurred (since the establishment of the
-- connection entry) only on one direction.
--
-- `Embryonic Connection'
-- The connection entry corresponding to an
-- application layer protocol in which the signaling
-- channel has been established while the setup of
-- the data channel is underway.
--
-- `Policy'
-- An element of firewall configuration that
-- identifies the access rights to a resource by a
-- traffic source. An example of a policy is an
-- Access Control Rule.
--
-- `Policy Target'
-- An entity to which a policy is applied so that
-- the action corresponding to the policy is taken
-- only on traffic streams associated with the
-- entity. An example of a policy target is an
-- interface.
--
-- `URL Filtering Server'
-- A server which is employed by the firewall to
-- enforce URL access policies.
--
-- `Protocol Data Unit' or PDU
-- An instance of the unit of information using which
-- a protocol operates is called the Protocol Data
-- Unit or the PDU of the protocol.
--
-- `Deep Packet Inspection'
-- The task of examining the contents of the payloads
-- of one or more layer 7 application protocols
-- with a view to enforcing the local security
-- policies termed 'Deep Packet Inspection'.
--
-- `Advanced Application Inspection and Control'
-- An entity that performs deep packet inspection
-- of layer 7 application protocol data units is
-- termed an 'Application Firewall'.
-- RevDate
-- 200509220000Z
-- RevDescr
-- Initial version of this module.
ciscoUnifiedFirewallMIBNotifs OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIB 0 }
ciscoUnifiedFirewallMIBObjects OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIB 1 }
ciscoUnifiedFirewallMIBConform OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIB 2 }
cuFwConnectionGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 1 }
cuFwApplInspectionGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 2 }
cuFwUrlFilterGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 3 }
cuFwFailoverGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 4 }
cuFwAaicGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 5 }
cuFwL2FwGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 6 }
cuFwNotifCntlGrp OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBObjects 7 }
cuFwConnectionGlobals OBJECT IDENTIFIER ::= { cuFwConnectionGrp 1 }
cuFwConnectionResources OBJECT IDENTIFIER ::= { cuFwConnectionGrp 2 }
cuFwConnectionReportSettings OBJECT IDENTIFIER ::= { cuFwConnectionGrp 3 }
cuFwConnectionSummaryTables OBJECT IDENTIFIER ::= { cuFwConnectionGrp 4 }
cufwUrlFilterGlobals OBJECT IDENTIFIER ::= { cuFwUrlFilterGrp 1 }
cufwUrlFilterResourceUsage OBJECT IDENTIFIER ::= { cuFwUrlFilterGrp 2 }
cufwUrlFilterServers OBJECT IDENTIFIER ::= { cuFwUrlFilterGrp 3 }
cufwAaicGlobals OBJECT IDENTIFIER ::= { cuFwAaicGrp 1 }
cufwAaicProtocolStats OBJECT IDENTIFIER ::= { cuFwAaicGrp 2 }
cufwAaicHttpProtocolStats OBJECT IDENTIFIER ::= { cufwAaicProtocolStats 1 }
cufwL2FwGlobals OBJECT IDENTIFIER ::= { cuFwL2FwGrp 1 }
ciscoUniFirewallMIBCompliances OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBConform 1 }
ciscoUniFirewallMIBGroups OBJECT IDENTIFIER ::= { ciscoUnifiedFirewallMIBConform 2 }
cufwConnGlobalNumAttempted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"
Connection Statistics Aggregation
Connection 1 +-----------+
------------->| |-------> Global Connection Summary
Connection 2 | |
------------->| |
Connection 3 | |
------------->| First |------------> ConnSummary
| Level | (i.e, L-3/4 Protocol
Connection 4 |Aggregation| Connection Summary)
------------->| |
. | |
. | |---------------> PolicyConnSummary
Connection N | | (i.e, L-3/4 Policy Target based
------------->| | Protocol Connection Summary)
+-----------+
+-----------+
L-3/4 Protocol | |
Connection Summary | |
------------------>| |---------> AppConnSummary
| | (i.e, L-7 Protocol
| Second | Connection Summary)
|---Level---|
L-3/4 Policy Target |Aggregation|
based Protocol | |
Connection Summary | |
------------------>| |---------------> PolicyAppConnSummary
| | (i.e, L-7 Policy Target based
| | Protocol Connection Summary)
+-----------+
Specifically, the object
'cufwConnGlobalNumAttempted' models
the number of connections which are attempted to
be set up through the firewall.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 1 }
cufwConnGlobalNumSetupsAborted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connection setup attempts that
were aborted before the connection could proceed
to completion. The counter includes setup
attempts aborted by the firewall as well as
those aborted by the initiator and/or the
responder(s) of/to the connection setup attempt.
Consequently, this value subsumes the values of
objects 'cufwConnGlobalNumPolicyDeclined' and
'cufwConnGlobalNumResDeclined'.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 2 }
cufwConnGlobalNumPolicyDeclined OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which were attempted to
be setup but which were declined due to reasons of
security policy.
This includes the connections that failed
authentication.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 3 }
cufwConnGlobalNumResDeclined OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which were attempted to
be setup but which were declined due to
non-availability of required resources.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 4 }
cufwConnGlobalNumHalfOpen OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which are in the process
of being setup but which have not yet reached the
established state in the connection table."
::= { cuFwConnectionGlobals 5 }
cufwConnGlobalNumActive OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which are currently active."
::= { cuFwConnectionGlobals 6 }
cufwConnGlobalNumExpired OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which were active but
which were since normally terminated.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 7 }
cufwConnGlobalNumAborted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections which were active but
which were aborted by the firewall due to reasons
of policy or resource rationing.
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 8 }
cufwConnGlobalNumEmbryonic OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of embryonic application layer connections
(that is, connections in which the signaling channel
has been established while the data channel is awaiting
setup).
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 9 }
cufwConnGlobalConnSetupRate1 OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections per second
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The averaged number of connections which the firewall
establishing per second, averaged over the last 60
seconds."
::= { cuFwConnectionGlobals 10 }
cufwConnGlobalConnSetupRate5 OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections per second
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The averaged number of connections which the firewall
establishing per second, averaged over the last 300
seconds."
::= { cuFwConnectionGlobals 11 }
cufwConnGlobalNumRemoteAccess OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of active connections which correspond
to remote access applications. Specifically, the
protocol for which the connection is established
must be one of PPP, PPTP, L2TP or remote access IPsec
(IPsec connections employing extended authentication).
This value is accumulated from the last reboot of
the firewall."
::= { cuFwConnectionGlobals 12 }
cufwConnResMemoryUsage OBJECT-TYPE
SYNTAX Gauge
-- Units
-- KBytes
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The amount of memory occupied by all structures
required to maintain the state of all connections
which are either being established or are active."
::= { cuFwConnectionResources 1 }
cufwConnResActiveConnMemoryUsage OBJECT-TYPE
SYNTAX Gauge
-- Units
-- KBytes
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The amount of memory occupied by all structures
required to maintain the state of all active
connections."
::= { cuFwConnectionResources 2 }
cufwConnResHOConnMemoryUsage OBJECT-TYPE
SYNTAX Gauge
-- Units
-- KBytes
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The amount of memory occupied by all structures
required to maintain the state of all half
open connections."
::= { cuFwConnectionResources 3 }
cufwConnResEmbrConnMemoryUsage OBJECT-TYPE
SYNTAX Gauge
-- Units
-- KBytes
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The amount of memory occupied by all structures
required to maintain the state of all embryonic
connections."
::= { cuFwConnectionResources 4 }
cufwConnReptAppStats OBJECT-TYPE
SYNTAX TruthValue
-- Rsyntax INTEGER {
-- true(1),
-- false(2)
-- }
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Setting this object to 'true' enables the MIB to
report connection activity statistics pertaining
to application protocols.
If this object is set to 'false', the agent
should stop updating the objects defined in this
module pertaining to application protocols.
Application monitoring could be a resource intensive
operation. It is expected that the administrators
would use this control to disable application
monitoring when the performance of the firewall is
degrading."
DEFVAL { false }
::= { cuFwConnectionReportSettings 1 }
cufwConnReptAppStatsLastChanged OBJECT-TYPE
SYNTAX TimeStamp
-- Rsyntax TimeTicks
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The time at which the value of cufwConnReptAppStats
was last changed."
::= { cuFwConnectionReportSettings 2 }
cufwConnSummaryTable OBJECT-TYPE
SYNTAX SEQUENCE OF CufwConnSummaryEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"This table summarizes the connection activity on
the firewall per layer3-layer 4 protocol instance.
Each entry in the table lists the connection
summary of a distinct network protocol.
For instance, the conceptual row corresponding to the
index
cufwConnProtocol = fwpTcp
yields the summary of TCP connection activity on the
firewall since its reboot."
::= { cuFwConnectionSummaryTables 1 }
cufwConnSummaryEntry OBJECT-TYPE
SYNTAX CufwConnSummaryEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Each entry contains the summary of connection
activity for a layer3-layer4 network protocol."
INDEX { cufwConnProtocol }
::= { cufwConnSummaryTable 1 }
CufwConnSummaryEntry ::= SEQUENCE {
cufwConnProtocol CFWNetworkProtocol,
cufwConnNumAttempted Counter,
cufwConnNumSetupsAborted Counter,
cufwConnNumPolicyDeclined Counter,
cufwConnNumResDeclined Counter,
cufwConnNumHalfOpen Gauge,
cufwConnNumActive Gauge,
cufwConnNumAborted Counter,
cufwConnSetupRate1 Gauge,
cufwConnSetupRate5 Gauge
}
cufwConnProtocol OBJECT-TYPE
SYNTAX CFWNetworkProtocol
-- Rsyntax INTEGER {
-- none(1),
-- other(2),
-- ip(3),
-- icmp(4),
-- gre(5),
-- udp(6),
-- tcp(7)
-- }
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The (L3-L4) protocol for which this conceptual
row summarizes the connection activity on the
managed entity."
::= { cufwConnSummaryEntry 1 }
cufwConnNumAttempted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections attempted since the last
reboot of the firewall, corresponding to the protocol
denoted by 'cufwConnProtocol'.
This value is accumulated from the last reboot of
the firewall."
::= { cufwConnSummaryEntry 2 }
cufwConnNumSetupsAborted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connection setup attempts,
corresponding to the protocol denoted by
'cufwConnProtocol', that were aborted before the
connection could proceed to completion. The
counter includes setup attempts aborted by the
firewall as well as those aborted by the initiator
and/or the responder(s) of/to the connection setup
attempt.
Consequently, this value subsumes the values of
objects 'cufwConnNumPolicyDeclined' and
'cufwConnNumResDeclined'.
This value is accumulated from the last reboot of
the firewall."
::= { cufwConnSummaryEntry 3 }
cufwConnNumPolicyDeclined OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connection attempts that were declined
due to security policy, corresponding to the protocol
denoted by 'cufwConnProtocol'.
This value is accumulated from the last reboot of
the firewall."
::= { cufwConnSummaryEntry 4 }
cufwConnNumResDeclined OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connection attempts that were declined
due to resource unavailability, corresponding to the
protocol denoted by 'cufwConnProtocol'.
This value is accumulated from the last reboot of
the firewall."
::= { cufwConnSummaryEntry 5 }
cufwConnNumHalfOpen OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections that are currently in the
process of being established, corresponding to the
protocol denoted by 'cufwConnProtocol'."
::= { cufwConnSummaryEntry 6 }
cufwConnNumActive OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections that are currently active,
corresponding to the protocol denoted by
'cufwConnProtocol'."
::= { cufwConnSummaryEntry 7 }
cufwConnNumAborted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections that were abnormally
terminated after successful establishment,
corresponding to the protocol denoted by
'cufwConnProtocol'.
This value is accumulated from the last reboot of
the firewall."
::= { cufwConnSummaryEntry 8 }
cufwConnSetupRate1 OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections Per Second
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The connection setup rate averaged over the last
60 seconds corresponding to the protocol denoted by
'cufwConnProtocol'."
::= { cufwConnSummaryEntry 9 }
cufwConnSetupRate5 OBJECT-TYPE
SYNTAX Gauge
-- Units
-- Connections Per Second
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The connection setup rate averaged over the last
300 seconds corresponding to the protocol denoted by
'cufwConnProtocol'."
::= { cufwConnSummaryEntry 10 }
cufwAppConnSummaryTable OBJECT-TYPE
SYNTAX SEQUENCE OF CufwAppConnSummaryEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"This table lists the summary of firewall
connections pertaining to Layer 7 protocols,
catalogued by distinct application protocols.
Each entry in the table lists the connection
summary corresponding to a distinct application
protocol.
For instance, to obtain the connection summary
for SMTP on the firewall since the last reboot
of the device, use the conceptual row
corresponding to
cufwAppConnProtocol = fwApSmtp"
::= { cuFwConnectionSummaryTables 2 }
cufwAppConnSummaryEntry OBJECT-TYPE
SYNTAX CufwAppConnSummaryEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Each entry contains the summary of connection
activity for a distinct layer 7 protocol identified
by the index element 'cufwAppConnProtocol'."
INDEX { cufwAppConnProtocol }
::= { cufwAppConnSummaryTable 1 }
CufwAppConnSummaryEntry ::= SEQUENCE {
cufwAppConnProtocol CFWApplicationProtocol,
cufwAppConnNumAttempted Counter,
cufwAppConnNumSetupsAborted Counter,
cufwAppConnNumPolicyDeclined Counter,
cufwAppConnNumResDeclined Counter,
cufwAppConnNumHalfOpen Gauge,
cufwAppConnNumActive Gauge,
cufwAppConnNumAborted Counter,
cufwAppConnSetupRate1 Gauge,
cufwAppConnSetupRate5 Gauge
}
cufwAppConnProtocol OBJECT-TYPE
SYNTAX CFWApplicationProtocol
-- Rsyntax INTEGER {
-- none(1),
-- other(2),
-- ftp(3),
-- telnet(4),
-- smtp(5),
-- http(6),
-- tacacs(7),
-- dns(8),
-- sqlnet(9),
-- https(10),
-- tftp(11),
-- gopher(12),
-- finger(13),
-- kerberos(14),
-- pop2(15),
-- pop3(16),
-- sunRpc(17),
-- msRpc(18),
-- nntp(19),
-- snmp(20),
-- imap(21),
-- ldap(22),
-- exec(23),
-- login(24),
-- shell(25),
-- msSql(26),
-- sybaseSql(27),
-- nfs(28),
-- lotusnote(29),
-- h323(30),
-- cuseeme(31),
-- realmedia(32),
-- netshow(33),
-- streamworks(34),
-- vdolive(35),
-- sap(36),
-- sip(37),
-- mgcp(38),
-- rtsp(39),
-- skinny(40),
-- gtpV0(41),
-- gtpV1(42),
-- echo(43),
-- discard(44),
-- daytime(45),
-- netstat(46),
-- ssh(47),
-- time(48),
-- tacacsDs(49),
-- bootps(50),
-- bootpc(51),
-- dnsix(52),
-- rtelnet(53),
-- ident(54),
-- sqlServ(55),
-- ntp(56),
-- pwdgen(57),
-- ciscoFna(58),
-- ciscoTna(59),
-- ciscoSys(60),
-- netbiosNs(61),
-- netbiosDgm(62),
-- netbiosSsn(63),
-- sqlSrv(64),
-- snmpTrap(65),
-- rsvd(66),
-- send(67),
-- xdmcp(68),
-- bgp(69),
-- irc(70),
-- qmtp(71),
-- ipx(72),
-- dbase(73),
-- imap3(74),
-- rsvpTunnel(75),
-- hpCollector(76),
-- hpManagedNode(77),
-- hpAlarmMgr(78),
-- microsoftDs(79),
-- creativeServer(80),
-- creativePartnr(81),
-- appleQtc(82),
-- igmpV3Lite(83),
-- isakmp(84),
-- biff(85),
-- who(86),
-- syslog(87),
-- router(88),
-- ncp(89),
-- timed(90),
-- ircServ(91),
-- uucp(92),
-- syslogConn(93),
-- sshell(94),
-- ldaps(95),
-- dhcpFailover(96),
-- msexchRouting(97),
-- entrustSvcs(98),
-- entrustSvcHandler(99),
-- ciscoTdp(100),
-- webster(101),
-- gdoi(102),
-- iscsi(103),
-- cddbp(104),
-- ftps(105),
-- telnets(106),
-- imaps(107),
-- ircs(108),
-- pop3s(109),
-- socks(110),
-- kazaa(111),
-- msSqlM(112),
-- msSna(113),
-- wins(114),
-- ica(115),
-- orasrv(116),
-- rdbDbsDisp(117),
-- vqp(118),
-- icabrowser(119),
-- kermit(120),
-- rsvpEncap(121),
-- l2tp(122),
-- pptp(123),
-- h323Gatestat(124),
-- rWinsock(125),
-- radius(126),
-- hsrp(127),
-- net8Cman(128),
-- oracleEmVp(129),
-- oracleNames(130),
-- oracle(131),
-- ciscoSvcs(132),
-- ciscoNetMgmt(133),
-- stun(134),
-- trRsrb(135),
-- ddnsV3(136),
-- aceSvr(137),
-- giop(138),
-- ttc(139),
-- ipass(140),
-- clp(141),
-- citrixImaClient(142),
-- sms(143),
-- citrix(144),
-- realSecure(145),
-- lotusMtap(146),
-- cifs(147),
-- msDotnetster(148),
-- tarantella(149),
-- fcipPort(150),
-- ssp(151),
-- iscsiTarget(152),
-- mySql(153),
-- msClusterNet(154),
-- ldapAdmin(155),
-- ieee80211Iapp(156),
-- oemAgent(157),
-- rtcPmPort(158),
-- dbControlAgent(159),
-- ipsecMsft(160),
-- sipTls(161),
-- aim(162),
-- pcAnyWhereData(163),
-- pcAnyWhereStat(164),
-- x11(165),
-- ircu(166),
-- n2h2Server(167),
-- h323CallSigAlt(168),
-- yahooMsgr(169),
-- msnMsgr(170)
-- }
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The layer7 protocol for which this conceptual
row summarizes the connection activity for this
firewall."
::= { cufwAppConnSummaryEntry 1 }
cufwAppConnNumAttempted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of connections attempted since the last
reboot of the firewall, corresponding to the protocol
denoted by 'cufwAppConnProtocol'.
This value is accumulated from the last reboot of
the firewall subject to the control exercised by
cufwConnReptAppStats."
::= { cufwAppConnSummaryEntry 2 }
cufwAppConnNumSetupsAborted OBJECT-TYPE
SYNTAX --?? syntax is not convertable to SMIv1
Counter
-- Units
-- Connections