RFC 4639
Cable Device Management Information Base for Data-Over-Cable Service Interface Specification (DOCSIS) Compliant Cable Modems and Cable Modem Termination Systems
docsDevServerTimeAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address of docsDevServerTimeAddress. If
no time server exists, this value should return
unknown(0)."
::= { docsDevServer 8 }
docsDevServerTimeAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Internet address of the RFC 868 Time server,
as provided by DHCP option 4.
Note that if multiple values are provided to the
CM in DHCP option 4, the value of this MIB object
MUST be the Time server address from which the Time
of Day reference was acquired as based on the DOCSIS
RFI specification. During the period of time where
the Time of Day have not been acquired, the Time
server address reported by the CM may report the
first address value in the DHCP option value or the
last server address the CM attempted to get the Time
of day value.
Returns the zero-length octet string if the time server
IP address is not provisioned."
REFERENCE
"DOCSIS RFI 1.1 Specification, Section 9.2.7. and
DOCSIS RFI 2.0 Specification, Section 11.2.7."
::= { docsDevServer 9 }
docsDevServerConfigTftpAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address of docsDevServerConfigTftpAddress.
If no TFTP server exists, this value should return
unknown(0)."
::= { docsDevServer 10 }
docsDevServerConfigTftpAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The internet address of the TFTP server responsible for
downloading provisioning and configuration parameters
to this device. Returns the zero-length octet string if
the config server address is unknown. There are certain
security risks that are involved with using TFTP."
REFERENCE
"RFC 3617, Section 5"
::= { docsDevServer 11 }
--
-- Event Reporting
--
docsDevEvent OBJECT IDENTIFIER ::= { docsDevMIBObjects 5 }
docsDevEvControl OBJECT-TYPE
SYNTAX INTEGER {
resetLog(1),
useDefaultReporting(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to resetLog(1) empties the event
log. All data is deleted. Setting it to
useDefaultReporting(2) returns all event priorities to
their factory-default reporting. Reading this object
always returns useDefaultReporting(2)."
::= { docsDevEvent 1 }
docsDevEvSyslog OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"The IP address of the Syslog server. If 0.0.0.0, either
syslog transmission is inhibited, or the Syslog server
address is not an IPv4 address.
This object is deprecated and is replaced by
docsDevEvSyslogAddress."
::= { docsDevEvent 2 }
docsDevEvThrottleAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
unconstrained(1),
maintainBelowThreshold(2),
stopAtThreshold(3),
inhibited(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls the transmission of traps and syslog messages
with respect to the trap pacing threshold.
unconstrained(1) causes traps and syslog messages to be
transmitted without regard to the threshold settings.
maintainBelowThreshold(2) causes trap transmission and
syslog messages to be suppressed if the number of traps
would otherwise exceed the threshold.
stopAtThreshold(3) causes trap transmission to cease at
the threshold and not to resume until directed to do so.
inhibited(4) causes all trap transmission and syslog
messages to be suppressed.
A single event is always treated as a single event for
threshold counting. That is, an event causing both a
trap and a syslog message is still treated as a single
event.
Writing to this object resets the thresholding state."
DEFVAL { unconstrained }
::= { docsDevEvent 3 }
docsDevEvThrottleInhibited OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"If true(1), trap and syslog transmission is currently
inhibited due to thresholds and/or the current setting
of docsDevEvThrottleAdminStatus. In addition, this is
true(1) when transmission is inhibited because no
syslog (docsDevEvSyslog) or trap (docsDevNmAccessEntry)
destinations have been set.
This object is deprecated and is replaced by
docsDevEvThrottleThresholdExceeded."
::= { docsDevEvent 4 }
docsDevEvThrottleThreshold OBJECT-TYPE
SYNTAX Unsigned32
UNITS "events"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Number of events per docsDevEvThrottleInterval permitted
before throttling is to occur.
A single event, whether the notification could result in
messages transmitted using syslog, SNMP, or both
protocols, and regardless of the number of destinations,
(including zero) is always treated as a single event for
threshold counting. For example, an event causing both
a trap and a syslog message is still treated as a single
event.
All system notifications that occur within the device
should be taken into consideration when calculating
and monitoring the threshold."
DEFVAL { 0 }
::= { docsDevEvent 5 }
docsDevEvThrottleInterval OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The interval over which docsDevEvThrottleThreshold
applies."
DEFVAL { 1 }
::= { docsDevEvent 6 }
--
-- The following table controls the reporting of the various classes
-- of events.
--
docsDevEvControlTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsDevEvControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table allows control of the reporting of event
classes. For each event priority, a combination of
logging and reporting mechanisms may be chosen. The
mapping of event types to priorities is
vendor dependent. Vendors may also choose to allow
the user to control that mapping through proprietary
means. Table entries MUST persist across reboots for
CMTS devices and MUST NOT persist across reboots for CM
devices."
::= { docsDevEvent 7 }
docsDevEvControlEntry OBJECT-TYPE
SYNTAX DocsDevEvControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Allows configuration of the reporting mechanisms for a
particular event priority."
INDEX { docsDevEvPriority }
::= { docsDevEvControlTable 1 }
DocsDevEvControlEntry ::= SEQUENCE {
docsDevEvPriority INTEGER,
docsDevEvReporting BITS
}
docsDevEvPriority OBJECT-TYPE
SYNTAX INTEGER {
emergency(1),
alert(2),
critical(3),
error(4),
warning(5),
notice(6),
information(7),
debug(8)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The priority level that is controlled by this
entry. These are ordered from most (emergency) to least
(debug) critical. Each event with a CM or CMTS has a
particular priority level associated with it (as defined
by the vendor).
emergency(1) events indicate vendor-specific fatal
hardware or software errors that prevent normal system
operation.
alert(2) events indicate a serious failure that causes
the reporting system to reboot but is not caused by
hardware or software malfunctioning.
critical(3) events indicate a serious failure that
requires attention and prevents the device from
transmitting data but that could be recovered without
rebooting the system.
error(4) and warning(5) events indicate that a failure
occurred that could interrupt the normal data flow but
that does not cause the device to re-register.
notice(6) and information(7) events indicate a
milestone or checkpoint in normal operation that could
be of particular importance for troubleshooting.
debug(8) events are reserved for vendor-specific
events.
During normal operation, no event more
critical than notice(6) should be generated. Events
between warning and emergency should be generated at
appropriate levels of problems (e.g., emergency when the
box is about to crash)."
::= { docsDevEvControlEntry 1 }
docsDevEvReporting OBJECT-TYPE
SYNTAX BITS {
local(0),
traps(1),
syslog(2),
-- The following are extensions to the original set of
-- labels. The extensions start at an octet boundary.
-- So for bits 3 - 7, one MUST set them to zero on send
-- and one MUST ignore them on receipt.
localVolatile(8),
stdInterface(9)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Defines the action to be taken on occurrence of this
event class. Implementations may not necessarily
support all options for all event classes but at
minimum must allow traps and syslogging to be
disabled.
If the local(0) bit is set, then log to the internal
log and update non-volatile store, for backward
compatibility with the original RFC 2669 definition.
If the traps(1) bit is set, then generate
an SNMP trap; if the syslog(2) bit is set, then
send a syslog message (assuming that the syslog address
is set). If the localVolatile(8) bit is set, then
log to the internal log without updating non-volatile
store. If the stdInterface(9) bit is set, then the
agent ignores all other bits except the local(0),
syslog(2), and localVolatile(8) bits. Setting the
stdInterface(9) bit indicates that RFC3413 and
RFC3014 are being used to control event reporting
mechanisms."
::= { docsDevEvControlEntry 2 }
docsDevEventTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsDevEventEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains a log of network and device events that may be
of interest in fault isolation and troubleshooting.
If the local(0) bit is set in docsDevEvReporting,
entries in this table MUST persist across reboots."
::= { docsDevEvent 8 }
docsDevEventEntry OBJECT-TYPE
SYNTAX DocsDevEventEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Describes a network or device event that may be of
interest in fault isolation and troubleshooting.
Multiple sequential identical events are represented by
incrementing docsDevEvCounts and setting
docsDevEvLastTime to the current time rather than
creating multiple rows.
Entries are created with the first occurrence of an
event. docsDevEvControl can be used to clear the
table. Individual events cannot be deleted."
INDEX { docsDevEvIndex }
::= { docsDevEventTable 1 }
DocsDevEventEntry ::= SEQUENCE {
docsDevEvIndex Integer32,
docsDevEvFirstTime DateAndTime,
docsDevEvLastTime DateAndTime,
docsDevEvCounts Counter32,
docsDevEvLevel INTEGER,
docsDevEvId Unsigned32,
docsDevEvText SnmpAdminString
}
docsDevEvIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Provides relative ordering of the objects in the event
log. This object will always increase except when
(a) the log is reset via docsDevEvControl,
(b) the device reboots and does not implement
non-volatile storage for this log, or (c) it reaches
the value 2^31. The next entry for all the above
cases is 1."
::= { docsDevEventEntry 1 }
docsDevEvFirstTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of docsDevDateTime at the time this entry was
created."
::= { docsDevEventEntry 2 }
docsDevEvLastTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When an entry reports only one event, this object will
have the same value as the corresponding instance of
docsDevEvFirstTime. When an entry reports multiple
events, this object will record the value that
docsDevDateTime had when the most recent event for this
entry occurred."
::= { docsDevEventEntry 3 }
-- This object was renamed from docsDevEvCount to meet naming
-- requirements for Counter32
docsDevEvCounts OBJECT-TYPE
SYNTAX Counter32
UNITS "events"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of consecutive event instances reported by
this entry. This starts at 1 with the creation of this
row and increments by 1 for each subsequent duplicate
event."
::= { docsDevEventEntry 4 }
docsDevEvLevel OBJECT-TYPE
SYNTAX INTEGER {
emergency(1),
alert(2),
critical(3),
error(4),
warning(5),
notice(6),
information(7),
debug(8)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The priority level of this event, as defined by the
vendor. These are ordered from most serious (emergency)
to least serious (debug).
emergency(1) events indicate vendor-specific fatal
hardware or software errors that prevent normal system
operation.
alert(2) events indicate a serious failure that causes
the reporting system to reboot but that is not caused by
hardware or software malfunctioning.
critical(3) events indicate a serious failure that
requires attention and prevents the device from
transmitting data but that could be recovered without
rebooting the system.
error(4) and warning(5) events indicate that a failure
occurred that could interrupt the normal data flow but
that does not cause the device to re-register.
notice(6) and information(7) events indicate a
milestone or checkpoint in normal operation that could
be of particular importance for troubleshooting.
debug(8) events are reserved for vendor-specific
events.
During normal operation, no event more
critical than notice(6) should be generated. Events
between warning and emergency should be generated at
appropriate levels of problems (e.g., emergency when the
box is about to crash)."
::= { docsDevEventEntry 5 }
--
-- It is strongly recommended that implementors follow the CableLabs
-- enumerations for docsDevEvId, per the DOCSIS OSSIv1.1 spec
-- and follow-on specifications.
--
docsDevEvId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"For this product, uniquely identifies the type of event
that is reported by this entry."
REFERENCE
"DOCSIS OSSI 1.1 Specification, Appendix H and
DOCSIS OSSI 2.0 Specification, Annex D."
::= { docsDevEventEntry 6 }
docsDevEvText OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides a human-readable description of the event,
including all relevant context (interface numbers,
etc.)."
::= { docsDevEventEntry 7 }
docsDevEvSyslogAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The type of address of docsDevEvSyslogAddress. If
no syslog server exists, this value should return
unknown(0)."
DEFVAL { unknown }
::= { docsDevEvent 9 }
docsDevEvSyslogAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The Internet address of the Syslog server, as provided
by DHCP option 7 or set via SNMP management. If the
address of the server is set to the zero-length
string, the 0.0.0.0 IPv4 address, or the 0: IPv6
address, Syslog transmission is inhibited.
Note that if multiple values are provided to the CM in
DHCP option 7, the value of this MIB object MUST be the
first Syslog server address received.
By default at agent boot, this object returns the zero
length string."
::= { docsDevEvent 10 }
docsDevEvThrottleThresholdExceeded OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If true(1), trap and syslog transmission is currently
inhibited due to exceeding the trap/syslog event
threshold in the current interval."
::= { docsDevEvent 11 }
--
-- Link Level Control Filtering
--
docsDevFilter OBJECT IDENTIFIER ::= { docsDevMIBObjects 6 }
docsDevFilterLLCUnmatchedAction OBJECT-TYPE
SYNTAX INTEGER {
discard(1),
accept(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"LLC (Link Level Control) filters can be defined on an
inclusive or exclusive basis: CMs can be configured to
forward only packets matching a set of layer three
protocols, or to drop packets matching a set of layer
three protocols. Typical use of these filters is to
filter out possibly harmful (given the context of a
large metropolitan LAN) protocols.
If set to discard(1), any L2 packet that does not match
at least one filter in the docsDevFilterLLCTable will be
discarded. If set to accept(2), any L2 packet that
does not match at least one filter in the
docsDevFilterLLCTable will be accepted for further
processing (e.g., bridging). In other words, if the
packet does not match an entry in the table, it takes
this action; if it does match an entry in the table, it
takes the opposite of this action."
DEFVAL { accept }
::= { docsDevFilter 1 }
docsDevFilterLLCTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsDevFilterLLCEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of filters to apply to (bridged) LLC
traffic. The filters in this table are applied to
incoming traffic on the appropriate interface(s) prior
to any further processing (e.g., before the packet
is handed off for level 3 processing, or for bridging).
The specific action taken when no filter is matched is
controlled by docsDevFilterLLCUnmatchedAction. Table
entries MUST NOT persist across reboots for any device."
::= { docsDevFilter 2 }
docsDevFilterLLCEntry OBJECT-TYPE
SYNTAX DocsDevFilterLLCEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Describes a single filter to apply to (bridged) LLC
traffic received on a specified interface. "
INDEX { docsDevFilterLLCIndex }
::= { docsDevFilterLLCTable 1 }
DocsDevFilterLLCEntry ::= SEQUENCE {
docsDevFilterLLCIndex Integer32,
docsDevFilterLLCStatus RowStatus,
docsDevFilterLLCIfIndex InterfaceIndexOrZero,
docsDevFilterLLCProtocolType INTEGER,
docsDevFilterLLCProtocol Integer32,
docsDevFilterLLCMatches Counter32
}
docsDevFilterLLCIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index used for the identification of filters (note that
LLC filter order is irrelevant)."
::= { docsDevFilterLLCEntry 1 }
docsDevFilterLLCStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Controls and reflects the status of rows in this
table. There is no restriction on changing any of the
associated columns for this row while this object is set
to active.
Specifying only this object (with the
appropriate index) on a CM is sufficient to create a
filter row that matches all inbound packets on the
ethernet interface and results in the packets being
discarded. docsDevFilterLLCIfIndex (at least) must be
specified on a CMTS to create a row."
::= { docsDevFilterLLCEntry 2}
docsDevFilterLLCIfIndex OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The entry interface to which this filter applies. The
value corresponds to ifIndex for either a CATV MAC or
another network interface. If the value is zero, the
filter applies to all interfaces. In Cable Modems, the
default value is the customer side interface(s). In
CMTSs, this object has to be specified to
create a row in this table.
Note that according to the DOCSIS OSSIv1.1
specification, ifIndex '1' in the CM means that this
row applies to all Cable Modem-to-CPE Interfaces
(CMCI)."
REFERENCE
"DOCSIS OSSI 1.1 Specification, Section 3.3.4.1. and
DOCSIS OSSI 2.0 Specification, Section 6.3.4.1."
::= { docsDevFilterLLCEntry 3 }
docsDevFilterLLCProtocolType OBJECT-TYPE
SYNTAX INTEGER {
ethertype(1),
dsap(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The format of the value in docsDevFilterLLCProtocol:
either a two-byte Ethernet Ethertype, or a one-byte
802.2 Service Access Point (SAP) value. ethertype(1)
also applies to Standard Network Access Protocol
(SNAP) encapsulated frames."
DEFVAL { ethertype }
::= { docsDevFilterLLCEntry 4 }
docsDevFilterLLCProtocol OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The layer-three protocol for which this filter applies.
The protocol value format depends on
docsDevFilterLLCProtocolType. Note that for SNAP
frames, ethertype filtering is performed rather than
Destination Service Access Point (DSAP) =0xAA."
DEFVAL { 0 }
::= { docsDevFilterLLCEntry 5 }
docsDevFilterLLCMatches OBJECT-TYPE
SYNTAX Counter32
UNITS "matches"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times this filter was matched."
::= { docsDevFilterLLCEntry 6 }
--
-- IPv4 Filtering
--
docsDevFilterIpDefault OBJECT-TYPE
SYNTAX INTEGER {
discard(1),
accept(2)
}
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"The default behavior for (bridged) packets that do not
match IP filters (or Internet filters, if implemented)
is defined by docsDevFilterIpDefault.
If set to discard(1), all packets not matching an IP
filter in docsDevFilterIpTable will be discarded. If
set to accept(2), all packets not matching an IP filter
or an Internet filter will be accepted for further
processing (e.g., bridging)."
DEFVAL { accept }
::= { docsDevFilter 3 }
docsDevFilterIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsDevFilterIpEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"An ordered list of filters or classifiers to apply to
IP traffic. Filter application is ordered by the filter
index, rather than by a best match algorithm (note that
this implies that the filter table may have gaps in the
index values). Packets that match no filters will have
policy 0 in the docsDevFilterPolicyTable applied to
them, if it exists. Otherwise, Packets that match no
filters are discarded or forwarded according to the
setting of docsDevFilterIpDefault.
Any IP packet can theoretically match multiple rows of
this table. When considering a packet, the table is
scanned in row index order (e.g., filter 10 is checked
before filter 20). If the packet matches that filter
(which means that it matches ALL criteria for that row),
actions appropriate to docsDevFilterIpControl and
docsDevFilterPolicyId are taken. If the packet was
discarded processing is complete. If
docsDevFilterIpContinue is set to true, the filter
comparison continues with the next row in the table,
looking for additional matches.
If the packet matches no filter in the table, the packet
is accepted or dropped for further processing
according to the setting of docsDevFilterIpDefault.
If the packet is accepted, the actions specified by
policy group 0 (e.g., the rows in
docsDevFilterPolicyTable that have a value of 0 for
docsDevFilterPolicyId) are taken, if that policy
group exists.
Logically, this table is consulted twice during the
processing of any IP packet: once upon its acceptance
from the L2 entity, and once upon its transmission to
the L2 entity. In actuality, for cable modems, IP
filtering is generally the only IP processing done for
transit traffic. This means that inbound and outbound
filtering can generally be done at the same time with
one pass through the filter table.
The objects in this table are only accessible from cable
devices that are not operating in DiffServ MIB mode
(RFC 3289). See the conformance section for details.
Note that some devices are required by other
specifications (e.g., the DOCSIS OSSIv1.1 specification)
to support the legacy SNMPv1/v2c docsDevFilter mode
for backward compatibility.
Table entries MUST NOT persist across reboots for any
device.
This table is deprecated. Instead, use the DiffServ MIB
from RFC 3289."
::= { docsDevFilter 4 }
docsDevFilterIpEntry OBJECT-TYPE
SYNTAX DocsDevFilterIpEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Describes a filter to apply to IP traffic received on a
specified interface. All identity objects in this table
(e.g., source and destination address/mask, protocol,
source/dest port, TOS/mask, interface and direction)
must match their respective fields in the packet for
any given filter to match.
To create an entry in this table, docsDevFilterIpIfIndex
must be specified."
INDEX { docsDevFilterIpIndex }
::= { docsDevFilterIpTable 1 }
DocsDevFilterIpEntry ::= SEQUENCE {
docsDevFilterIpIndex Integer32,
docsDevFilterIpStatus RowStatus,
docsDevFilterIpControl INTEGER,
docsDevFilterIpIfIndex InterfaceIndexOrZero,
docsDevFilterIpDirection INTEGER,
docsDevFilterIpBroadcast TruthValue,
docsDevFilterIpSaddr IpAddress,
docsDevFilterIpSmask IpAddress,
docsDevFilterIpDaddr IpAddress,
docsDevFilterIpDmask IpAddress,
docsDevFilterIpProtocol Integer32,
docsDevFilterIpSourcePortLow Integer32,
docsDevFilterIpSourcePortHigh Integer32,
docsDevFilterIpDestPortLow Integer32,
docsDevFilterIpDestPortHigh Integer32,
docsDevFilterIpMatches ZeroBasedCounter32,
docsDevFilterIpTos OCTET STRING,
docsDevFilterIpTosMask OCTET STRING,
docsDevFilterIpContinue TruthValue,
docsDevFilterIpPolicyId Integer32
}
docsDevFilterIpIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Index used to order the application of filters.
The filter with the lowest index is always applied
first."
::= { docsDevFilterIpEntry 1 }
docsDevFilterIpStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"Controls and reflects the status of rows in this
table. Specifying only this object (with the
appropriate index) on a CM is sufficient to create a
filter row that matches all inbound packets on the
ethernet interface and results in the packets being
discarded. docsDevFilterIpIfIndex (at least) must be
specified on a CMTS to create a row. Creation of the
rows may be done via either create-and-wait or
create-and-go, but the filter is not applied until this
object is set to (or changes to) active. There is no
restriction in changing any object in a row while this
object is set to active."
::= { docsDevFilterIpEntry 2 }
docsDevFilterIpControl OBJECT-TYPE
SYNTAX INTEGER {
discard(1),
accept(2),
policy(3)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"If set to discard(1), all packets matching this filter
will be discarded, and scanning of the remainder of the
filter list will be aborted. If set to accept(2), all
packets matching this filter will be accepted for
further processing (e.g., bridging). If
docsDevFilterIpContinue is set to true, see if there
are other matches; otherwise, done. If set to
policy (3), execute the policy entries
matched by docsDevFilterIpPolicyId in
docsDevFilterPolicyTable.
If docsDevFilterIpContinue is set to true, continue
scanning the table for other matches; otherwise, done."
DEFVAL { discard }
::= { docsDevFilterIpEntry 3 }
docsDevFilterIpIfIndex OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The entry interface to which this filter applies. The
value corresponds to ifIndex for either a CATV MAC or
another interface. If the value is zero, the
filter applies to all interfaces. Default value in CMs
is the index of the customer-side (e.g., ethernet)
interface(s). In CMTSes, this object MUST be
specified to create a row in this table.
Note that according to the DOCSIS OSSIv1.1
specification, ifIndex '1' in the Cable Modem means
that this row applies to all CMCI (customer-facing)
interfaces."
REFERENCE
"DOCSIS OSSI 1.1 Specification, Section 3.3.4.1. and
DOCSIS OSSI 2.0 Specification, Section 6.3.4.1."
::= { docsDevFilterIpEntry 4 }
docsDevFilterIpDirection OBJECT-TYPE
SYNTAX INTEGER {
inbound(1),
outbound(2),
both(3)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"Determines whether the filter is applied to inbound(1)
traffic, outbound(2) traffic, or traffic in both(3)
directions."
DEFVAL { inbound }
::= { docsDevFilterIpEntry 5 }
docsDevFilterIpBroadcast OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"If set to true(1), the filter only applies to multicast
and broadcast traffic. If set to false(2), the filter
applies to all traffic."
DEFVAL { false }
::= { docsDevFilterIpEntry 6 }
docsDevFilterIpSaddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The source IP address, or portion thereof, that is to be
matched for this filter. The source address is first
masked (ANDed) against docsDevFilterIpSmask before
being compared to this value. A value of 0 for this
object and 0 for the mask matches all IP addresses."
DEFVAL { '00000000'h }
::= { docsDevFilterIpEntry 7 }
docsDevFilterIpSmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A bit mask that is to be applied to the source address
prior to matching. This mask is not necessarily the
same as a subnet mask, but 1s bits must be leftmost and
contiguous."
DEFVAL { '00000000'h }
::= { docsDevFilterIpEntry 8 }
docsDevFilterIpDaddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The destination IP address, or portion thereof, that is
to be matched for this filter. The destination address
is first masked (ANDed) against docsDevFilterIpDmask
before being compared to this value. A value of
00000000 for this object and 00000000 for the mask
matches all IP addresses."
DEFVAL { '00000000'h }
::= { docsDevFilterIpEntry 9 }
docsDevFilterIpDmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A bit mask that is to be applied to the destination
address prior to matching. This mask is not necessarily
the same as a subnet mask, but 1s bits MUST be leftmost
and contiguous."
DEFVAL { '00000000'h }
::= { docsDevFilterIpEntry 10 }
docsDevFilterIpProtocol OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The IP protocol value that is to be matched. For
example, icmp is 1, tcp is 6, and udp is 17. A value of
256 matches ANY protocol."
REFERENCE "www.iana.org/assignments/protocol-numbers"
DEFVAL { 256 }
::= { docsDevFilterIpEntry 11 }
docsDevFilterIpSourcePortLow OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This is the inclusive lower bound of the transport-layer
source port range that is to be matched. If the IP
protocol of the packet is neither UDP nor TCP, this
object is ignored during matching."
REFERENCE "www.iana.org/assignments/port-numbers"
DEFVAL { 0 }
::= { docsDevFilterIpEntry 12 }
docsDevFilterIpSourcePortHigh OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This is the inclusive upper bound of the transport-layer
source port range that is to be matched. If the IP
protocol of the packet is neither UDP nor TCP, this
object is ignored during matching."
REFERENCE "www.iana.org/assignments/port-numbers"
DEFVAL { 65535 }
::= { docsDevFilterIpEntry 13 }
docsDevFilterIpDestPortLow OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This is the inclusive lower bound of the transport-layer
destination port range that is to be matched. If the IP
protocol of the packet is neither UDP nor TCP, this
object is ignored during matching."
REFERENCE "www.iana.org/assignments/port-numbers"
DEFVAL { 0 }
::= { docsDevFilterIpEntry 14 }
docsDevFilterIpDestPortHigh OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This is the inclusive upper bound of the transport-layer
destination port range that is to be matched. If the IP
protocol of the packet is neither UDP nor TCP, this
object is ignored during matching."
REFERENCE "www.iana.org/assignments/port-numbers"
DEFVAL { 65535 }
::= { docsDevFilterIpEntry 15 }
docsDevFilterIpMatches OBJECT-TYPE
SYNTAX ZeroBasedCounter32
UNITS "matches"
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Counts the number of times this filter was matched.
This object is initialized to 0 at boot, or at row
creation, and is reset only upon reboot."
::= { docsDevFilterIpEntry 16 }
docsDevFilterIpTos OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This is the value to be matched to the packet's
TOS (Type of Service) value (after the TOS value
is ANDed with docsDevFilterIpTosMask). A value for this
object of 0 and a mask of 0 matches all TOS values."
DEFVAL { '00'h }
::= { docsDevFilterIpEntry 17 }
docsDevFilterIpTosMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The mask to be applied to the packet's TOS value before
matching."
DEFVAL { '00'h }
::= { docsDevFilterIpEntry 18 }
docsDevFilterIpContinue OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"If this value is set to true and docsDevFilterIpControl
is anything but discard (1), continue scanning and
applying policies. See Section 3.3.3 for more
details."
DEFVAL { false }
::= { docsDevFilterIpEntry 19 }
docsDevFilterIpPolicyId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This object points to an entry in
docsDevFilterPolicyTable. If docsDevFilterIpControl
is set to policy (3), execute all matching policies
in docsDevFilterPolicyTable. If no matching policy
exists, treat as if docsDevFilterIpControl were set
to accept (1). If this object is set to the value of
0, there is no matching policy, and
docsDevFilterPolicyTable MUST NOT be consulted."
DEFVAL { 0 }
::= { docsDevFilterIpEntry 20 }
--
-- Policy Mapping Table
--
docsDevFilterPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsDevFilterPolicyEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A Table that maps between a policy group ID and a set
of pointers to policies to be applied. All rows with
the same docsDevFilterPolicyId are part of the same
group of policy pointers and are applied in the order
in this table. docsDevFilterPolicyTable exists to
allow multiple policy actions (referenced by policy
pointers) to be applied to any given classified packet.
The policy actions are applied in index order.
For example:
Index ID Type Action
1 1 TOS 1
9 5 TOS 1
12 1 IPSEC 3
This says that a packet that matches a filter with
policy id 1 first has TOS policy 1 applied (which might
set the TOS bits to enable a higher priority) and next
has the IPSEC policy 3 applied (which may result in the
packets being dumped into a secure VPN to a remote
encryptor).
Policy ID 0 is reserved for default actions and is
applied only to packets that match no filters in
docsDevFilterIpTable.
Table entries MUST NOT persist across reboots for any
device.
This table is deprecated. Instead, use the DiffServ MIB
from RFC 3289."
::= { docsDevFilter 5 }
docsDevFilterPolicyEntry OBJECT-TYPE
SYNTAX DocsDevFilterPolicyEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"An entry in the docsDevFilterPolicyTable. Entries are
created by Network Management. To create an entry,
docsDevFilterPolicyId MUST be specified."
INDEX { docsDevFilterPolicyIndex }
::= { docsDevFilterPolicyTable 1 }
DocsDevFilterPolicyEntry ::= SEQUENCE {
docsDevFilterPolicyIndex Integer32,
docsDevFilterPolicyId Integer32,
-- docsDevFilterPolicyType INTEGER,
-- docsDevFilterPolicyAction Integer32,
docsDevFilterPolicyStatus RowStatus,
docsDevFilterPolicyPtr RowPointer
}
docsDevFilterPolicyIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION "Index value for the table."
::= { docsDevFilterPolicyEntry 1 }
docsDevFilterPolicyId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"Policy ID for this entry. If a policy ID can apply to
multiple rows of this table, all relevant policies are
executed. Policy 0 (if populated) is applied to all
packets that do not match any of the filters. N.B. If
docsDevFilterIpPolicyId is set to 0, it DOES NOT match
policy 0 of this table."
::= { docsDevFilterPolicyEntry 2 }
-- The following two objects were removed and never used; however,
-- to preserve OID numbering, they are simply commented out to
-- to ensure that they are not used again.
-- docsDevFilterPolicyType ::= { docsDevFilterPolicyEntry 3 }
-- docsDevFilterPolicyAction ::= { docsDevFilterPolicyEntry 4 }
(next page on part 4)
