xref: /freebsd/usr.sbin/bsnmpd/modules/snmp_pf/BEGEMOT-PF-MIB.txt (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c) 
1--
2-- ----------------------------------------------------------------------------
3-- "THE BEER-WARE LICENSE" (Revision 42):
4-- <philip@FreeBSD.org> wrote this file.  As long as you retain this notice you
5-- can do whatever you want with this stuff. If we meet some day, and you think
6-- this stuff is worth it, you can buy me a beer in return.   -Philip Paeps
7-- ----------------------------------------------------------------------------
8--
9
10BEGEMOT-PF-MIB DEFINITIONS ::= BEGIN
11
12IMPORTS
13    MODULE-IDENTITY, OBJECT-TYPE, Counter64, Integer32,
14    TimeTicks, Unsigned32
15	FROM SNMPv2-SMI
16    TruthValue
17	FROM SNMPv2-TC
18    InetAddress, InetAddressType, InetAddressPrefixLength
19	FROM INET-ADDRESS-MIB
20    begemot
21	FROM BEGEMOT-MIB;
22
23begemotPf MODULE-IDENTITY
24    LAST-UPDATED "201003180000Z"
25    ORGANIZATION "NixSys BVBA"
26    CONTACT-INFO
27	    "		Philip Paeps
28
29	     Postal:	NixSys BVBA
30			Louizastraat 14
31			BE-2800 Mechelen
32			Belgium
33
34	     E-Mail:	philip@FreeBSD.org"
35    DESCRIPTION
36	    "The Begemot MIB for the pf packet filter."
37    REVISION	"201003180000Z"
38    DESCRIPTION
39		"Modified pfTablesAddrEntry to support IPv6
40		addresses - added pfTablesAddrNetType column
41		and modified type of pfTablesAddrNet to
42		InetAddress."
43    REVISION	"200912050000Z"
44    DESCRIPTION
45	    "Added support for retrieving counters of labeled
46	    pf filter rules via pfLabelspfLabels subtree."
47    REVISION	"200501240000Z"
48    DESCRIPTION
49	    "Initial revision."
50
51    ::= { begemot 200 }
52
53begemotPfObjects	OBJECT IDENTIFIER ::= { begemotPf 1 }
54
55-- --------------------------------------------------------------------------
56
57pfStatus		OBJECT IDENTIFIER ::= { begemotPfObjects 1 }
58pfCounter		OBJECT IDENTIFIER ::= { begemotPfObjects 2 }
59pfStateTable		OBJECT IDENTIFIER ::= { begemotPfObjects 3 }
60pfSrcNodes		OBJECT IDENTIFIER ::= { begemotPfObjects 4 }
61pfLimits		OBJECT IDENTIFIER ::= { begemotPfObjects 5 }
62pfTimeouts		OBJECT IDENTIFIER ::= { begemotPfObjects 6 }
63pfLogInterface		OBJECT IDENTIFIER ::= { begemotPfObjects 7 }
64pfInterfaces		OBJECT IDENTIFIER ::= { begemotPfObjects 8 }
65pfTables		OBJECT IDENTIFIER ::= { begemotPfObjects 9 }
66pfAltq			OBJECT IDENTIFIER ::= { begemotPfObjects 10 }
67pfLabels		OBJECT IDENTIFIER ::= { begemotPfObjects 11 }
68
69-- --------------------------------------------------------------------------
70
71--
72-- status information
73--
74
75pfStatusRunning OBJECT-TYPE
76    SYNTAX	TruthValue
77    MAX-ACCESS	read-only
78    STATUS	current
79    DESCRIPTION
80	"True if pf is currently enabled."
81    ::= { pfStatus 1 }
82
83pfStatusRuntime OBJECT-TYPE
84    SYNTAX	TimeTicks
85    UNITS	"1/100th of a Second"
86    MAX-ACCESS	read-only
87    STATUS	current
88    DESCRIPTION
89	"Indicates how long pf has been enabled.  If pf is not currently
90	enabled, indicates how long it has been disabled.  If pf has not
91	been enabled or disabled since the system was started, the value
92	will be 0."
93    ::= { pfStatus 2 }
94
95pfStatusDebug OBJECT-TYPE
96    SYNTAX	INTEGER { none(0), urgent(1), misc(2), loud(3) }
97    MAX-ACCESS	read-only
98    STATUS	current
99    DESCRIPTION
100	"Indicates the debug level at which pf is running."
101    ::= { pfStatus 3 }
102
103pfStatusHostId OBJECT-TYPE
104    SYNTAX	OCTET STRING
105    MAX-ACCESS	read-only
106    STATUS	current
107    DESCRIPTION
108	"The (unique) host identifier of the machine running pf."
109    ::= { pfStatus 4 }
110
111-- --------------------------------------------------------------------------
112
113--
114-- counters
115--
116
117pfCounterMatch OBJECT-TYPE
118    SYNTAX	Counter64
119    MAX-ACCESS	read-only
120    STATUS	current
121    DESCRIPTION
122	"Number of packets that matched a filter rule."
123    ::= { pfCounter 1 }
124
125pfCounterBadOffset OBJECT-TYPE
126    SYNTAX	Counter64
127    MAX-ACCESS	read-only
128    STATUS	current
129    DESCRIPTION
130	"Number of packets with bad offset."
131    ::= { pfCounter 2 }
132
133pfCounterFragment OBJECT-TYPE
134    SYNTAX	Counter64
135    MAX-ACCESS	read-only
136    STATUS	current
137    DESCRIPTION
138	"Number of fragmented packets."
139    ::= { pfCounter 3 }
140
141pfCounterShort OBJECT-TYPE
142    SYNTAX	Counter64
143    MAX-ACCESS	read-only
144    STATUS	current
145    DESCRIPTION
146	"Number of short packets."
147    ::= { pfCounter 4 }
148
149pfCounterNormalize OBJECT-TYPE
150    SYNTAX	Counter64
151    MAX-ACCESS	read-only
152    STATUS	current
153    DESCRIPTION
154	"Number of normalized packets."
155    ::= { pfCounter 5 }
156
157pfCounterMemDrop OBJECT-TYPE
158    SYNTAX	Counter64
159    MAX-ACCESS	read-only
160    STATUS	current
161    DESCRIPTION
162	"Number of packets dropped due to memory limitations."
163    ::= { pfCounter 6 }
164
165-- --------------------------------------------------------------------------
166
167--
168-- state table
169--
170
171pfStateTableCount OBJECT-TYPE
172    SYNTAX	Unsigned32
173    MAX-ACCESS	read-only
174    STATUS	current
175    DESCRIPTION
176	"Number of entries in the state table."
177    ::= { pfStateTable 1 }
178
179pfStateTableSearches OBJECT-TYPE
180    SYNTAX	Counter64
181    MAX-ACCESS	read-only
182    STATUS	current
183    DESCRIPTION
184	"Number of searches against the state table."
185    ::= { pfStateTable 2 }
186
187pfStateTableInserts OBJECT-TYPE
188    SYNTAX	Counter64
189    MAX-ACCESS	read-only
190    STATUS	current
191    DESCRIPTION
192	"Number of entries inserted into the state table."
193    ::= { pfStateTable 3 }
194
195pfStateTableRemovals OBJECT-TYPE
196    SYNTAX	Counter64
197    MAX-ACCESS	read-only
198    STATUS	current
199    DESCRIPTION
200	"Number of entries removed from the state table."
201    ::= { pfStateTable 4 }
202
203-- --------------------------------------------------------------------------
204
205--
206-- source nodes
207--
208
209pfSrcNodesCount OBJECT-TYPE
210    SYNTAX	Unsigned32
211    MAX-ACCESS	read-only
212    STATUS	current
213    DESCRIPTION
214	"Number of entries in the source tracking table."
215    ::= { pfSrcNodes 1 }
216
217pfSrcNodesSearches OBJECT-TYPE
218    SYNTAX	Counter64
219    MAX-ACCESS	read-only
220    STATUS	current
221    DESCRIPTION
222	"Number of searches against the source tracking table."
223    ::= { pfSrcNodes 2 }
224
225pfSrcNodesInserts OBJECT-TYPE
226    SYNTAX	Counter64
227    MAX-ACCESS	read-only
228    STATUS	current
229    DESCRIPTION
230	"Number of entries inserted into the source tracking table."
231    ::= { pfSrcNodes 3 }
232
233pfSrcNodesRemovals OBJECT-TYPE
234    SYNTAX	Counter64
235    MAX-ACCESS	read-only
236    STATUS	current
237    DESCRIPTION
238	"Number of entries removed from the source tracking table."
239    ::= { pfSrcNodes 4 }
240
241-- --------------------------------------------------------------------------
242
243--
244-- limits
245--
246
247pfLimitsStates OBJECT-TYPE
248    SYNTAX	Unsigned32
249    MAX-ACCESS	read-only
250    STATUS	current
251    DESCRIPTION
252	"Maximum number of 'keep state' rules in the ruleset."
253    ::= { pfLimits 1 }
254
255pfLimitsSrcNodes OBJECT-TYPE
256    SYNTAX	Unsigned32
257    MAX-ACCESS	read-only
258    STATUS	current
259    DESCRIPTION
260	"Maximum number of 'sticky-address' or 'source-track' rules
261	in the ruleset."
262    ::= { pfLimits 2 }
263
264pfLimitsFrags OBJECT-TYPE
265    SYNTAX	Unsigned32
266    MAX-ACCESS	read-only
267    STATUS	current
268    DESCRIPTION
269	"Maximum number of 'scrub' rules in the ruleset."
270    ::= { pfLimits 3 }
271
272-- --------------------------------------------------------------------------
273
274--
275-- timeouts
276--
277
278pfTimeoutsTcpFirst OBJECT-TYPE
279    SYNTAX	Integer32
280    MAX-ACCESS	read-only
281    STATUS	current
282    DESCRIPTION
283	"State after the first packet in a connection."
284    ::= { pfTimeouts 1 }
285
286pfTimeoutsTcpOpening OBJECT-TYPE
287    SYNTAX	Integer32
288    MAX-ACCESS	read-only
289    STATUS	current
290    DESCRIPTION
291	"State before the destination host ever sends a packet."
292    ::= { pfTimeouts 2 }
293
294pfTimeoutsTcpEstablished OBJECT-TYPE
295    SYNTAX	Integer32
296    MAX-ACCESS	read-only
297    STATUS	current
298    DESCRIPTION
299	"The fully established state."
300    ::= { pfTimeouts 3 }
301
302pfTimeoutsTcpClosing OBJECT-TYPE
303    SYNTAX	Integer32
304    MAX-ACCESS	read-only
305    STATUS	current
306    DESCRIPTION
307	"State after the first FIN has been sent."
308    ::= { pfTimeouts 4 }
309
310pfTimeoutsTcpFinWait OBJECT-TYPE
311    SYNTAX	Integer32
312    MAX-ACCESS	read-only
313    STATUS	current
314    DESCRIPTION
315	"State after both FINs have been exchanged and the
316	connection is closed."
317    ::= { pfTimeouts 5 }
318
319pfTimeoutsTcpClosed OBJECT-TYPE
320    SYNTAX	Integer32
321    MAX-ACCESS	read-only
322    STATUS	current
323    DESCRIPTION
324	"State after one endpoint sends an RST."
325    ::= { pfTimeouts 6 }
326
327pfTimeoutsUdpFirst OBJECT-TYPE
328    SYNTAX	Integer32
329    MAX-ACCESS	read-only
330    STATUS	current
331    DESCRIPTION
332	"State after the first packet."
333    ::= { pfTimeouts 7 }
334
335pfTimeoutsUdpSingle OBJECT-TYPE
336    SYNTAX	Integer32
337    MAX-ACCESS	read-only
338    STATUS	current
339    DESCRIPTION
340	"State if the source host sends more than one packet but
341	the destination host has never sent one back."
342    ::= { pfTimeouts 8 }
343
344pfTimeoutsUdpMultiple OBJECT-TYPE
345    SYNTAX	Integer32
346    MAX-ACCESS	read-only
347    STATUS	current
348    DESCRIPTION
349	"State if both hosts have sent packets."
350    ::= { pfTimeouts 9 }
351
352pfTimeoutsIcmpFirst OBJECT-TYPE
353    SYNTAX	Integer32
354    MAX-ACCESS	read-only
355    STATUS	current
356    DESCRIPTION
357	"State after the first packet."
358    ::= { pfTimeouts 10 }
359
360pfTimeoutsIcmpError OBJECT-TYPE
361    SYNTAX	Integer32
362    MAX-ACCESS	read-only
363    STATUS	current
364    DESCRIPTION
365	"State after an ICMP error came back in response to an
366	ICMP packet."
367    ::= { pfTimeouts 11 }
368
369pfTimeoutsOtherFirst OBJECT-TYPE
370    SYNTAX	Integer32
371    MAX-ACCESS	read-only
372    STATUS	current
373    DESCRIPTION
374	"State after the first packet."
375    ::= { pfTimeouts 12 }
376
377pfTimeoutsOtherSingle OBJECT-TYPE
378    SYNTAX	Integer32
379    MAX-ACCESS	read-only
380    STATUS	current
381    DESCRIPTION
382	"State if the source host sends more than one packet but
383	the destination host has never sent one back."
384    ::= { pfTimeouts 13 }
385
386pfTimeoutsOtherMultiple OBJECT-TYPE
387    SYNTAX	Integer32
388    MAX-ACCESS	read-only
389    STATUS	current
390    DESCRIPTION
391	"State if both hosts have sent packets."
392    ::= { pfTimeouts 14 }
393
394pfTimeoutsFragment OBJECT-TYPE
395    SYNTAX	Integer32
396    MAX-ACCESS	read-only
397    STATUS	current
398    DESCRIPTION
399	"Seconds before an unassembled fragment is expired."
400    ::= { pfTimeouts 15 }
401
402pfTimeoutsInterval OBJECT-TYPE
403    SYNTAX	Integer32
404    MAX-ACCESS	read-only
405    STATUS	current
406    DESCRIPTION
407	"Interval between purging expired states and fragments."
408    ::= { pfTimeouts 16 }
409
410pfTimeoutsAdaptiveStart OBJECT-TYPE
411    SYNTAX	Integer32
412    MAX-ACCESS	read-only
413    STATUS	current
414    DESCRIPTION
415	"When the number of state entries exceeds this value,
416	adaptive scaling begins."
417    ::= { pfTimeouts 17 }
418
419pfTimeoutsAdaptiveEnd OBJECT-TYPE
420    SYNTAX	Integer32
421    MAX-ACCESS	read-only
422    STATUS	current
423    DESCRIPTION
424	"When reaching this number of state entries, all timeout
425	values become zero, effectively purging all state entries
426	immediately."
427    ::= { pfTimeouts 18 }
428
429pfTimeoutsSrcNode OBJECT-TYPE
430    SYNTAX	Integer32
431    MAX-ACCESS	read-only
432    STATUS	current
433    DESCRIPTION
434	"Length of time to retain a source tracking entry after
435	the last state expires."
436    ::= { pfTimeouts 19 }
437
438-- --------------------------------------------------------------------------
439
440--
441-- log interface
442--
443
444pfLogInterfaceName OBJECT-TYPE
445    SYNTAX	OCTET STRING
446    MAX-ACCESS	read-only
447    STATUS	current
448    DESCRIPTION
449	"The name of the interface configured with 'set loginterface'.
450	If no interface has been configured, the object will be empty."
451    ::= { pfLogInterface 1 }
452
453pfLogInterfaceIp4BytesIn OBJECT-TYPE
454    SYNTAX	Counter64
455    MAX-ACCESS	read-only
456    STATUS	current
457    DESCRIPTION
458	"Number of IPv4 bytes passed in on the loginterface."
459    ::= { pfLogInterface 2 }
460
461pfLogInterfaceIp4BytesOut OBJECT-TYPE
462    SYNTAX	Counter64
463    MAX-ACCESS	read-only
464    STATUS	current
465    DESCRIPTION
466	"Number of IPv4 bytes passed out on the loginterface."
467    ::= { pfLogInterface 3 }
468
469pfLogInterfaceIp4PktsInPass OBJECT-TYPE
470    SYNTAX	Counter64
471    MAX-ACCESS	read-only
472    STATUS	current
473    DESCRIPTION
474	"Number of IPv4 packets passed in on the loginterface."
475    ::= { pfLogInterface 4 }
476
477pfLogInterfaceIp4PktsInDrop OBJECT-TYPE
478    SYNTAX	Counter64
479    MAX-ACCESS	read-only
480    STATUS	current
481    DESCRIPTION
482	"Number of IPv4 packets dropped coming in on the loginterface."
483    ::= { pfLogInterface 5 }
484
485pfLogInterfaceIp4PktsOutPass OBJECT-TYPE
486    SYNTAX	Counter64
487    MAX-ACCESS	read-only
488    STATUS	current
489    DESCRIPTION
490	"Number of IPv4 packets passed out on the loginterface."
491    ::= { pfLogInterface 6 }
492
493pfLogInterfaceIp4PktsOutDrop OBJECT-TYPE
494    SYNTAX	Counter64
495    MAX-ACCESS	read-only
496    STATUS	current
497    DESCRIPTION
498	"Number of IPv4 packets dropped going out on the loginterface."
499    ::= { pfLogInterface 7 }
500
501pfLogInterfaceIp6BytesIn OBJECT-TYPE
502    SYNTAX	Counter64
503    MAX-ACCESS	read-only
504    STATUS	current
505    DESCRIPTION
506	"Number of IPv6 bytes passed in on the loginterface."
507    ::= { pfLogInterface 8 }
508
509pfLogInterfaceIp6BytesOut OBJECT-TYPE
510    SYNTAX	Counter64
511    MAX-ACCESS	read-only
512    STATUS	current
513    DESCRIPTION
514	"Number of IPv6 bytes passed out on the loginterface."
515    ::= { pfLogInterface 9 }
516
517pfLogInterfaceIp6PktsInPass OBJECT-TYPE
518    SYNTAX	Counter64
519    MAX-ACCESS	read-only
520    STATUS	current
521    DESCRIPTION
522	"Number of IPv6 packets passed in on the loginterface."
523    ::= { pfLogInterface 10 }
524
525pfLogInterfaceIp6PktsInDrop OBJECT-TYPE
526    SYNTAX	Counter64
527    MAX-ACCESS	read-only
528    STATUS	current
529    DESCRIPTION
530	"Number of IPv6 packets dropped coming in on the loginterface."
531    ::= { pfLogInterface 11 }
532
533pfLogInterfaceIp6PktsOutPass OBJECT-TYPE
534    SYNTAX	Counter64
535    MAX-ACCESS	read-only
536    STATUS	current
537    DESCRIPTION
538	"Number of IPv6 packets passed out on the loginterface."
539    ::= { pfLogInterface 12 }
540
541pfLogInterfaceIp6PktsOutDrop OBJECT-TYPE
542    SYNTAX	Counter64
543    MAX-ACCESS	read-only
544    STATUS	current
545    DESCRIPTION
546	"Number of IPv6 packets dropped going out on the loginterface."
547    ::= { pfLogInterface 13 }
548
549-- --------------------------------------------------------------------------
550
551--
552-- interfaces
553--
554
555pfInterfacesIfNumber OBJECT-TYPE
556    SYNTAX	Integer32
557    MAX-ACCESS	read-only
558    STATUS	current
559    DESCRIPTION
560	"The number of network interfaces on this system."
561    ::= { pfInterfaces 1 }
562
563pfInterfacesIfTable OBJECT-TYPE
564    SYNTAX	SEQUENCE OF PfInterfacesIfEntry
565    MAX-ACCESS	not-accessible
566    STATUS	current
567    DESCRIPTION
568	"Table of network interfaces, indexed on pfInterfacesIfNumber."
569    ::= { pfInterfaces 2 }
570
571pfInterfacesIfEntry OBJECT-TYPE
572    SYNTAX	PfInterfacesIfEntry
573    MAX-ACCESS	not-accessible
574    STATUS	current
575    DESCRIPTION
576	"An entry in the pfInterfacesIfTable containing information
577	about a particular network interface in the machine."
578    INDEX	{ pfInterfacesIfIndex }
579    ::= { pfInterfacesIfTable 1 }
580
581PfInterfacesIfEntry ::= SEQUENCE {
582    pfInterfacesIfIndex		    Integer32,
583    pfInterfacesIfDescr		    OCTET STRING,
584    pfInterfacesIfType		    INTEGER,
585    pfInterfacesIfTZero		    TimeTicks,
586    pfInterfacesIfRefsState	    Null,
587    pfInterfacesIfRefsRule	    Unsigned32,
588    pfInterfacesIf4BytesInPass	    Counter64,
589    pfInterfacesIf4BytesInBlock	    Counter64,
590    pfInterfacesIf4BytesOutPass	    Counter64,
591    pfInterfacesIf4BytesOutBlock    Counter64,
592    pfInterfacesIf4PktsInPass	    Counter64,
593    pfInterfacesIf4PktsInBlock	    Counter64,
594    pfInterfacesIf4PktsOutPass	    Counter64,
595    pfInterfacesIf4PktsOutBlock	    Counter64,
596    pfInterfacesIf6BytesInPass	    Counter64,
597    pfInterfacesIf6BytesInBlock	    Counter64,
598    pfInterfacesIf6BytesOutPass	    Counter64,
599    pfInterfacesIf6BytesOutBlock    Counter64,
600    pfInterfacesIf6PktsInPass	    Counter64,
601    pfInterfacesIf6PktsInBlock	    Counter64,
602    pfInterfacesIf6PktsOutPass	    Counter64,
603    pfInterfacesIf6PktsOutBlock	    Counter64
604}
605
606pfInterfacesIfIndex OBJECT-TYPE
607    SYNTAX	Integer32 (1..2147483647)
608    MAX-ACCESS	not-accessible
609    STATUS	current
610    DESCRIPTION
611	"A unique value, greater than zero, for each interface."
612    ::= { pfInterfacesIfEntry 1 }
613
614pfInterfacesIfDescr OBJECT-TYPE
615    SYNTAX	OCTET STRING
616    MAX-ACCESS	read-only
617    STATUS	current
618    DESCRIPTION
619	"The name of the interface."
620    ::= { pfInterfacesIfEntry 2 }
621
622pfInterfacesIfType OBJECT-TYPE
623    SYNTAX	INTEGER { group(0), instance(1), detached(2) }
624    MAX-ACCESS	read-only
625    STATUS	current
626    DESCRIPTION
627	"Indicates whether the interface is a group inteface, an
628	interface instance, or whether it has been removed or
629	destroyed."
630    ::= { pfInterfacesIfEntry 3 }
631
632pfInterfacesIfTZero OBJECT-TYPE
633    SYNTAX	TimeTicks
634    UNITS	"1/100th of a Second"
635    MAX-ACCESS	read-only
636    STATUS	current
637    DESCRIPTION
638	"Time since statistics were last reset or since the
639	interface was loaded."
640    ::= { pfInterfacesIfEntry 4 }
641
642pfInterfacesIfRefsState OBJECT-TYPE
643    SYNTAX	Unsigned32
644    MAX-ACCESS	read-only
645    STATUS	current
646    DESCRIPTION
647	"The number of state and/or source track entries referencing
648	this interface."
649    ::= { pfInterfacesIfEntry 5 }
650
651pfInterfacesIfRefsRule OBJECT-TYPE
652    SYNTAX	Unsigned32
653    MAX-ACCESS	read-only
654    STATUS	current
655    DESCRIPTION
656	"The number of rules referencing this interface."
657    ::= { pfInterfacesIfEntry 6 }
658
659pfInterfacesIf4BytesInPass OBJECT-TYPE
660    SYNTAX	Counter64
661    MAX-ACCESS	read-only
662    STATUS	current
663    DESCRIPTION
664	"The number of IPv4 bytes passed coming in on this interface."
665    ::= { pfInterfacesIfEntry 7 }
666
667pfInterfacesIf4BytesInBlock OBJECT-TYPE
668    SYNTAX	Counter64
669    MAX-ACCESS	read-only
670    STATUS	current
671    DESCRIPTION
672	"The number of IPv4 bytes blocked coming in on this interface."
673    ::= { pfInterfacesIfEntry 8 }
674
675pfInterfacesIf4BytesOutPass OBJECT-TYPE
676    SYNTAX	Counter64
677    MAX-ACCESS	read-only
678    STATUS	current
679    DESCRIPTION
680	"The number of IPv4 bytes passed going out on this interface."
681    ::= { pfInterfacesIfEntry 9 }
682
683pfInterfacesIf4BytesOutBlock OBJECT-TYPE
684    SYNTAX	Counter64
685    MAX-ACCESS	read-only
686    STATUS	current
687    DESCRIPTION
688	"The number of IPv4 bytes blocked going out on this interface."
689    ::= { pfInterfacesIfEntry 10 }
690
691pfInterfacesIf4PktsInPass OBJECT-TYPE
692    SYNTAX	Counter64
693    MAX-ACCESS	read-only
694    STATUS	current
695    DESCRIPTION
696	"The number of IPv4 packets passed coming in on this interface."
697    ::= { pfInterfacesIfEntry 11 }
698
699pfInterfacesIf4PktsInBlock OBJECT-TYPE
700    SYNTAX	Counter64
701    MAX-ACCESS	read-only
702    STATUS	current
703    DESCRIPTION
704	"The number of IPv4 packets blocked coming in on this interface."
705    ::= { pfInterfacesIfEntry 12 }
706
707pfInterfacesIf4PktsOutPass OBJECT-TYPE
708    SYNTAX	Counter64
709    MAX-ACCESS	read-only
710    STATUS	current
711    DESCRIPTION
712	"The number of IPv4 packets passed going out on this interface."
713    ::= { pfInterfacesIfEntry 13 }
714
715pfInterfacesIf4PktsOutBlock OBJECT-TYPE
716    SYNTAX	Counter64
717    MAX-ACCESS	read-only
718    STATUS	current
719    DESCRIPTION
720	"The number of IPv4 packets blocked going out on this interface."
721    ::= { pfInterfacesIfEntry 14 }
722
723pfInterfacesIf6BytesInPass OBJECT-TYPE
724    SYNTAX	Counter64
725    MAX-ACCESS	read-only
726    STATUS	current
727    DESCRIPTION
728	"The number of IPv6 bytes passed coming in on this interface."
729    ::= { pfInterfacesIfEntry 15 }
730
731pfInterfacesIf6BytesInBlock OBJECT-TYPE
732    SYNTAX	Counter64
733    MAX-ACCESS	read-only
734    STATUS	current
735    DESCRIPTION
736	"The number of IPv6 bytes blocked coming in on this interface."
737    ::= { pfInterfacesIfEntry 16 }
738
739pfInterfacesIf6BytesOutPass OBJECT-TYPE
740    SYNTAX	Counter64
741    MAX-ACCESS	read-only
742    STATUS	current
743    DESCRIPTION
744	"The number of IPv6 bytes passed going out on this interface."
745    ::= { pfInterfacesIfEntry 17 }
746
747pfInterfacesIf6BytesOutBlock OBJECT-TYPE
748    SYNTAX	Counter64
749    MAX-ACCESS	read-only
750    STATUS	current
751    DESCRIPTION
752	"The number of IPv6 bytes blocked going out on this interface."
753    ::= { pfInterfacesIfEntry 18 }
754
755
756pfInterfacesIf6PktsInPass OBJECT-TYPE
757    SYNTAX	Counter64
758    MAX-ACCESS	read-only
759    STATUS	current
760    DESCRIPTION
761	"The number of IPv6 packets passed coming in on this interface."
762    ::= { pfInterfacesIfEntry 19 }
763
764pfInterfacesIf6PktsInBlock OBJECT-TYPE
765    SYNTAX	Counter64
766    MAX-ACCESS	read-only
767    STATUS	current
768    DESCRIPTION
769	"The number of IPv6 packets blocked coming in on this interface."
770    ::= { pfInterfacesIfEntry 20 }
771
772pfInterfacesIf6PktsOutPass OBJECT-TYPE
773    SYNTAX	Counter64
774    MAX-ACCESS	read-only
775    STATUS	current
776    DESCRIPTION
777	"The number of IPv6 packets passed going out on this interface."
778    ::= { pfInterfacesIfEntry 21 }
779
780pfInterfacesIf6PktsOutBlock OBJECT-TYPE
781    SYNTAX	Counter64
782    MAX-ACCESS	read-only
783    STATUS	current
784    DESCRIPTION
785	"The number of IPv6 packets blocked going out on this interface."
786    ::= { pfInterfacesIfEntry 22 }
787
788-- --------------------------------------------------------------------------
789
790--
791-- tables
792--
793
794pfTablesTblNumber OBJECT-TYPE
795    SYNTAX	Integer32
796    MAX-ACCESS	read-only
797    STATUS	current
798    DESCRIPTION
799	"The number of tables on this system."
800    ::= { pfTables 1 }
801
802pfTablesTblTable OBJECT-TYPE
803    SYNTAX	SEQUENCE OF PfTablesTblEntry
804    MAX-ACCESS	not-accessible
805    STATUS	current
806    DESCRIPTION
807	"Table of tables, index on pfTablesTblIndex."
808    ::= { pfTables 2 }
809
810pfTablesTblEntry OBJECT-TYPE
811    SYNTAX	PfTablesTblEntry
812    MAX-ACCESS	not-accessible
813    STATUS	current
814    DESCRIPTION
815	"Any entry in the pfTablesTblTable containing information
816	about a particular table on the system."
817    INDEX	{ pfTablesTblIndex }
818    ::= { pfTablesTblTable 1 }
819
820PfTablesTblEntry ::= SEQUENCE {
821    pfTablesTblIndex		    Integer32,
822    pfTablesTblDescr		    OCTET STRING,
823    pfTablesTblCount		    Integer32,
824    pfTablesTblTZero		    TimeTicks,
825    pfTablesTblRefsAnchor	    Integer32,
826    pfTablesTblRefsRule		    Integer32,
827    pfTablesTblEvalMatch	    Counter64,
828    pfTablesTblEvalNoMatch	    Counter64,
829    pfTablesTblBytesInPass	    Counter64,
830    pfTablesTblBytesInBlock	    Counter64,
831    pfTablesTblBytesInXPass	    Counter64,
832    pfTablesTblBytesOutPass	    Counter64,
833    pfTablesTblBytesOutBlock	    Counter64,
834    pfTablesTblBytesOutXPass	    Counter64,
835    pfTablesTblPktsInPass	    Counter64,
836    pfTablesTblPktsInBlock	    Counter64,
837    pfTablesTblPktsInXPass	    Counter64,
838    pfTablesTblPktsOutPass	    Counter64,
839    pfTablesTblPktsOutBlock	    Counter64,
840    pfTablesTblPktsOutXPass	    Counter64
841}
842
843pfTablesTblIndex OBJECT-TYPE
844    SYNTAX	Integer32 (1..2147483647)
845    MAX-ACCESS  not-accessible
846    STATUS	current
847    DESCRIPTION
848        "A unique value, greater than zero, for each table."
849    ::= { pfTablesTblEntry 1 }
850
851pfTablesTblDescr OBJECT-TYPE
852    SYNTAX	OCTET STRING
853    MAX-ACCESS  read-only
854    STATUS	current
855    DESCRIPTION
856        "The name of the table."
857    ::= { pfTablesTblEntry 2 }
858
859pfTablesTblCount OBJECT-TYPE
860    SYNTAX	Integer32
861    MAX-ACCESS  read-only
862    STATUS	current
863    DESCRIPTION
864        "The number of addresses in the table."
865    ::= { pfTablesTblEntry 3 }
866
867pfTablesTblTZero OBJECT-TYPE
868    SYNTAX	TimeTicks
869    UNITS	"1/100th of a Second"
870    MAX-ACCESS  read-only
871    STATUS	current
872    DESCRIPTION
873        "The time passed since the statistics of this table were last
874        cleared or the time since this table was loaded, whichever is
875        sooner."
876    ::= { pfTablesTblEntry 4 }
877
878pfTablesTblRefsAnchor OBJECT-TYPE
879    SYNTAX	Integer32
880    MAX-ACCESS  read-only
881    STATUS	current
882    DESCRIPTION
883        "The number of anchors referencing this table."
884    ::= { pfTablesTblEntry 5 }
885
886pfTablesTblRefsRule OBJECT-TYPE
887    SYNTAX	Integer32
888    MAX-ACCESS  read-only
889    STATUS	current
890    DESCRIPTION
891        "The number of rules referencing this table."
892    ::= { pfTablesTblEntry 6 }
893
894pfTablesTblEvalMatch OBJECT-TYPE
895    SYNTAX	Counter64
896    MAX-ACCESS  read-only
897    STATUS	current
898    DESCRIPTION
899        "The number of evaluations returning a match."
900    ::= { pfTablesTblEntry 7 }
901
902pfTablesTblEvalNoMatch OBJECT-TYPE
903    SYNTAX	Counter64
904    MAX-ACCESS  read-only
905    STATUS	current
906    DESCRIPTION
907        "The number of evaluations not returning a match."
908    ::= { pfTablesTblEntry 8 }
909
910pfTablesTblBytesInPass OBJECT-TYPE
911    SYNTAX	Counter64
912    MAX-ACCESS  read-only
913    STATUS	current
914    DESCRIPTION
915        "The number of bytes passed in matching the table."
916    ::= { pfTablesTblEntry 9 }
917
918pfTablesTblBytesInBlock	OBJECT-TYPE
919    SYNTAX	Counter64
920    MAX-ACCESS  read-only
921    STATUS	current
922    DESCRIPTION
923        "The number of bytes blocked coming in matching the table."
924    ::= { pfTablesTblEntry 10 }
925
926pfTablesTblBytesInXPass OBJECT-TYPE
927    SYNTAX	Counter64
928    MAX-ACCESS  read-only
929    STATUS	current
930    DESCRIPTION
931        "The number of bytes statefully passed in where the state
932        entry refers to the table, but the table no longer contains
933	the address in question."
934    ::= { pfTablesTblEntry 11 }
935
936pfTablesTblBytesOutPass	OBJECT-TYPE
937    SYNTAX	Counter64
938    MAX-ACCESS  read-only
939    STATUS	current
940    DESCRIPTION
941        "The number of bytes passed out matching the table."
942    ::= { pfTablesTblEntry 12 }
943
944pfTablesTblBytesOutBlock OBJECT-TYPE
945    SYNTAX	Counter64
946    MAX-ACCESS  read-only
947    STATUS	current
948    DESCRIPTION
949        "The number of bytes blocked going out matching the table."
950    ::= { pfTablesTblEntry 13 }
951
952pfTablesTblBytesOutXPass OBJECT-TYPE
953    SYNTAX	Counter64
954    MAX-ACCESS  read-only
955    STATUS	current
956    DESCRIPTION
957        "The number of bytes statefully passed out where the state
958        entry refers to the table, but the table no longer contains
959	the address in question."
960    ::= { pfTablesTblEntry 14 }
961
962pfTablesTblPktsInPass OBJECT-TYPE
963    SYNTAX	Counter64
964    MAX-ACCESS  read-only
965    STATUS	current
966    DESCRIPTION
967        "The number of packets passed in matching the table."
968    ::= { pfTablesTblEntry 15 }
969
970pfTablesTblPktsInBlock OBJECT-TYPE
971    SYNTAX	Counter64
972    MAX-ACCESS  read-only
973    STATUS	current
974    DESCRIPTION
975        "The number of packets blocked coming in matching the table."
976    ::= { pfTablesTblEntry 16 }
977
978pfTablesTblPktsInXPass OBJECT-TYPE
979    SYNTAX	Counter64
980    MAX-ACCESS  read-only
981    STATUS	current
982    DESCRIPTION
983        "The number of packets statefully passed in where the state
984        entry refers to the table, but the table no longer contains
985	the address in question."
986    ::= { pfTablesTblEntry 17 }
987
988pfTablesTblPktsOutPass OBJECT-TYPE
989    SYNTAX	Counter64
990    MAX-ACCESS  read-only
991    STATUS	current
992    DESCRIPTION
993        "The number of packets passed out matching the table."
994    ::= { pfTablesTblEntry 18 }
995
996pfTablesTblPktsOutBlock OBJECT-TYPE
997    SYNTAX	Counter64
998    MAX-ACCESS  read-only
999    STATUS	current
1000    DESCRIPTION
1001        "The number of packets blocked going out matching the table."
1002    ::= { pfTablesTblEntry 19 }
1003
1004pfTablesTblPktsOutXPass OBJECT-TYPE
1005    SYNTAX	Counter64
1006    MAX-ACCESS  read-only
1007    STATUS	current
1008    DESCRIPTION
1009        "The number of packets statefully passed out where the state
1010        entry refers to the table, but the table no longer contains
1011	the address in question."
1012    ::= { pfTablesTblEntry 20 }
1013
1014pfTablesAddrTable OBJECT-TYPE
1015    SYNTAX	SEQUENCE OF PfTablesAddrEntry
1016    MAX-ACCESS  not-accessible
1017    STATUS	current
1018    DESCRIPTION
1019        "Table of addresses from every table on the system."
1020    ::= { pfTables 3 }
1021
1022pfTablesAddrEntry OBJECT-TYPE
1023    SYNTAX	PfTablesAddrEntry
1024    MAX-ACCESS  not-accessible
1025    STATUS	current
1026    DESCRIPTION
1027        "An entry in the pfTablesAddrTable containing information
1028        about a particular entry in a table."
1029    INDEX	{ pfTablesAddrIndex }
1030    ::= { pfTablesAddrTable 1 }
1031
1032PfTablesAddrEntry ::= SEQUENCE {
1033    pfTablesAddrIndex		    Integer32,
1034    pfTablesAddrNetType		    InetAddressType,
1035    pfTablesAddrNet		    InetAddress,
1036    pfTablesAddrPrefix		    InetAddressPrefixLength,
1037    pfTablesAddrTZero		    TimeTicks,
1038    pfTablesAddrBytesInPass	    Counter64,
1039    pfTablesAddrBytesInBlock	    Counter64,
1040    pfTablesAddrBytesOutPass	    Counter64,
1041    pfTablesAddrBytesOutBlock	    Counter64,
1042    pfTablesAddrPktsInPass	    Counter64,
1043    pfTablesAddrPktsInBlock	    Counter64,
1044    pfTablesAddrPktsOutPass	    Counter64,
1045    pfTablesAddrPktsOutBlock	    Counter64
1046}
1047
1048pfTablesAddrIndex OBJECT-TYPE
1049    SYNTAX	Integer32 (1..2147483647)
1050    MAX-ACCESS  not-accessible
1051    STATUS	current
1052    DESCRIPTION
1053        "A unique value, greater than zero, for each address."
1054    ::= { pfTablesAddrEntry 1 }
1055
1056pfTablesAddrNetType OBJECT-TYPE
1057    SYNTAX	InetAddressType
1058    MAX-ACCESS	read-only
1059    STATUS	current
1060    DESCRIPTION
1061	"The type of address in the corresponding pfTablesAddrNet object."
1062    ::= { pfTablesAddrEntry 2 }
1063
1064pfTablesAddrNet OBJECT-TYPE
1065    SYNTAX	InetAddress
1066    MAX-ACCESS  read-only
1067    STATUS	current
1068    DESCRIPTION
1069        "The IP address of this particular table entry."
1070    ::= { pfTablesAddrEntry 3 }
1071
1072pfTablesAddrPrefix OBJECT-TYPE
1073    SYNTAX	InetAddressPrefixLength
1074    MAX-ACCESS  read-only
1075    STATUS	current
1076    DESCRIPTION
1077        "The CIDR netmask of this particular table entry."
1078    ::= { pfTablesAddrEntry 4 }
1079
1080pfTablesAddrTZero OBJECT-TYPE
1081    SYNTAX	TimeTicks
1082    UNITS	"1/100th of a Second"
1083    MAX-ACCESS  read-only
1084    STATUS	current
1085    DESCRIPTION
1086        "The time passed since this entry's statistics were last
1087	cleared, or the time passed since this entry was loaded
1088	into the table, whichever is sooner."
1089    ::= { pfTablesAddrEntry 5 }
1090
1091pfTablesAddrBytesInPass OBJECT-TYPE
1092    SYNTAX	Counter64
1093    MAX-ACCESS  read-only
1094    STATUS	current
1095    DESCRIPTION
1096        "The number of inbound bytes passed as a result of this entry."
1097    ::= { pfTablesAddrEntry 6 }
1098
1099pfTablesAddrBytesInBlock OBJECT-TYPE
1100    SYNTAX	Counter64
1101    MAX-ACCESS  read-only
1102    STATUS	current
1103    DESCRIPTION
1104        "The number of inbound bytes blocked as a result of this entry."
1105    ::= { pfTablesAddrEntry 7 }
1106
1107pfTablesAddrBytesOutPass OBJECT-TYPE
1108    SYNTAX	Counter64
1109    MAX-ACCESS  read-only
1110    STATUS	current
1111    DESCRIPTION
1112        "The number of outbound bytes passed as a result of this entry."
1113    ::= { pfTablesAddrEntry 8 }
1114
1115pfTablesAddrBytesOutBlock OBJECT-TYPE
1116    SYNTAX	Counter64
1117    MAX-ACCESS  read-only
1118    STATUS	current
1119    DESCRIPTION
1120        "The number of outbound bytes blocked as a result of this entry."
1121    ::= { pfTablesAddrEntry 9 }
1122
1123pfTablesAddrPktsInPass OBJECT-TYPE
1124    SYNTAX	Counter64
1125    MAX-ACCESS  read-only
1126    STATUS	current
1127    DESCRIPTION
1128        "The number of inbound packets passed as a result of this entry."
1129    ::= { pfTablesAddrEntry 10 }
1130
1131pfTablesAddrPktsInBlock OBJECT-TYPE
1132    SYNTAX	Counter64
1133    MAX-ACCESS  read-only
1134    STATUS	current
1135    DESCRIPTION
1136        "The number of inbound packets blocked as a result of this entry."
1137    ::= { pfTablesAddrEntry 11 }
1138
1139pfTablesAddrPktsOutPass OBJECT-TYPE
1140    SYNTAX	Counter64
1141    MAX-ACCESS  read-only
1142    STATUS	current
1143    DESCRIPTION
1144        "The number of outbound packets passed as a result of this entry."
1145    ::= { pfTablesAddrEntry 12 }
1146
1147pfTablesAddrPktsOutBlock OBJECT-TYPE
1148    SYNTAX	Counter64
1149    MAX-ACCESS  read-only
1150    STATUS	current
1151    DESCRIPTION
1152        "The number of outbound packets blocked as a result of this
1153        entry."
1154    ::= { pfTablesAddrEntry 13 }
1155
1156-- --------------------------------------------------------------------------
1157
1158--
1159-- Altq information
1160--
1161
1162pfAltqQueueNumber OBJECT-TYPE
1163    SYNTAX	Unsigned32
1164    MAX-ACCESS	read-only
1165    STATUS	current
1166    DESCRIPTION
1167	"The number of queues in the active set."
1168    ::= { pfAltq 1 }
1169
1170pfAltqQueueTable OBJECT-TYPE
1171    SYNTAX	SEQUENCE OF PfAltqQueueEntry
1172    MAX-ACCESS	not-accessible
1173    STATUS	current
1174    DESCRIPTION
1175	"Table containing the rules that are active on this system."
1176    ::= { pfAltq 2 }
1177
1178pfAltqQueueEntry OBJECT-TYPE
1179    SYNTAX	PfAltqQueueEntry
1180    MAX-ACCESS	not-accessible
1181    STATUS	current
1182    DESCRIPTION
1183	"An entry in the pfAltqQueueTable table."
1184    INDEX	{ pfAltqQueueIndex }
1185    ::= { pfAltqQueueTable 1 }
1186
1187PfAltqQueueEntry ::= SEQUENCE {
1188    pfAltqQueueIndex		    Integer32,
1189    pfAltqQueueDescr		    OCTET STRING,
1190    pfAltqQueueParent		    OCTET STRING,
1191    pfAltqQueueScheduler	    INTEGER,
1192    pfAltqQueueBandwidth	    Unsigned32,
1193    pfAltqQueuePriority		    Integer32,
1194    pfAltqQueueLimit		    Integer32
1195}
1196
1197pfAltqQueueIndex OBJECT-TYPE
1198    SYNTAX	Integer32 (1..2147483647)
1199    MAX-ACCESS	not-accessible
1200    STATUS	current
1201    DESCRIPTION
1202	"A unique value, greater than zero, for each queue."
1203    ::= { pfAltqQueueEntry 1 }
1204
1205pfAltqQueueDescr OBJECT-TYPE
1206    SYNTAX	OCTET STRING
1207    MAX-ACCESS	read-only
1208    STATUS	current
1209    DESCRIPTION
1210	"The name of the queue."
1211    ::= { pfAltqQueueEntry 2 }
1212
1213pfAltqQueueParent OBJECT-TYPE
1214    SYNTAX	OCTET STRING
1215    MAX-ACCESS	read-only
1216    STATUS	current
1217    DESCRIPTION
1218	"Name of the queue's parent if it has one."
1219    ::= { pfAltqQueueEntry 3 }
1220
1221pfAltqQueueScheduler OBJECT-TYPE
1222    SYNTAX	INTEGER { cbq(1), hfsc(8), priq(11) }
1223    MAX-ACCESS	read-only
1224    STATUS	current
1225    DESCRIPTION
1226	"Scheduler algorithm implemented by this queue."
1227    ::= { pfAltqQueueEntry 4 }
1228
1229pfAltqQueueBandwidth OBJECT-TYPE
1230    SYNTAX	Unsigned32
1231    MAX-ACCESS	read-only
1232    STATUS	current
1233    DESCRIPTION
1234	"Bandwitch assigned to this queue."
1235    ::= { pfAltqQueueEntry 5 }
1236
1237pfAltqQueuePriority OBJECT-TYPE
1238    SYNTAX	Integer32
1239    MAX-ACCESS	read-only
1240    STATUS	current
1241    DESCRIPTION
1242	"Priority level of the queue."
1243    ::= { pfAltqQueueEntry 6 }
1244
1245pfAltqQueueLimit OBJECT-TYPE
1246    SYNTAX	Integer32
1247    MAX-ACCESS	read-only
1248    STATUS	current
1249    DESCRIPTION
1250	"Maximum number of packets in the queue."
1251    ::= { pfAltqQueueEntry 7 }
1252
1253pfLabelsLblNumber OBJECT-TYPE
1254    SYNTAX	Integer32
1255    MAX-ACCESS	read-only
1256    STATUS	current
1257    DESCRIPTION
1258	"The number of labeled filter rules on this system."
1259    ::= { pfLabels 1 }
1260
1261pfLabelsLblTable OBJECT-TYPE
1262    SYNTAX	SEQUENCE OF PfLabelsLblEntry
1263    MAX-ACCESS	not-accessible
1264    STATUS	current
1265    DESCRIPTION
1266	"Table of filter rules, index on pfLabelsLblIndex."
1267    ::= { pfLabels 2 }
1268
1269pfLabelsLblEntry OBJECT-TYPE
1270    SYNTAX	PfLabelsLblEntry
1271    MAX-ACCESS	not-accessible
1272    STATUS	current
1273    DESCRIPTION
1274	"Any entry in the pfLabelsLblTable containing information
1275	about a particular filter rule on the system."
1276    INDEX	{ pfLabelsLblIndex }
1277    ::= { pfLabelsLblTable 1 }
1278
1279PfLabelsLblEntry ::= SEQUENCE {
1280    pfLabelsLblIndex		Integer32,
1281    pfLabelsLblName		OCTET STRING,
1282    pfLabelsLblEvals		Counter64,
1283    pfLabelsLblBytesIn		Counter64,
1284    pfLabelsLblBytesOut		Counter64,
1285    pfLabelsLblPktsIn		Counter64,
1286    pfLabelsLblPktsOut		Counter64
1287}
1288
1289pfLabelsLblIndex OBJECT-TYPE
1290    SYNTAX	Integer32 (1..2147483647)
1291    MAX-ACCESS	not-accessible
1292    STATUS	current
1293    DESCRIPTION
1294	"A unique value, greater than zero, for each label."
1295    ::= { pfLabelsLblEntry 1 }
1296
1297pfLabelsLblName OBJECT-TYPE
1298    SYNTAX	OCTET STRING
1299    MAX-ACCESS	read-only
1300    STATUS	current
1301    DESCRIPTION
1302	"The name of the rule label."
1303    ::= { pfLabelsLblEntry 2 }
1304
1305pfLabelsLblEvals OBJECT-TYPE
1306    SYNTAX	Counter64
1307    MAX-ACCESS	read-only
1308    STATUS	current
1309    DESCRIPTION
1310	"The number of rule evaluations."
1311    ::= { pfLabelsLblEntry 3 }
1312
1313pfLabelsLblBytesIn OBJECT-TYPE
1314    SYNTAX	Counter64
1315    MAX-ACCESS	read-only
1316    STATUS	current
1317    DESCRIPTION
1318	"The number of incoming bytes matched by the rule."
1319    ::= { pfLabelsLblEntry 4 }
1320
1321pfLabelsLblBytesOut OBJECT-TYPE
1322    SYNTAX	Counter64
1323    MAX-ACCESS	read-only
1324    STATUS	current
1325    DESCRIPTION
1326	"The number of outgoing bytes matched by the rule."
1327    ::= { pfLabelsLblEntry 5 }
1328
1329pfLabelsLblPktsIn OBJECT-TYPE
1330    SYNTAX	Counter64
1331    MAX-ACCESS	read-only
1332    STATUS	current
1333    DESCRIPTION
1334	"The number of incoming packets matched by the rule."
1335    ::= { pfLabelsLblEntry 6 }
1336
1337pfLabelsLblPktsOut OBJECT-TYPE
1338    SYNTAX	Counter64
1339    MAX-ACCESS	read-only
1340    STATUS	current
1341    DESCRIPTION
1342	"The number of outgoing packets matched by the rule."
1343    ::= { pfLabelsLblEntry 7 }
1344
1345END
1346