                     -- IPFWCHAINS-MIB
              -- Definied by Didier Dhaenens
		-- Version 5 : 22/03/99
	
IPFWCHAINS-MIB 
 
DEFINITIONS ::= BEGIN

IMPORTS
      enterprises, INTEGER
     	  FROM RFC1155-SMI
      OBJECT-TYPE      
	  FROM RFC-1212
      DisplayString
	  FROM RFC1213-MIB
      ucdavis, ucdExperimental 
	  FROM UCD-SNMP-MIB;

ipfw 	OBJECT IDENTIFIER ::= { ucdExperimental 3 }

ipfwChainTable OBJECT-TYPE
	SYNTAX SEQUENCE OF IpfwChain
	ACCESS not-accessible
	STATUS mandatory
	DESCRIPTION
		"Table with the chains of the firewall"
	::= { ipfw 1 }

ipfwChain OBJECT-TYPE 
	SYNTAX IpfwChain
	ACCESS not-accessible
	STATUS mandatory
	DESCRIPTION
		" ipfwchains row "
	INDEX
		{ chainindex }
	::= { ipfwChainTable 1 } 		

IpfwChain ::= SEQUENCE {		
	chainindex	INTEGER,
        chainlabel	DisplayString,
	policy		DisplayString,
	refcnt		INTEGER,
	pkts		DisplayString,
	bytes		DisplayString,
	zero		INTEGER,
	flush		INTEGER,
	optimize	INTEGER,
	chainPackets	Counter32,
	chainOctets	Counter32,
	}

chainindex OBJECT-TYPE
	SYNTAX INTEGER
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" index in tabel "
	::= { ipfwChain 1 }

chainlabel OBJECT-TYPE
	SYNTAX DisplayString
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Name of the chain "
	::= { ipfwChain 2 }

policy OBJECT-TYPE
	SYNTAX DisplayString
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Default policy of chain "
	::= { ipfwChain 3 }

refcnt OBJECT-TYPE
	SYNTAX INTEGER
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Number of references to this chain "
	::= { ipfwChain 4 }

pkts OBJECT-TYPE
	SYNTAX DisplayString
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Number of packets that matched default rule "
	::= { ipfwChain 5 }

bytes OBJECT-TYPE
	SYNTAX DisplayString
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Number of bytes that matched default rule "
	::= { ipfwChain 6 }

zero OBJECT-TYPE
	SYNTAX INTEGER
	ACCESS read-write
	STATUS mandatory
	DESCRIPTION
		" Setting this variable to 1 zeroes the packet and bytecounters for this chain "
	::= { ipfwChain 7 }

flush OBJECT-TYPE
        SYNTAX INTEGER
        ACCESS read-write
        STATUS mandatory
        DESCRIPTION
                " Setting this variable to flushes this chain "
        ::= { ipfwChain 8 }  

optimize OBJECT-TYPE
        SYNTAX INTEGER
        ACCESS read-write
        STATUS mandatory
        DESCRIPTION
                " Setting this variable to 1 reorders the firewalling rules for max packet thoughput "
        ::= { ipfwChain 9 }     

chainPackets	OBJECT-TYPE
	SYNTAX Counter32
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Chain packet counter "
	::= { ipfwChain 10 }
	
chainOctets	OBJECT-TYPE
	SYNTAX Counter32
	ACCESS read-only
	STATUS mandatory
	DESCRIPTION
		" Chain octet counter "
	::= { ipfwChain 11 }

ipfwRuleTable OBJECT-TYPE
        SYNTAX SEQUENCE OF IpfwRule
        ACCESS not-accessible
        STATUS mandatory
        DESCRIPTION
                "Table with the rules from the firewall"
        ::= { ipfw 2 }       

ipfwRule OBJECT-TYPE
        SYNTAX IpfwRule
        ACCESS not-accessible
        STATUS mandatory
        DESCRIPTION
                " Row from the ipfwRuleTable "
        INDEX
                { ruleindex }
        ::= { ipfwRuleTable 1 }

IpfwRule ::= SEQUENCE {

        ruleindex 	INTEGER,
        chain		DisplayString,
        pkts            DisplayString,
        bytes           DisplayString,
	target		DisplayString,
	prot		DisplayString,
	source		DisplayString,
	destination	DisplayString,
	ports		DisplayString,
	opt		DisplayString,
	ifname		DisplayString,
	tosa		DisplayString,
	tosx		DisplayString,
	mark		DisplayString,
	outsize		DisplayString,
	rulePackets	Counter32,
	ruleOctets	Counter32,
        }      

ruleindex OBJECT-TYPE
        SYNTAX INTEGER
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Rulenumber "
        ::= { ipfwRule 1 }

chain   OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Name of the chain "
        ::= { ipfwRule 2 }

pkts 	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Number of packets that matched this rule "
        ::= { ipfwRule 3 }

bytes 	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Number of bytes that matched this rule "
        ::= { ipfwRule 4 }   

target	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Target of this rule "
        ::= { ipfwRule 5 }

prot  	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Protocol of this rule "
        ::= { ipfwRule 6 }   

source  OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Source of this rule "
        ::= { ipfwRule 7 }

destination  OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Destination of this rule "
        ::= { ipfwRule 8 }      

ports  	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Portrange source -> Portrange destination "
        ::= { ipfwRule 9 }   

opt	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Options of this rule "
        ::= { ipfwRule 10 }

ifname  OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Interface to which this rule applies "
        ::= { ipfwRule 11 }      

tosa  	OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " TOS-field will be Anded with this value "
        ::= { ipfwRule 12 }

tosx    OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " TOS-field will be Xored with this value "
        ::= { ipfwRule 13 }      

mark    OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Packet will be marked with this value "
        ::= { ipfwRule 14 }   

outsize OBJECT-TYPE
        SYNTAX DisplayString
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Maximum size of outgoing packet "
        ::= { ipfwRule 15 }   

rulePackets OBJECT-TYPE
        SYNTAX Counter32
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Rule packet count "
        ::= { ipfwRule 16 }   

ruleOctets OBJECT-TYPE
        SYNTAX Counter32
        ACCESS read-only
        STATUS mandatory
        DESCRIPTION
                " Rule octet count "
        ::= { ipfwRule 17 }   
END
