xref: /freebsd/usr.sbin/bsnmpd/modules/snmp_pf/BEGEMOT-PF-MIB.txt (revision d876124d6ae9d56da5b4ff4c6015efd1d0c9222a)
1--
2-- ----------------------------------------------------------------------------
3-- "THE BEER-WARE LICENSE" (Revision 42):
4-- <philip@FreeBSD.org> wrote this file.  As long as you retain this notice you
5-- can do whatever you want with this stuff. If we meet some day, and you think
6-- this stuff is worth it, you can buy me a beer in return.   -Philip Paeps
7-- ----------------------------------------------------------------------------
8--
9-- $FreeBSD$
10--
11
12BEGEMOT-PF-MIB DEFINITIONS ::= BEGIN
13
14IMPORTS
15    MODULE-IDENTITY, OBJECT-TYPE, Counter64, Integer32,
16    TimeTicks, Unsigned32
17	FROM SNMPv2-SMI
18    TruthValue
19	FROM SNMPv2-TC
20    begemot
21	FROM BEGEMOT-MIB;
22
23begemotPf MODULE-IDENTITY
24    LAST-UPDATED "200501240000Z"
25    ORGANIZATION "NixSys BVBA"
26    CONTACT-INFO
27	    "		Philip Paeps
28
29	     Postal:	NixSys BVBA
30			Louizastraat 14
31			BE-2800 Mechelen
32			Belgium
33
34	     E-Mail:	philip@FreeBSD.org"
35    DESCRIPTION
36	    "The Begemot MIB for the pf packet filter."
37
38    ::= { begemot 200 }
39
40begemotPfObjects	OBJECT IDENTIFIER ::= { begemotPf 1 }
41
42-- --------------------------------------------------------------------------
43
44pfStatus		OBJECT IDENTIFIER ::= { begemotPfObjects 1 }
45pfCounter		OBJECT IDENTIFIER ::= { begemotPfObjects 2 }
46pfStateTable		OBJECT IDENTIFIER ::= { begemotPfObjects 3 }
47pfSrcNodes		OBJECT IDENTIFIER ::= { begemotPfObjects 4 }
48pfLimits		OBJECT IDENTIFIER ::= { begemotPfObjects 5 }
49pfTimeouts		OBJECT IDENTIFIER ::= { begemotPfObjects 6 }
50pfLogInterface		OBJECT IDENTIFIER ::= { begemotPfObjects 7 }
51pfInterfaces		OBJECT IDENTIFIER ::= { begemotPfObjects 8 }
52pfTables		OBJECT IDENTIFIER ::= { begemotPfObjects 9 }
53pfAltq			OBJECT IDENTIFIER ::= { begemotPfObjects 10 }
54
55-- --------------------------------------------------------------------------
56
57--
58-- status information
59--
60
61pfStatusRunning OBJECT-TYPE
62    SYNTAX	TruthValue
63    MAX-ACCESS	read-only
64    STATUS	current
65    DESCRIPTION
66	"True if pf is currently enabled."
67    ::= { pfStatus 1 }
68
69pfStatusRuntime OBJECT-TYPE
70    SYNTAX	TimeTicks
71    UNITS	"1/100th of a Second"
72    MAX-ACCESS	read-only
73    STATUS	current
74    DESCRIPTION
75	"Indicates how long pf has been enabled.  If pf is not currently
76	enabled, indicates how long it has been disabled.  If pf has not
77	been enabled or disabled since the system was started, the value
78	will be 0."
79    ::= { pfStatus 2 }
80
81pfStatusDebug OBJECT-TYPE
82    SYNTAX	INTEGER { none(0), urgent(1), misc(2), loud(3) }
83    MAX-ACCESS	read-only
84    STATUS	current
85    DESCRIPTION
86	"Indicates the debug level at which pf is running."
87    ::= { pfStatus 3 }
88
89pfStatusHostId OBJECT-TYPE
90    SYNTAX	OCTET STRING
91    MAX-ACCESS	read-only
92    STATUS	current
93    DESCRIPTION
94	"The (unique) host identifier of the machine running pf."
95    ::= { pfStatus 4 }
96
97-- --------------------------------------------------------------------------
98
99--
100-- counters
101--
102
103pfCounterMatch OBJECT-TYPE
104    SYNTAX	Counter64
105    MAX-ACCESS	read-only
106    STATUS	current
107    DESCRIPTION
108	"Number of packets that matched a filter rule."
109    ::= { pfCounter 1 }
110
111pfCounterBadOffset OBJECT-TYPE
112    SYNTAX	Counter64
113    MAX-ACCESS	read-only
114    STATUS	current
115    DESCRIPTION
116	"Number of packets with bad offset."
117    ::= { pfCounter 2 }
118
119pfCounterFragment OBJECT-TYPE
120    SYNTAX	Counter64
121    MAX-ACCESS	read-only
122    STATUS	current
123    DESCRIPTION
124	"Number of fragmented packets."
125    ::= { pfCounter 3 }
126
127pfCounterShort OBJECT-TYPE
128    SYNTAX	Counter64
129    MAX-ACCESS	read-only
130    STATUS	current
131    DESCRIPTION
132	"Number of short packets."
133    ::= { pfCounter 4 }
134
135pfCounterNormalize OBJECT-TYPE
136    SYNTAX	Counter64
137    MAX-ACCESS	read-only
138    STATUS	current
139    DESCRIPTION
140	"Number of normalized packets."
141    ::= { pfCounter 5 }
142
143pfCounterMemDrop OBJECT-TYPE
144    SYNTAX	Counter64
145    MAX-ACCESS	read-only
146    STATUS	current
147    DESCRIPTION
148	"Number of packets dropped due to memory limitations."
149    ::= { pfCounter 6 }
150
151-- --------------------------------------------------------------------------
152
153--
154-- state table
155--
156
157pfStateTableCount OBJECT-TYPE
158    SYNTAX	Unsigned32
159    MAX-ACCESS	read-only
160    STATUS	current
161    DESCRIPTION
162	"Number of entries in the state table."
163    ::= { pfStateTable 1 }
164
165pfStateTableSearches OBJECT-TYPE
166    SYNTAX	Counter64
167    MAX-ACCESS	read-only
168    STATUS	current
169    DESCRIPTION
170	"Number of searches against the state table."
171    ::= { pfStateTable 2 }
172
173pfStateTableInserts OBJECT-TYPE
174    SYNTAX	Counter64
175    MAX-ACCESS	read-only
176    STATUS	current
177    DESCRIPTION
178	"Number of entries inserted into the state table."
179    ::= { pfStateTable 3 }
180
181pfStateTableRemovals OBJECT-TYPE
182    SYNTAX	Counter64
183    MAX-ACCESS	read-only
184    STATUS	current
185    DESCRIPTION
186	"Number of entries removed from the state table."
187    ::= { pfStateTable 4 }
188
189-- --------------------------------------------------------------------------
190
191--
192-- source nodes
193--
194
195pfSrcNodesCount OBJECT-TYPE
196    SYNTAX	Unsigned32
197    MAX-ACCESS	read-only
198    STATUS	current
199    DESCRIPTION
200	"Number of entries in the source tracking table."
201    ::= { pfSrcNodes 1 }
202
203pfSrcNodesSearches OBJECT-TYPE
204    SYNTAX	Counter64
205    MAX-ACCESS	read-only
206    STATUS	current
207    DESCRIPTION
208	"Number of searches against the source tracking table."
209    ::= { pfSrcNodes 2 }
210
211pfSrcNodesInserts OBJECT-TYPE
212    SYNTAX	Counter64
213    MAX-ACCESS	read-only
214    STATUS	current
215    DESCRIPTION
216	"Number of entries inserted into the source tracking table."
217    ::= { pfSrcNodes 3 }
218
219pfSrcNodesRemovals OBJECT-TYPE
220    SYNTAX	Counter64
221    MAX-ACCESS	read-only
222    STATUS	current
223    DESCRIPTION
224	"Number of entries removed from the source tracking table."
225    ::= { pfSrcNodes 4 }
226
227-- --------------------------------------------------------------------------
228
229--
230-- limits
231--
232
233pfLimitsStates OBJECT-TYPE
234    SYNTAX	Unsigned32
235    MAX-ACCESS	read-only
236    STATUS	current
237    DESCRIPTION
238	"Maximum number of 'keep state' rules in the ruleset."
239    ::= { pfLimits 1 }
240
241pfLimitsSrcNodes OBJECT-TYPE
242    SYNTAX	Unsigned32
243    MAX-ACCESS	read-only
244    STATUS	current
245    DESCRIPTION
246	"Maximum number of 'sticky-address' or 'source-track' rules
247	in the ruleset."
248    ::= { pfLimits 2 }
249
250pfLimitsFrags OBJECT-TYPE
251    SYNTAX	Unsigned32
252    MAX-ACCESS	read-only
253    STATUS	current
254    DESCRIPTION
255	"Maximum number of 'scrub' rules in the ruleset."
256    ::= { pfLimits 3 }
257
258-- --------------------------------------------------------------------------
259
260--
261-- timeouts
262--
263
264pfTimeoutsTcpFirst OBJECT-TYPE
265    SYNTAX	Integer32
266    MAX-ACCESS	read-only
267    STATUS	current
268    DESCRIPTION
269	"State after the first packet in a connection."
270    ::= { pfTimeouts 1 }
271
272pfTimeoutsTcpOpening OBJECT-TYPE
273    SYNTAX	Integer32
274    MAX-ACCESS	read-only
275    STATUS	current
276    DESCRIPTION
277	"State before the destination host ever sends a packet."
278    ::= { pfTimeouts 2 }
279
280pfTimeoutsTcpEstablished OBJECT-TYPE
281    SYNTAX	Integer32
282    MAX-ACCESS	read-only
283    STATUS	current
284    DESCRIPTION
285	"The fully established state."
286    ::= { pfTimeouts 3 }
287
288pfTimeoutsTcpClosing OBJECT-TYPE
289    SYNTAX	Integer32
290    MAX-ACCESS	read-only
291    STATUS	current
292    DESCRIPTION
293	"State after the first FIN has been sent."
294    ::= { pfTimeouts 4 }
295
296pfTimeoutsTcpFinWait OBJECT-TYPE
297    SYNTAX	Integer32
298    MAX-ACCESS	read-only
299    STATUS	current
300    DESCRIPTION
301	"State after both FINs have been exchanged and the
302	connection is closed."
303    ::= { pfTimeouts 5 }
304
305pfTimeoutsTcpClosed OBJECT-TYPE
306    SYNTAX	Integer32
307    MAX-ACCESS	read-only
308    STATUS	current
309    DESCRIPTION
310	"State after one endpoint sends an RST."
311    ::= { pfTimeouts 6 }
312
313pfTimeoutsUdpFirst OBJECT-TYPE
314    SYNTAX	Integer32
315    MAX-ACCESS	read-only
316    STATUS	current
317    DESCRIPTION
318	"State after the first packet."
319    ::= { pfTimeouts 7 }
320
321pfTimeoutsUdpSingle OBJECT-TYPE
322    SYNTAX	Integer32
323    MAX-ACCESS	read-only
324    STATUS	current
325    DESCRIPTION
326	"State if the source host sends more than one packet but
327	the destination host has never sent one back."
328    ::= { pfTimeouts 8 }
329
330pfTimeoutsUdpMultiple OBJECT-TYPE
331    SYNTAX	Integer32
332    MAX-ACCESS	read-only
333    STATUS	current
334    DESCRIPTION
335	"State if both hosts have sent packets."
336    ::= { pfTimeouts 9 }
337
338pfTimeoutsIcmpFirst OBJECT-TYPE
339    SYNTAX	Integer32
340    MAX-ACCESS	read-only
341    STATUS	current
342    DESCRIPTION
343	"State after the first packet."
344    ::= { pfTimeouts 10 }
345
346pfTimeoutsIcmpError OBJECT-TYPE
347    SYNTAX	Integer32
348    MAX-ACCESS	read-only
349    STATUS	current
350    DESCRIPTION
351	"State after an ICMP error came back in response to an
352	ICMP packet."
353    ::= { pfTimeouts 11 }
354
355pfTimeoutsOtherFirst OBJECT-TYPE
356    SYNTAX	Integer32
357    MAX-ACCESS	read-only
358    STATUS	current
359    DESCRIPTION
360	"State after the first packet."
361    ::= { pfTimeouts 12 }
362
363pfTimeoutsOtherSingle OBJECT-TYPE
364    SYNTAX	Integer32
365    MAX-ACCESS	read-only
366    STATUS	current
367    DESCRIPTION
368	"State if the source host sends more than one packet but
369	the destination host has never sent one back."
370    ::= { pfTimeouts 13 }
371
372pfTimeoutsOtherMultiple OBJECT-TYPE
373    SYNTAX	Integer32
374    MAX-ACCESS	read-only
375    STATUS	current
376    DESCRIPTION
377	"State if both hosts have sent packets."
378    ::= { pfTimeouts 14 }
379
380pfTimeoutsFragment OBJECT-TYPE
381    SYNTAX	Integer32
382    MAX-ACCESS	read-only
383    STATUS	current
384    DESCRIPTION
385	"Seconds before an unassembled fragment is expired."
386    ::= { pfTimeouts 15 }
387
388pfTimeoutsInterval OBJECT-TYPE
389    SYNTAX	Integer32
390    MAX-ACCESS	read-only
391    STATUS	current
392    DESCRIPTION
393	"Interval between purging expired states and fragments."
394    ::= { pfTimeouts 16 }
395
396pfTimeoutsAdaptiveStart OBJECT-TYPE
397    SYNTAX	Integer32
398    MAX-ACCESS	read-only
399    STATUS	current
400    DESCRIPTION
401	"When the number of state entries exceeds this value,
402	adaptive scaling begins."
403    ::= { pfTimeouts 17 }
404
405pfTimeoutsAdaptiveEnd OBJECT-TYPE
406    SYNTAX	Integer32
407    MAX-ACCESS	read-only
408    STATUS	current
409    DESCRIPTION
410	"When reaching this number of state entries, all timeout
411	values become zero, effectively purging all state entries
412	immediately."
413    ::= { pfTimeouts 18 }
414
415pfTimeoutsSrcNode OBJECT-TYPE
416    SYNTAX	Integer32
417    MAX-ACCESS	read-only
418    STATUS	current
419    DESCRIPTION
420	"Length of time to retain a source tracking entry after
421	the last state expires."
422    ::= { pfTimeouts 19 }
423
424-- --------------------------------------------------------------------------
425
426--
427-- log interface
428--
429
430pfLogInterfaceName OBJECT-TYPE
431    SYNTAX	OCTET STRING
432    MAX-ACCESS	read-only
433    STATUS	current
434    DESCRIPTION
435	"The name of the interface configured with 'set loginterface'.
436	If no interface has been configured, the object will be empty."
437    ::= { pfLogInterface 1 }
438
439pfLogInterfaceIp4BytesIn OBJECT-TYPE
440    SYNTAX	Counter64
441    MAX-ACCESS	read-only
442    STATUS	current
443    DESCRIPTION
444	"Number of IPv4 bytes passed in on the loginterface."
445    ::= { pfLogInterface 2 }
446
447pfLogInterfaceIp4BytesOut OBJECT-TYPE
448    SYNTAX	Counter64
449    MAX-ACCESS	read-only
450    STATUS	current
451    DESCRIPTION
452	"Number of IPv4 bytes passed out on the loginterface."
453    ::= { pfLogInterface 3 }
454
455pfLogInterfaceIp4PktsInPass OBJECT-TYPE
456    SYNTAX	Counter64
457    MAX-ACCESS	read-only
458    STATUS	current
459    DESCRIPTION
460	"Number of IPv4 packets passed in on the loginterface."
461    ::= { pfLogInterface 4 }
462
463pfLogInterfaceIp4PktsInDrop OBJECT-TYPE
464    SYNTAX	Counter64
465    MAX-ACCESS	read-only
466    STATUS	current
467    DESCRIPTION
468	"Number of IPv4 packets dropped coming in on the loginterface."
469    ::= { pfLogInterface 5 }
470
471pfLogInterfaceIp4PktsOutPass OBJECT-TYPE
472    SYNTAX	Counter64
473    MAX-ACCESS	read-only
474    STATUS	current
475    DESCRIPTION
476	"Number of IPv4 packets passed out on the loginterface."
477    ::= { pfLogInterface 6 }
478
479pfLogInterfaceIp4PktsOutDrop OBJECT-TYPE
480    SYNTAX	Counter64
481    MAX-ACCESS	read-only
482    STATUS	current
483    DESCRIPTION
484	"Number of IPv4 packets dropped going out on the loginterface."
485    ::= { pfLogInterface 7 }
486
487pfLogInterfaceIp6BytesIn OBJECT-TYPE
488    SYNTAX	Counter64
489    MAX-ACCESS	read-only
490    STATUS	current
491    DESCRIPTION
492	"Number of IPv6 bytes passed in on the loginterface."
493    ::= { pfLogInterface 8 }
494
495pfLogInterfaceIp6BytesOut OBJECT-TYPE
496    SYNTAX	Counter64
497    MAX-ACCESS	read-only
498    STATUS	current
499    DESCRIPTION
500	"Number of IPv6 bytes passed out on the loginterface."
501    ::= { pfLogInterface 9 }
502
503pfLogInterfaceIp6PktsInPass OBJECT-TYPE
504    SYNTAX	Counter64
505    MAX-ACCESS	read-only
506    STATUS	current
507    DESCRIPTION
508	"Number of IPv6 packets passed in on the loginterface."
509    ::= { pfLogInterface 10 }
510
511pfLogInterfaceIp6PktsInDrop OBJECT-TYPE
512    SYNTAX	Counter64
513    MAX-ACCESS	read-only
514    STATUS	current
515    DESCRIPTION
516	"Number of IPv6 packets dropped coming in on the loginterface."
517    ::= { pfLogInterface 11 }
518
519pfLogInterfaceIp6PktsOutPass OBJECT-TYPE
520    SYNTAX	Counter64
521    MAX-ACCESS	read-only
522    STATUS	current
523    DESCRIPTION
524	"Number of IPv6 packets passed out on the loginterface."
525    ::= { pfLogInterface 12 }
526
527pfLogInterfaceIp6PktsOutDrop OBJECT-TYPE
528    SYNTAX	Counter64
529    MAX-ACCESS	read-only
530    STATUS	current
531    DESCRIPTION
532	"Number of IPv6 packets dropped going out on the loginterface."
533    ::= { pfLogInterface 13 }
534
535-- --------------------------------------------------------------------------
536
537--
538-- interfaces
539--
540
541pfInterfacesIfNumber OBJECT-TYPE
542    SYNTAX	Integer32
543    MAX-ACCESS	read-only
544    STATUS	current
545    DESCRIPTION
546	"The number of network interfaces on this system."
547    ::= { pfInterfaces 1 }
548
549pfInterfacesIfTable OBJECT-TYPE
550    SYNTAX	SEQUENCE OF PfInterfacesIfEntry
551    MAX-ACCESS	not-accessible
552    STATUS	current
553    DESCRIPTION
554	"Table of network interfaces, indexed on pfInterfacesIfNumber."
555    ::= { pfInterfaces 2 }
556
557pfInterfacesIfEntry OBJECT-TYPE
558    SYNTAX	PfInterfacesIfEntry
559    MAX-ACCESS	not-accessible
560    STATUS	current
561    DESCRIPTION
562	"An entry in the pfInterfacesIfTable containing information
563	about a particular network interface in the machine."
564    INDEX	{ pfInterfacesIfIndex }
565    ::= { pfInterfacesIfTable 1 }
566
567PfInterfacesIfEntry ::= SEQUENCE {
568    pfInterfacesIfIndex		    Integer32,
569    pfInterfacesIfDescr		    OCTET STRING,
570    pfInterfacesIfType		    INTEGER,
571    pfInterfacesIfTZero		    TimeTicks,
572    pfInterfacesIfRefsState	    Unsigned32,
573    pfInterfacesIfRefsRule	    Unsigned32,
574    pfInterfacesIf4BytesInPass	    Counter64,
575    pfInterfacesIf4BytesInBlock	    Counter64,
576    pfInterfacesIf4BytesOutPass	    Counter64,
577    pfInterfacesIf4BytesOutBlock    Counter64,
578    pfInterfacesIf4PktsInPass	    Counter64,
579    pfInterfacesIf4PktsInBlock	    Counter64,
580    pfInterfacesIf4PktsOutPass	    Counter64,
581    pfInterfacesIf4PktsOutBlock	    Counter64,
582    pfInterfacesIf6BytesInPass	    Counter64,
583    pfInterfacesIf6BytesInBlock	    Counter64,
584    pfInterfacesIf6BytesOutPass	    Counter64,
585    pfInterfacesIf6BytesOutBlock    Counter64,
586    pfInterfacesIf6PktsInPass	    Counter64,
587    pfInterfacesIf6PktsInBlock	    Counter64,
588    pfInterfacesIf6PktsOutPass	    Counter64,
589    pfInterfacesIf6PktsOutBlock	    Counter64
590}
591
592pfInterfacesIfIndex OBJECT-TYPE
593    SYNTAX	Integer32 (1..2147483647)
594    MAX-ACCESS	not-accessible
595    STATUS	current
596    DESCRIPTION
597	"A unique value, greater than zero, for each interface."
598    ::= { pfInterfacesIfEntry 1 }
599
600pfInterfacesIfDescr OBJECT-TYPE
601    SYNTAX	OCTET STRING
602    MAX-ACCESS	read-only
603    STATUS	current
604    DESCRIPTION
605	"The name of the interface."
606    ::= { pfInterfacesIfEntry 2 }
607
608pfInterfacesIfType OBJECT-TYPE
609    SYNTAX	INTEGER { group(0), instance(1), detached(2) }
610    MAX-ACCESS	read-only
611    STATUS	current
612    DESCRIPTION
613	"Indicates whether the interface is a group inteface, an
614	interface instance, or whether it has been removed or
615	destroyed."
616    ::= { pfInterfacesIfEntry 3 }
617
618pfInterfacesIfTZero OBJECT-TYPE
619    SYNTAX	TimeTicks
620    UNITS	"1/100th of a Second"
621    MAX-ACCESS	read-only
622    STATUS	current
623    DESCRIPTION
624	"Time since statistics were last reset or since the
625	interface was loaded."
626    ::= { pfInterfacesIfEntry 4 }
627
628pfInterfacesIfRefsState OBJECT-TYPE
629    SYNTAX	Unsigned32
630    MAX-ACCESS	read-only
631    STATUS	current
632    DESCRIPTION
633	"The number of state and/or source track entries referencing
634	this interface."
635    ::= { pfInterfacesIfEntry 5 }
636
637pfInterfacesIfRefsRule OBJECT-TYPE
638    SYNTAX	Unsigned32
639    MAX-ACCESS	read-only
640    STATUS	current
641    DESCRIPTION
642	"The number of rules referencing this interface."
643    ::= { pfInterfacesIfEntry 6 }
644
645pfInterfacesIf4BytesInPass OBJECT-TYPE
646    SYNTAX	Counter64
647    MAX-ACCESS	read-only
648    STATUS	current
649    DESCRIPTION
650	"The number of IPv4 bytes passed coming in on this interface."
651    ::= { pfInterfacesIfEntry 7 }
652
653pfInterfacesIf4BytesInBlock OBJECT-TYPE
654    SYNTAX	Counter64
655    MAX-ACCESS	read-only
656    STATUS	current
657    DESCRIPTION
658	"The number of IPv4 bytes blocked coming in on this interface."
659    ::= { pfInterfacesIfEntry 8 }
660
661pfInterfacesIf4BytesOutPass OBJECT-TYPE
662    SYNTAX	Counter64
663    MAX-ACCESS	read-only
664    STATUS	current
665    DESCRIPTION
666	"The number of IPv4 bytes passed going out on this interface."
667    ::= { pfInterfacesIfEntry 9 }
668
669pfInterfacesIf4BytesOutBlock OBJECT-TYPE
670    SYNTAX	Counter64
671    MAX-ACCESS	read-only
672    STATUS	current
673    DESCRIPTION
674	"The number of IPv4 bytes blocked going out on this interface."
675    ::= { pfInterfacesIfEntry 10 }
676
677pfInterfacesIf4PktsInPass OBJECT-TYPE
678    SYNTAX	Counter64
679    MAX-ACCESS	read-only
680    STATUS	current
681    DESCRIPTION
682	"The number of IPv4 packets passed coming in on this interface."
683    ::= { pfInterfacesIfEntry 11 }
684
685pfInterfacesIf4PktsInBlock OBJECT-TYPE
686    SYNTAX	Counter64
687    MAX-ACCESS	read-only
688    STATUS	current
689    DESCRIPTION
690	"The number of IPv4 packets blocked coming in on this interface."
691    ::= { pfInterfacesIfEntry 12 }
692
693pfInterfacesIf4PktsOutPass OBJECT-TYPE
694    SYNTAX	Counter64
695    MAX-ACCESS	read-only
696    STATUS	current
697    DESCRIPTION
698	"The number of IPv4 packets passed going out on this interface."
699    ::= { pfInterfacesIfEntry 13 }
700
701pfInterfacesIf4PktsOutBlock OBJECT-TYPE
702    SYNTAX	Counter64
703    MAX-ACCESS	read-only
704    STATUS	current
705    DESCRIPTION
706	"The number of IPv4 packets blocked going out on this interface."
707    ::= { pfInterfacesIfEntry 14 }
708
709pfInterfacesIf6BytesInPass OBJECT-TYPE
710    SYNTAX	Counter64
711    MAX-ACCESS	read-only
712    STATUS	current
713    DESCRIPTION
714	"The number of IPv6 bytes passed coming in on this interface."
715    ::= { pfInterfacesIfEntry 15 }
716
717pfInterfacesIf6BytesInBlock OBJECT-TYPE
718    SYNTAX	Counter64
719    MAX-ACCESS	read-only
720    STATUS	current
721    DESCRIPTION
722	"The number of IPv6 bytes blocked coming in on this interface."
723    ::= { pfInterfacesIfEntry 16 }
724
725pfInterfacesIf6BytesOutPass OBJECT-TYPE
726    SYNTAX	Counter64
727    MAX-ACCESS	read-only
728    STATUS	current
729    DESCRIPTION
730	"The number of IPv6 bytes passed going out on this interface."
731    ::= { pfInterfacesIfEntry 17 }
732
733pfInterfacesIf6BytesOutBlock OBJECT-TYPE
734    SYNTAX	Counter64
735    MAX-ACCESS	read-only
736    STATUS	current
737    DESCRIPTION
738	"The number of IPv6 bytes blocked going out on this interface."
739    ::= { pfInterfacesIfEntry 18 }
740
741
742pfInterfacesIf6PktsInPass OBJECT-TYPE
743    SYNTAX	Counter64
744    MAX-ACCESS	read-only
745    STATUS	current
746    DESCRIPTION
747	"The number of IPv6 packets passed coming in on this interface."
748    ::= { pfInterfacesIfEntry 19 }
749
750pfInterfacesIf6PktsInBlock OBJECT-TYPE
751    SYNTAX	Counter64
752    MAX-ACCESS	read-only
753    STATUS	current
754    DESCRIPTION
755	"The number of IPv6 packets blocked coming in on this interface."
756    ::= { pfInterfacesIfEntry 20 }
757
758pfInterfacesIf6PktsOutPass OBJECT-TYPE
759    SYNTAX	Counter64
760    MAX-ACCESS	read-only
761    STATUS	current
762    DESCRIPTION
763	"The number of IPv6 packets passed going out on this interface."
764    ::= { pfInterfacesIfEntry 21 }
765
766pfInterfacesIf6PktsOutBlock OBJECT-TYPE
767    SYNTAX	Counter64
768    MAX-ACCESS	read-only
769    STATUS	current
770    DESCRIPTION
771	"The number of IPv6 packets blocked going out on this interface."
772    ::= { pfInterfacesIfEntry 22 }
773
774-- --------------------------------------------------------------------------
775
776--
777-- tables
778--
779
780pfTablesTblNumber OBJECT-TYPE
781    SYNTAX	Integer32
782    MAX-ACCESS	read-only
783    STATUS	current
784    DESCRIPTION
785	"The number of tables on this system."
786    ::= { pfTables 1 }
787
788pfTablesTblTable OBJECT-TYPE
789    SYNTAX	SEQUENCE OF PfTablesTblEntry
790    MAX-ACCESS	not-accessible
791    STATUS	current
792    DESCRIPTION
793	"Table of tables, index on pfTablesTblIndex."
794    ::= { pfTables 2 }
795
796pfTablesTblEntry OBJECT-TYPE
797    SYNTAX	PfTablesTblEntry
798    MAX-ACCESS	not-accessible
799    STATUS	current
800    DESCRIPTION
801	"Any entry in the pfTablesTblTable containing information
802	about a particular table on the system."
803    INDEX	{ pfTablesTblIndex }
804    ::= { pfTablesTblTable 1 }
805
806PfTablesTblEntry ::= SEQUENCE {
807    pfTablesTblIndex		    Integer32,
808    pfTablesTblDescr		    OCTET STRING,
809    pfTablesTblCount		    Integer32,
810    pfTablesTblTZero		    TimeTicks,
811    pfTablesTblRefsAnchor	    Integer32,
812    pfTablesTblRefsRule		    Integer32,
813    pfTablesTblEvalMatch	    Counter64,
814    pfTablesTblEvalNoMatch	    Counter64,
815    pfTablesTblBytesInPass	    Counter64,
816    pfTablesTblBytesInBlock	    Counter64,
817    pfTablesTblBytesInXPass	    Counter64,
818    pfTablesTblBytesOutPass	    Counter64,
819    pfTablesTblBytesOutBlock	    Counter64,
820    pfTablesTblBytesOutXPass	    Counter64,
821    pfTablesTblPktsInPass	    Counter64,
822    pfTablesTblPktsInBlock	    Counter64,
823    pfTablesTblPktsInXPass	    Counter64,
824    pfTablesTblPktsOutPass	    Counter64,
825    pfTablesTblPktsOutBlock	    Counter64,
826    pfTablesTblPktsOutXPass	    Counter64
827}
828
829pfTablesTblIndex OBJECT-TYPE
830    SYNTAX	Integer32 (1..2147483647)
831    MAX-ACCESS  not-accessible
832    STATUS	current
833    DESCRIPTION
834        "A unique value, greater than zero, for each table."
835    ::= { pfTablesTblEntry 1 }
836
837pfTablesTblDescr OBJECT-TYPE
838    SYNTAX	OCTET STRING
839    MAX-ACCESS  read-only
840    STATUS	current
841    DESCRIPTION
842        "The name of the table."
843    ::= { pfTablesTblEntry 2 }
844
845pfTablesTblCount OBJECT-TYPE
846    SYNTAX	Integer32
847    MAX-ACCESS  read-only
848    STATUS	current
849    DESCRIPTION
850        "The number of addresses in the table."
851    ::= { pfTablesTblEntry 3 }
852
853pfTablesTblTZero OBJECT-TYPE
854    SYNTAX	TimeTicks
855    UNITS	"1/100th of a Second"
856    MAX-ACCESS  read-only
857    STATUS	current
858    DESCRIPTION
859        "The time passed since the statistics of this table were last
860        cleared or the time since this table was loaded, whichever is
861        sooner."
862    ::= { pfTablesTblEntry 4 }
863
864pfTablesTblRefsAnchor OBJECT-TYPE
865    SYNTAX	Integer32
866    MAX-ACCESS  read-only
867    STATUS	current
868    DESCRIPTION
869        "The number of anchors referencing this table."
870    ::= { pfTablesTblEntry 5 }
871
872pfTablesTblRefsRule OBJECT-TYPE
873    SYNTAX	Integer32
874    MAX-ACCESS  read-only
875    STATUS	current
876    DESCRIPTION
877        "The number of rules referencing this table."
878    ::= { pfTablesTblEntry 6 }
879
880pfTablesTblEvalMatch OBJECT-TYPE
881    SYNTAX	Counter64
882    MAX-ACCESS  read-only
883    STATUS	current
884    DESCRIPTION
885        "The number of evaluations returning a match."
886    ::= { pfTablesTblEntry 7 }
887
888pfTablesTblEvalNoMatch OBJECT-TYPE
889    SYNTAX	Counter64
890    MAX-ACCESS  read-only
891    STATUS	current
892    DESCRIPTION
893        "The number of evaluations not returning a match."
894    ::= { pfTablesTblEntry 8 }
895
896pfTablesTblBytesInPass OBJECT-TYPE
897    SYNTAX	Counter64
898    MAX-ACCESS  read-only
899    STATUS	current
900    DESCRIPTION
901        "The number of bytes passed in matching the table."
902    ::= { pfTablesTblEntry 9 }
903
904pfTablesTblBytesInBlock	OBJECT-TYPE
905    SYNTAX	Counter64
906    MAX-ACCESS  read-only
907    STATUS	current
908    DESCRIPTION
909        "The number of bytes blocked coming in matching the table."
910    ::= { pfTablesTblEntry 10 }
911
912pfTablesTblBytesInXPass OBJECT-TYPE
913    SYNTAX	Counter64
914    MAX-ACCESS  read-only
915    STATUS	current
916    DESCRIPTION
917        "The number of bytes statefully passed in where the state
918        entry refers to the table, but the table no longer contains
919	the address in question."
920    ::= { pfTablesTblEntry 11 }
921
922pfTablesTblBytesOutPass	OBJECT-TYPE
923    SYNTAX	Counter64
924    MAX-ACCESS  read-only
925    STATUS	current
926    DESCRIPTION
927        "The number of bytes passed out matching the table."
928    ::= { pfTablesTblEntry 12 }
929
930pfTablesTblBytesOutBlock OBJECT-TYPE
931    SYNTAX	Counter64
932    MAX-ACCESS  read-only
933    STATUS	current
934    DESCRIPTION
935        "The number of bytes blocked going out matching the table."
936    ::= { pfTablesTblEntry 13 }
937
938pfTablesTblBytesOutXPass OBJECT-TYPE
939    SYNTAX	Counter64
940    MAX-ACCESS  read-only
941    STATUS	current
942    DESCRIPTION
943        "The number of bytes statefully passed out where the state
944        entry refers to the table, but the table no longer contains
945	the address in question."
946    ::= { pfTablesTblEntry 14 }
947
948pfTablesTblPktsInPass OBJECT-TYPE
949    SYNTAX	Counter64
950    MAX-ACCESS  read-only
951    STATUS	current
952    DESCRIPTION
953        "The number of packets passed in matching the table."
954    ::= { pfTablesTblEntry 15 }
955
956pfTablesTblPktsInBlock OBJECT-TYPE
957    SYNTAX	Counter64
958    MAX-ACCESS  read-only
959    STATUS	current
960    DESCRIPTION
961        "The number of packets blocked coming in matching the table."
962    ::= { pfTablesTblEntry 16 }
963
964pfTablesTblPktsInXPass OBJECT-TYPE
965    SYNTAX	Counter64
966    MAX-ACCESS  read-only
967    STATUS	current
968    DESCRIPTION
969        "The number of packets statefully passed in where the state
970        entry refers to the table, but the table no longer contains
971	the address in question."
972    ::= { pfTablesTblEntry 17 }
973
974pfTablesTblPktsOutPass OBJECT-TYPE
975    SYNTAX	Counter64
976    MAX-ACCESS  read-only
977    STATUS	current
978    DESCRIPTION
979        "The number of packets passed out matching the table."
980    ::= { pfTablesTblEntry 18 }
981
982pfTablesTblPktsOutBlock OBJECT-TYPE
983    SYNTAX	Counter64
984    MAX-ACCESS  read-only
985    STATUS	current
986    DESCRIPTION
987        "The number of packets blocked going out matching the table."
988    ::= { pfTablesTblEntry 19 }
989
990pfTablesTblPktsOutXPass OBJECT-TYPE
991    SYNTAX	Counter64
992    MAX-ACCESS  read-only
993    STATUS	current
994    DESCRIPTION
995        "The number of packets statefully passed out where the state
996        entry refers to the table, but the table no longer contains
997	the address in question."
998    ::= { pfTablesTblEntry 20 }
999
1000pfTablesAddrTable OBJECT-TYPE
1001    SYNTAX	SEQUENCE OF PfTablesAddrEntry
1002    MAX-ACCESS  not-accessible
1003    STATUS	current
1004    DESCRIPTION
1005        "Table of addresses from every table on the system."
1006    ::= { pfTables 3 }
1007
1008pfTablesAddrEntry OBJECT-TYPE
1009    SYNTAX	PfTablesAddrEntry
1010    MAX-ACCESS  not-accessible
1011    STATUS	current
1012    DESCRIPTION
1013        "An entry in the pfTablesAddrTable containing information
1014        about a particular entry in a table."
1015    INDEX	{ pfTablesAddrIndex }
1016    ::= { pfTablesAddrTable 1 }
1017
1018PfTablesAddrEntry ::= SEQUENCE {
1019    pfTablesAddrIndex		    Integer32,
1020    pfTablesAddrNet		    IpAddress,
1021    pfTablesAddrMask		    Integer32,
1022    pfTablesAddrTZero		    TimeTicks,
1023    pfTablesAddrBytesInPass	    Counter64,
1024    pfTablesAddrBytesInBlock	    Counter64,
1025    pfTablesAddrBytesOutPass	    Counter64,
1026    pfTablesAddrBytesOutBlock	    Counter64,
1027    pfTablesAddrPktsInPass	    Counter64,
1028    pfTablesAddrPktsInBlock	    Counter64,
1029    pfTablesAddrPktsOutPass	    Counter64,
1030    pfTablesAddrPktsOutBlock	    Counter64
1031}
1032
1033pfTablesAddrIndex OBJECT-TYPE
1034    SYNTAX	Integer32 (1..2147483647)
1035    MAX-ACCESS  not-accessible
1036    STATUS	current
1037    DESCRIPTION
1038        "A unique value, greater than zero, for each address."
1039    ::= { pfTablesAddrEntry 1 }
1040
1041pfTablesAddrNet OBJECT-TYPE
1042    SYNTAX	IpAddress
1043    MAX-ACCESS  read-only
1044    STATUS	current
1045    DESCRIPTION
1046        "The IP address of this particular table entry."
1047    ::= { pfTablesAddrEntry 2 }
1048
1049pfTablesAddrMask OBJECT-TYPE
1050    SYNTAX	Integer32 (0..32)
1051    MAX-ACCESS  read-only
1052    STATUS	current
1053    DESCRIPTION
1054        "The CIDR netmask of this particular table entry."
1055    ::= { pfTablesAddrEntry 3 }
1056
1057pfTablesAddrTZero OBJECT-TYPE
1058    SYNTAX	TimeTicks
1059    UNITS	"1/100th of a Second"
1060    MAX-ACCESS  read-only
1061    STATUS	current
1062    DESCRIPTION
1063        "The time passed since this entry's statistics were last
1064	cleared, or the time passed since this entry was loaded
1065	into the table, whichever is sooner."
1066    ::= { pfTablesAddrEntry 4 }
1067
1068pfTablesAddrBytesInPass OBJECT-TYPE
1069    SYNTAX	Counter64
1070    MAX-ACCESS  read-only
1071    STATUS	current
1072    DESCRIPTION
1073        "The number of inbound bytes passed as a result of this entry."
1074    ::= { pfTablesAddrEntry 5 }
1075
1076pfTablesAddrBytesInBlock OBJECT-TYPE
1077    SYNTAX	Counter64
1078    MAX-ACCESS  read-only
1079    STATUS	current
1080    DESCRIPTION
1081        "The number of inbound bytes blocked as a result of this entry."
1082    ::= { pfTablesAddrEntry 6 }
1083
1084pfTablesAddrBytesOutPass OBJECT-TYPE
1085    SYNTAX	Counter64
1086    MAX-ACCESS  read-only
1087    STATUS	current
1088    DESCRIPTION
1089        "The number of outbound bytes passed as a result of this entry."
1090    ::= { pfTablesAddrEntry 7 }
1091
1092pfTablesAddrBytesOutBlock OBJECT-TYPE
1093    SYNTAX	Counter64
1094    MAX-ACCESS  read-only
1095    STATUS	current
1096    DESCRIPTION
1097        "The number of outbound bytes blocked as a result of this entry."
1098    ::= { pfTablesAddrEntry 8 }
1099
1100pfTablesAddrPktsInPass OBJECT-TYPE
1101    SYNTAX	Counter64
1102    MAX-ACCESS  read-only
1103    STATUS	current
1104    DESCRIPTION
1105        "The number of inbound packets passed as a result of this entry."
1106    ::= { pfTablesAddrEntry 9 }
1107
1108pfTablesAddrPktsInBlock OBJECT-TYPE
1109    SYNTAX	Counter64
1110    MAX-ACCESS  read-only
1111    STATUS	current
1112    DESCRIPTION
1113        "The number of inbound packets blocked as a result of this entry."
1114    ::= { pfTablesAddrEntry 10 }
1115
1116pfTablesAddrPktsOutPass OBJECT-TYPE
1117    SYNTAX	Counter64
1118    MAX-ACCESS  read-only
1119    STATUS	current
1120    DESCRIPTION
1121        "The number of outbound packets passed as a result of this entry."
1122    ::= { pfTablesAddrEntry 11 }
1123
1124pfTablesAddrPktsOutBlock OBJECT-TYPE
1125    SYNTAX	Counter64
1126    MAX-ACCESS  read-only
1127    STATUS	current
1128    DESCRIPTION
1129        "The number of outbound packets blocked as a result of this
1130        entry."
1131    ::= { pfTablesAddrEntry 12 }
1132
1133-- --------------------------------------------------------------------------
1134
1135--
1136-- Altq information
1137--
1138
1139pfAltqQueueNumber OBJECT-TYPE
1140    SYNTAX	Unsigned32
1141    MAX-ACCESS	read-only
1142    STATUS	current
1143    DESCRIPTION
1144	"The number of queues in the active set."
1145    ::= { pfAltq 1 }
1146
1147pfAltqQueueTable OBJECT-TYPE
1148    SYNTAX	SEQUENCE OF PfAltqQueueEntry
1149    MAX-ACCESS	not-accessible
1150    STATUS	current
1151    DESCRIPTION
1152	"Table containing the rules that are active on this system."
1153    ::= { pfAltq 2 }
1154
1155pfAltqQueueEntry OBJECT-TYPE
1156    SYNTAX	PfAltqQueueEntry
1157    MAX-ACCESS	not-accessible
1158    STATUS	current
1159    DESCRIPTION
1160	"An entry in the pfAltqQueueTable table."
1161    INDEX	{ pfAltqQueueIndex }
1162    ::= { pfAltqQueueTable 1 }
1163
1164PfAltqQueueEntry ::= SEQUENCE {
1165    pfAltqQueueIndex		    Integer32,
1166    pfAltqQueueDescr		    OCTET STRING,
1167    pfAltqQueueParent		    OCTET STRING,
1168    pfAltqQueueScheduler	    INTEGER,
1169    pfAltqQueueBandwidth	    Unsigned32,
1170    pfAltqQueuePriority		    Integer32,
1171    pfAltqQueueLimit		    Integer32
1172}
1173
1174pfAltqQueueIndex OBJECT-TYPE
1175    SYNTAX	Integer32 (1..2147483647)
1176    MAX-ACCESS	not-accessible
1177    STATUS	current
1178    DESCRIPTION
1179	"A unique value, greater than zero, for each queue."
1180    ::= { pfAltqQueueEntry 1 }
1181
1182pfAltqQueueDescr OBJECT-TYPE
1183    SYNTAX	OCTET STRING
1184    MAX-ACCESS	read-only
1185    STATUS	current
1186    DESCRIPTION
1187	"The name of the queue."
1188    ::= { pfAltqQueueEntry 2 }
1189
1190pfAltqQueueParent OBJECT-TYPE
1191    SYNTAX	OCTET STRING
1192    MAX-ACCESS	read-only
1193    STATUS	current
1194    DESCRIPTION
1195	"Name of the queue's parent if it has one."
1196    ::= { pfAltqQueueEntry 3 }
1197
1198pfAltqQueueScheduler OBJECT-TYPE
1199    SYNTAX	INTEGER { cbq(1), hfsc(8), priq(11) }
1200    MAX-ACCESS	read-only
1201    STATUS	current
1202    DESCRIPTION
1203	"Scheduler algorithm implemented by this queue."
1204    ::= { pfAltqQueueEntry 4 }
1205
1206pfAltqQueueBandwidth OBJECT-TYPE
1207    SYNTAX	Unsigned32
1208    MAX-ACCESS	read-only
1209    STATUS	current
1210    DESCRIPTION
1211	"Bandwitch assigned to this queue."
1212    ::= { pfAltqQueueEntry 5 }
1213
1214pfAltqQueuePriority OBJECT-TYPE
1215    SYNTAX	Integer32
1216    MAX-ACCESS	read-only
1217    STATUS	current
1218    DESCRIPTION
1219	"Priority level of the queue."
1220    ::= { pfAltqQueueEntry 6 }
1221
1222pfAltqQueueLimit OBJECT-TYPE
1223    SYNTAX	Integer32
1224    MAX-ACCESS	read-only
1225    STATUS	current
1226    DESCRIPTION
1227	"Maximum number of packets in the queue."
1228    ::= { pfAltqQueueEntry 7 }
1229
1230END
1231