Documentation
¶
Overview ¶
Overview of Cisco Firewall MIB ============================== This MIB Module models status and performance statistics pertaining to the common features supported by Cisco firewall implementations. For each firewall feature, capability (if applicable) and statistics are defined. Supporting the configuration of firewall features is outside the scope of this MIB.
Following are the major firewall features:
- 'Stateful Packet Filtering' Creating and maintaining the state of authorized traffic flows dynamically to permit only flows authorized by the policy is a mandatory function of a firewall. This MIB instruments the activity and memory usage by this function.
'Application Inspection' This refers to the function of inspecting the headers of layer 3 and layer 4 protocols and creating dynamic entries in the connection table for traffic flows spawned by an already established traffic flow.
This MIB reflects the protocols that are being inspected.
'URL Filtering' This refers to the function of facilitating or restricting URL access requests through the firewall by consulting either local policy or that configured on a dedicated URL filtering server.
This MIB instruments the URL filtering activity, the status and activity of distinct URL filtering servers configured on the firewall and the impact of the performance of the URL filtering servers on the latency and throughput of the firewall.
'Proxy Authentication' This refers to the function of authenticating and/or authorizing users on behalf of servers on the secure side of the firewall. This operation could affect the throughput of the firewall.
The MIB objects pertaining to Proxy Authentication will be defined in a subsequent revision of this MIB.
'Transparent Mode Operation' A firewall could operate as a bridge and yet filter traffic based on layer 3-layer 7 control and payload information. Operating in this mode makes it easy to implement a firewall without fragmenting existing subnets. Another advantage of this mode of operation is enhanced security.
This MIB instruments the status, activity, and performance of the firewall in this mode. Please note that to fully manage a firewall operating in this mode, the firewall must also support the bridge MIB (BRIDGE-MIB).
'Advanced Application Inspection and Control' This function is also termed 'Application Firewall' and pertains to inspecting payload and headers of application traffic to make sure the traffic flows conform to the configured security policy.
Monitoring this function entails identifying the security alerts generated by this function and measuring the impact on firewall performance by this task. Application Firewall will be instrumented in a separate MIB dedicated for the function.
'Failover' or 'Redundancy' Redundancy configuration is essential for business critical firewalls.
Instrumenting this function entails reflecting the configuration of redundancy and identifying failover events.
The MIB objects pertaining to Proxy Authentication will be defined in a subsequent revision of this MIB.
The management information for each firewall feature is defined in a distinct module compliance unit. The compliance units corresponding to basic features of firewalls are defined as mandatory.
Acronyms ======== Following are definitions of some terms used in this module. Please refer to the module conformance for a glossary of feature-specific terms.
`Firewall' A firewall is a set of related programs, implemented on a host or a network device, that protects the resources of a private network from users from other networks. Common firewalling functions include stateful packet filtering, proxy authentication of users on behalf of applications on the secure side of the firewall, URL access control, inspection of payload of traffic streams to determine security threats. `Layer2 Firewall' or 'Transparent Firewall' A firewall device that operates as a bridge while performing firewalling function. `Connection' The record in the firewall of a traffic strean that has been authorized to flow through the firewall. `Half Open Connection' For a connection oriented protocol: a connection that has not reached the established on both the sides of the connection. For a connection-less protocol: the connection corresponding to a traffic stream where traffic flow has occurred (since the establishment of the connection entry) only on one direction. `Embryonic Connection' The connection entry corresponding to an application layer protocol in which the signaling channel has been established while the setup of the data channel is underway. `Policy' An element of firewall configuration that identifies the access rights to a resource by a traffic source. An example of a policy is an Access Control Rule. `Policy Target' An entity to which a policy is applied so that the action corresponding to the policy is taken only on traffic streams associated with the entity. An example of a policy target is an interface. `URL Filtering Server' A server which is employed by the firewall to enforce URL access policies. `Protocol Data Unit' or PDU An instance of the unit of information using which a protocol operates is called the Protocol Data Unit or the PDU of the protocol. `Deep Packet Inspection' The task of examining the contents of the payloads of one or more layer 7 application protocols with a view to enforcing the local security policies termed 'Deep Packet Inspection'. `Advanced Application Inspection and Control' An entity that performs deep packet inspection of layer 7 application protocol data units is termed an 'Application Firewall'.
Index ¶
- type CISCOUNIFIEDFIREWALLMIB
- type CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp
- type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals
- type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings
- type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources
- type CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp
- type CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals
- type CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats
- type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable
- type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry
- type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable
- type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry
- type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable
- type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry
- type CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals
- type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable
- type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry
- type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable
- type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry
- type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals
- type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage
- type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable
- type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CISCOUNIFIEDFIREWALLMIB ¶
type CISCOUNIFIEDFIREWALLMIB struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
CuFwConnectionGlobals CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals
CuFwConnectionResources CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources
CuFwConnectionReportSettings CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings
CuFwApplInspectionGrp CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp
CufwUrlFilterGlobals CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals
CufwUrlFilterResourceUsage CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage
CufwAaicGlobals CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals
CufwAaicHttpProtocolStats CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats
CufwL2FwGlobals CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals
CuFwNotifCntlGrp CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp
// This table summarizes the connection activity on the firewall per
// layer3-layer 4 protocol instance. Each entry in the table lists the
// connection summary of a distinct network protocol. For instance, the
// conceptual row corresponding to the index cufwConnProtocol = fwpTcp
// yields the summary of TCP connection activity on the firewall since its
// reboot.
CufwConnSummaryTable CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable
// This table lists the summary of firewall connections pertaining to Layer 7
// protocols, catalogued by distinct application protocols. Each entry in the
// table lists the connection summary corresponding to a distinct application
// protocol. For instance, to obtain the connection summary for SMTP on the
// firewall since the last reboot of the device, use the conceptual row
// corresponding to cufwAppConnProtocol = fwApSmtp.
CufwAppConnSummaryTable CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable
// This table lists the summary of firewall connections for layer3-layer 4
// protocols catalogued on a per policy basis. Each entry in the table lists
// the connection summary of a distinct network protocol, configured on the
// specified policy on the firewall, and pertaining to a specified target to
// which the policy is currently applied. If a policy is bound to a target,
// it would have one or more entries in this table. If the policy is detached
// from the target, all entries corresponding to the association between the
// policy and the target are elminated from this table. Although the
// information is indexed by policy targets as well, one may aggregate the
// connection summary for a specific policy across all the target to which the
// policy is currently applied by setting cufwConnPolicyTargetType =
// 'targetAll'.
CufwPolicyConnSummaryTable CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable
// This table lists the summary of firewall connections pertaining to Layer 7
// protocols, catalogued on a per policy basis Each entry in the table lists
// the connection summary of a distinct application protocol, configured on
// the specified policy on the firewall, and pertaining to a specified target
// to which the policy has been applied. If a policy is bound to a target, it
// would have one or more entries in this table. If the policy is detached
// from the target, all entries corresponding to the association between the
// policy and the target are elminated from this table. Although the
// information is indexed by policy targets as well, one may aggregate the
// connection summary for a specific policy across all the target to which the
// policy is currently applied by setting cufwAppConnPolicyTargetType =
// 'targetALL'.
CufwPolicyAppConnSummaryTable CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable
// This table identifies if an application protocol has been configured for
// inspection and if so, the name of the firewall policy or the inspection
// configuration that configures the specified protocol for inspection. The
// table also identifies if the specified protocol is actively being
// inspected. This table may be used by an administrator to quickly identify
// if a protocol is being subjected to application inspection by the managed
// firewall.
CufwInspectionTable CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable
// This table lists the URL filtering servers configured on the managed device
// and their performance statistics. This table is not meant as a device to
// configure URL filtering servers.
CufwUrlfServerTable CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable
}
CISCOUNIFIEDFIREWALLMIB
func (*CISCOUNIFIEDFIREWALLMIB) GetEntityData ¶
func (cISCOUNIFIEDFIREWALLMIB *CISCOUNIFIEDFIREWALLMIB) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp ¶
type CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// The value identifies if audit trail in application inspection has been
// globally enabled or disabled. The type is bool.
CufwAIAuditTrailEnabled interface{}
// The value identifies if application inspection alerts have been globally
// enabled or disabled. The type is bool.
CufwAIAlertEnabled interface{}
}
CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp
func (*CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp) GetEntityData ¶
func (cuFwApplInspectionGrp *CISCOUNIFIEDFIREWALLMIB_CuFwApplInspectionGrp) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals ¶
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Connection Statistics Aggregation Connection 1 +-----------+
// ------------->| |-------> Global Connection Summary Connection 2
// | | ------------->| | Connection 3 | |
// ------------->| First |------------> ConnSummary | Level |
// (i.e, L-3/4 Protocol Connection 4 |Aggregation| Connection
// Summary) ------------->| | . | | . |
// |---------------> PolicyConnSummary Connection N | |
// (i.e, L-3/4 Policy Target based ------------->| | Protocol
// Connection Summary) +-----------+ +-----------+ L-3/4 Protocol |
// | Connection Summary | | ------------------>|
// |---------> AppConnSummary | | (i.e, L-7 Protocol |
// Second | Connection Summary) |---Level---| L-3/4 Policy Target
// |Aggregation| based Protocol | | Connection Summary |
// | ------------------>| |---------------> PolicyAppConnSummary |
// | (i.e, L-7 Policy Target based | | Protocol
// Connection Summary) +-----------+ Specifically, the object
// 'cufwConnGlobalNumAttempted' models the number of connections which are
// attempted to be set up through the firewall. This value is accumulated
// from the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwConnGlobalNumAttempted interface{}
// The number of connection setup attempts that were aborted before the
// connection could proceed to completion. The counter includes setup attempts
// aborted by the firewall as well as those aborted by the initiator and/or
// the responder(s) of/to the connection setup attempt. Consequently, this
// value subsumes the values of objects 'cufwConnGlobalNumPolicyDeclined' and
// 'cufwConnGlobalNumResDeclined'. This value is accumulated from the last
// reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwConnGlobalNumSetupsAborted interface{}
// The number of connections which were attempted to be setup but which were
// declined due to reasons of security policy. This includes the connections
// that failed authentication. This value is accumulated from the last
// reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwConnGlobalNumPolicyDeclined interface{}
// The number of connections which were attempted to be setup but which were
// declined due to non-availability of required resources. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are Connections.
CufwConnGlobalNumResDeclined interface{}
// The number of connections which are in the process of being setup but which
// have not yet reached the established state in the connection table. The
// type is interface{} with range: 0..4294967295. Units are Connections.
CufwConnGlobalNumHalfOpen interface{}
// The number of connections which are currently active. The type is
// interface{} with range: 0..4294967295. Units are Connections.
CufwConnGlobalNumActive interface{}
// The number of connections which were active but which were since normally
// terminated. This value is accumulated from the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
// Units are Connections.
CufwConnGlobalNumExpired interface{}
// The number of connections which were active but which were aborted by the
// firewall due to reasons of policy or resource rationing. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are Connections.
CufwConnGlobalNumAborted interface{}
// The number of embryonic application layer connections (that is,
// connections in which the signaling channel has been established while the
// data channel is awaiting setup). This value is accumulated from the last
// reboot of the firewall. The type is interface{} with range: 0..4294967295.
// Units are Connections.
CufwConnGlobalNumEmbryonic interface{}
// The averaged number of connections which the firewall establishing per
// second, averaged over the last 60 seconds. The type is interface{} with
// range: 0..4294967295. Units are Connections per second.
CufwConnGlobalConnSetupRate1 interface{}
// The averaged number of connections which the firewall establishing per
// second, averaged over the last 300 seconds. The type is interface{} with
// range: 0..4294967295. Units are Connections per second.
CufwConnGlobalConnSetupRate5 interface{}
// The number of active connections which correspond to remote access
// applications. Specifically, the protocol for which the connection is
// established must be one of PPP, PPTP, L2TP or remote access IPsec (IPsec
// connections employing extended authentication). This value is accumulated
// from the last reboot of the firewall. The type is interface{} with range:
// 0..4294967295. Units are Connections.
CufwConnGlobalNumRemoteAccess interface{}
}
CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals
func (*CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals) GetEntityData ¶
func (cuFwConnectionGlobals *CISCOUNIFIEDFIREWALLMIB_CuFwConnectionGlobals) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings ¶
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Setting this object to 'true' enables the MIB to report connection activity
// statistics pertaining to application protocols. If this object is set to
// 'false', the agent should stop updating the objects defined in this module
// pertaining to application protocols. Application monitoring could be a
// resource intensive operation. It is expected that the administrators would
// use this control to disable application monitoring when the performance of
// the firewall is degrading. The type is bool.
CufwConnReptAppStats interface{}
// The time at which the value of cufwConnReptAppStats was last changed. The
// type is interface{} with range: 0..4294967295.
CufwConnReptAppStatsLastChanged interface{}
}
CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings
func (*CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings) GetEntityData ¶
func (cuFwConnectionReportSettings *CISCOUNIFIEDFIREWALLMIB_CuFwConnectionReportSettings) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources ¶
type CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// The amount of memory occupied by all structures required to maintain the
// state of all connections which are either being established or are active.
// The type is interface{} with range: 0..4294967295. Units are KBytes.
CufwConnResMemoryUsage interface{}
// The amount of memory occupied by all structures required to maintain the
// state of all active connections. The type is interface{} with range:
// 0..4294967295. Units are KBytes.
CufwConnResActiveConnMemoryUsage interface{}
// The amount of memory occupied by all structures required to maintain the
// state of all half open connections. The type is interface{} with range:
// 0..4294967295. Units are KBytes.
CufwConnResHOConnMemoryUsage interface{}
// The amount of memory occupied by all structures required to maintain the
// state of all embryonic connections. The type is interface{} with range:
// 0..4294967295. Units are KBytes.
CufwConnResEmbrConnMemoryUsage interface{}
}
CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources
func (*CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources) GetEntityData ¶
func (cuFwConnectionResources *CISCOUNIFIEDFIREWALLMIB_CuFwConnectionResources) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp ¶
type CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// This object defines the administrative state of sending the SNMP
// notification to signal the election of a new primary URL filtering server
// by this firewall. Such a change could occur either as a result of the
// current primary server becoming unavailable or as a result of explicit
// management action in nominating a filtering server the primary server. The
// type is bool.
CufwCntlUrlfServerStatusChange interface{}
// This object defines the administrative state of sending the SNMP
// notification to signal the move of a statically configured MAC address to a
// new port. Such a change could occur either as a result of physical move
// of the device with the MAC Address to the new port or due to MAC address
// spoofing. The type is bool.
CufwCntlL2StaticMacAddressMoved interface{}
}
CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp
func (*CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp) GetEntityData ¶
func (cuFwNotifCntlGrp *CISCOUNIFIEDFIREWALLMIB_CuFwNotifCntlGrp) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals ¶
type CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// 'Protocol Operation' is the application protocol specific operation that
// the PDU is intended to perform. An example of 'protocol operation' is the
// HELO command of SMTP protocol. This MIB object records the number of
// application protocol data units that contained a protocol operation which
// was disallowed by the local security policy. For this MIB to be
// implemented, the managed firewall must be implementing deep packet
// inspection of application traffic payloads. This value is accumulated
// from the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Protocol Data Units.
CufwAaicGlobalNumBadProtocolOps interface{}
// This MIB object records the number of application protocol data units
// (PDU) that had either an invalid header size or an invalid payload size, as
// determined by the local security policy. For this MIB to be implemented,
// the managed firewall must be implementing deep packet inspection of
// application traffic payloads. This value is accumulated from the last
// reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Protocol Data Units.
CufwAaicGlobalNumBadPDUSize interface{}
// Number of application protocol units that attempted to advertise illegal
// port ranges for secondary connections. An example of such an occurrence
// would be a passive FTP connection, where the server advertises a
// disallowed port range for data connection. For this MIB to be implemented,
// the managed firewall must be implementing deep packet inspection of
// application traffic payloads. This value is accumulated from the last
// reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Protocol Data Units.
CufwAaicGlobalNumBadPortRange interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals
func (*CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals) GetEntityData ¶
func (cufwAaicGlobals *CISCOUNIFIEDFIREWALLMIB_CufwAaicGlobals) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats ¶
type CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// The number of PDUs corresponding to HTTP protocol which were detected to
// be containing HTTP protocol methods which are disallowed by the local
// security policy. For this MIB to be implemented, the managed firewall
// must be implementing deep packet inspection of HTTP traffic payloads.
// This value is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are HTTP Protocol
// Data Units.
CufwAaicHttpNumBadProtocolOps interface{}
// The number of PDUs corresponding to HTTP protocol that had either an
// invalid header size or an invalid payload size, as determined by the local
// security policy. For this MIB to be implemented, the managed firewall
// must be implementing deep packet inspection of HTTP traffic payloads.
// This value is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are HTTP Protocol
// Data Units.
CufwAaicHttpNumBadPDUSize interface{}
// The number of connections corresponding to HTTP protocol which were
// detected to be tunneling other application traffic streams. An instance of
// this would be InstantMessenger traffic running on HTTP. For this MIB to
// be implemented, the managed firewall must be implementing deep packet
// inspection of HTTP traffic payloads. This value is accumulated from the
// last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwAaicHttpNumTunneledConns interface{}
// The number of PDUs corresponding to HTTP protocol which were detected to
// be containing a URI of size not permitted by the local security policy.
// For this MIB to be implemented, the managed firewall must be implementing
// deep packet inspection of HTTP traffic payloads. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are HTTP Protocol Data Units.
CufwAaicHttpNumLargeURIs interface{}
// The number of PDUs corresponding to HTTP protocol which were detected to
// be containing content whose type disallowed by the local security policy.
// For this MIB to be implemented, the managed firewall must be implementing
// deep packet inspection of HTTP traffic payloads. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are HTTP Protocol Data Units.
CufwAaicHttpNumBadContent interface{}
// The number of PDUs corresponding to HTTP protocol which were detected to
// be containing content whose type was different from the content type
// specified in the header of the PDU. For this MIB to be implemented, the
// managed firewall must be implementing deep packet inspection of HTTP
// traffic payloads. This value is accumulated from the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
// Units are HTTP Protocol Data Units.
CufwAaicHttpNumMismatchContent interface{}
// The number of PDUs corresponding to HTTP protocol which were detected to
// be containing double encoding. Double encoding is a mechanism to obfuscate
// content in which a encoded data is re-encoded so as to evade deep packet
// inspections. For this MIB to be implemented, the managed firewall must be
// implementing deep packet inspection of HTTP traffic payloads. This value
// is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are HTTP Protocol
// Data Units.
CufwAaicHttpNumDoubleEncodedPkts interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats
func (*CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats) GetEntityData ¶
func (cufwAaicHttpProtocolStats *CISCOUNIFIEDFIREWALLMIB_CufwAaicHttpProtocolStats) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the summary of connection activity for a distinct layer
// 7 protocol identified by the index element 'cufwAppConnProtocol'. The type
// is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry.
CufwAppConnSummaryEntry []*CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable This table lists the summary of firewall connections pertaining to Layer 7 protocols, catalogued by distinct application protocols.
Each entry in the table lists the connection summary corresponding to a distinct application protocol.
For instance, to obtain the connection summary for SMTP on the firewall since the last reboot of the device, use the conceptual row corresponding to
cufwAppConnProtocol = fwApSmtp
func (*CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable) GetEntityData ¶
func (cufwAppConnSummaryTable *CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The layer7 protocol for which this conceptual row
// summarizes the connection activity for this firewall. The type is
// CFWApplicationProtocol.
CufwAppConnProtocol interface{}
// The number of connections attempted since the last reboot of the firewall,
// corresponding to the protocol denoted by 'cufwAppConnProtocol'. This value
// is accumulated from the last reboot of the firewall subject to the control
// exercised by cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwAppConnNumAttempted interface{}
// The number of connection setup attempts, corresponding to the protocol
// denoted by 'cufwAppConnProtocol', that were aborted before the connection
// could proceed to completion. The counter includes setup attempts aborted
// by the firewall as well as those aborted by the initiator and/or the
// responder(s) of/to the connection setup attempt. Consequently, this value
// subsumes the values of objects 'cufwAppConnNumPolicyDeclined' and
// 'cufwAppConnNumResDeclined'. This value is accumulated from the last
// reboot of the firewall subject to the control exercised by
// cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwAppConnNumSetupsAborted interface{}
// The number of connection attempts that were declined due to security
// policy, corresponding to the protocol denoted by 'cufwAppConnProtocol'.
// This value is accumulated from the last reboot of the firewall subject to
// the control exercised by cufwConnReptAppStats. The type is interface{} with
// range: 0..18446744073709551615. Units are Connections.
CufwAppConnNumPolicyDeclined interface{}
// The number of connection attempts that were declined due to resource
// unavailability, corresponding to the protocol denoted by
// 'cufwAppConnProtocol'. This value is accumulated from the last reboot of
// the firewall subject to the control exercised by cufwConnReptAppStats. The
// type is interface{} with range: 0..18446744073709551615. Units are
// Connections.
CufwAppConnNumResDeclined interface{}
// The number of connections that are currently in the process of being
// established, corresponding to the protocol denoted by
// 'cufwAppConnProtocol'. The type is interface{} with range: 0..4294967295.
// Units are Connections.
CufwAppConnNumHalfOpen interface{}
// The number of connections that are currently active, corresponding to the
// protocol denoted by 'cufwAppConnProtocol'. The type is interface{} with
// range: 0..4294967295. Units are Connections.
CufwAppConnNumActive interface{}
// The number of connections that were terminated by the firewall successful
// establishment, corresponding to the protocol denoted by
// 'cufwAppConnProtocol'. This value is accumulated from the last reboot of
// the firewall subject to the control exercised by cufwConnReptAppStats. The
// type is interface{} with range: 0..18446744073709551615. Units are
// Connections.
CufwAppConnNumAborted interface{}
// The connection setup rate averaged over the last 60 seconds corresponding
// to the protocol denoted by 'cufwAppConnProtocol'. The type is interface{}
// with range: 0..4294967295. Units are Connections Per Second.
CufwAppConnSetupRate1 interface{}
// The connection setup rate averaged over the last 300 seconds corresponding
// to the protocol denoted by 'cufwAppConnProtocol'. The type is interface{}
// with range: 0..4294967295. Units are Connections Per Second.
CufwAppConnSetupRate5 interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry Each entry contains the summary of connection activity for a distinct layer 7 protocol identified by the index element 'cufwAppConnProtocol'.
func (*CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry) GetEntityData ¶
func (cufwAppConnSummaryEntry *CISCOUNIFIEDFIREWALLMIB_CufwAppConnSummaryTable_CufwAppConnSummaryEntry) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the summary of connection activity for a layer3-layer4
// network protocol. The type is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry.
CufwConnSummaryEntry []*CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable This table summarizes the connection activity on the firewall per layer3-layer 4 protocol instance.
Each entry in the table lists the connection summary of a distinct network protocol.
For instance, the conceptual row corresponding to the index
cufwConnProtocol = fwpTcp
yields the summary of TCP connection activity on the firewall since its reboot.
func (*CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable) GetEntityData ¶
func (cufwConnSummaryTable *CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The (L3-L4) protocol for which this conceptual
// row summarizes the connection activity on the managed entity. The type is
// CFWNetworkProtocol.
CufwConnProtocol interface{}
// The number of connections attempted since the last reboot of the firewall,
// corresponding to the protocol denoted by 'cufwConnProtocol'. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are Connections.
CufwConnNumAttempted interface{}
// The number of connection setup attempts, corresponding to the protocol
// denoted by 'cufwConnProtocol', that were aborted before the connection
// could proceed to completion. The counter includes setup attempts aborted
// by the firewall as well as those aborted by the initiator and/or the
// responder(s) of/to the connection setup attempt. Consequently, this value
// subsumes the values of objects 'cufwConnNumPolicyDeclined' and
// 'cufwConnNumResDeclined'. This value is accumulated from the last reboot
// of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwConnNumSetupsAborted interface{}
// The number of connection attempts that were declined due to security
// policy, corresponding to the protocol denoted by 'cufwConnProtocol'. This
// value is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are Connections.
CufwConnNumPolicyDeclined interface{}
// The number of connection attempts that were declined due to resource
// unavailability, corresponding to the protocol denoted by
// 'cufwConnProtocol'. This value is accumulated from the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
// Units are Connections.
CufwConnNumResDeclined interface{}
// The number of connections that are currently in the process of being
// established, corresponding to the protocol denoted by 'cufwConnProtocol'.
// The type is interface{} with range: 0..4294967295. Units are Connections.
CufwConnNumHalfOpen interface{}
// The number of connections that are currently active, corresponding to the
// protocol denoted by 'cufwConnProtocol'. The type is interface{} with
// range: 0..4294967295. Units are Connections.
CufwConnNumActive interface{}
// The number of connections that were abnormally terminated after successful
// establishment, corresponding to the protocol denoted by
// 'cufwConnProtocol'. This value is accumulated from the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
// Units are Connections.
CufwConnNumAborted interface{}
// The connection setup rate averaged over the last 60 seconds corresponding
// to the protocol denoted by 'cufwConnProtocol'. The type is interface{}
// with range: 0..4294967295. Units are Connections Per Second.
CufwConnSetupRate1 interface{}
// The connection setup rate averaged over the last 300 seconds corresponding
// to the protocol denoted by 'cufwConnProtocol'. The type is interface{}
// with range: 0..4294967295. Units are Connections Per Second.
CufwConnSetupRate5 interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry Each entry contains the summary of connection activity for a layer3-layer4 network protocol.
func (*CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry) GetEntityData ¶
func (cufwConnSummaryEntry *CISCOUNIFIEDFIREWALLMIB_CufwConnSummaryTable_CufwConnSummaryEntry) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the configuration of a specific application inspection
// element. The type is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry.
CufwInspectionEntry []*CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable This table identifies if an application protocol has been configured for inspection and if so, the name of the firewall policy or the inspection configuration that configures the specified protocol for inspection. The table also identifies if the specified protocol is actively being inspected.
This table may be used by an administrator to quickly identify if a protocol is being subjected to application inspection by the managed firewall.
func (*CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable) GetEntityData ¶
func (cufwInspectionTable *CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The name of the policy that configures the device
// inspect the protocol specified by 'cufwInspectionProtocol'. The type is
// string with length: 0..128.
CufwInspectionPolicyName interface{}
// This attribute is a key. The application protocol that is configured for
// inspection. The type is CFWApplicationProtocol.
CufwInspectionProtocol interface{}
// This MIB object identifies if the directive to inspect the protocol
// specified by 'cufwInspectionProtocol' by the policy corresponding to this
// conceptual row is enabled or disabled. The type is bool.
CufwInspectionStatus interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry Each entry contains the configuration of a specific application inspection element.
func (*CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry) GetEntityData ¶
func (cufwInspectionEntry *CISCOUNIFIEDFIREWALLMIB_CufwInspectionTable_CufwInspectionEntry) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals ¶
type CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// The value indicates if the firewall is operating in transparent (layer 2)
// mode or not. When operating in transparent mode, the firewall operates as
// a bridge while performing firewalling functions. The type is bool.
CufwL2GlobalEnableStealthMode interface{}
// The value indicates the configured maximum size of the ARP cache used for
// management traffic. The type is interface{} with range: 1..2147483647.
// Units are ARP entries.
CufwL2GlobalArpCacheSize interface{}
// The value indicates if ARP inspection, which is a security feature, is
// enabled globally on the managed firewall. The type is bool.
CufwL2GlobalEnableArpInspection interface{}
// The number of ARP requests issued by the transparent firewall to resolve a
// destination IP address. This counter is accumulated since the last reboot
// of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are ARP Requests.
CufwL2GlobalNumArpRequests interface{}
// The number of ICMP traceroute requests issued by the transparent firewall
// to resolve a destination IP address. This counter is accumulated since
// the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are ICMP Traceroute Requests.
CufwL2GlobalNumIcmpRequests interface{}
// The number of times the firewall floods a frame to be forwarded to the
// egress interfaces because the destination MAC address is missing in the
// bridge table. This counter is accumulated since the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
CufwL2GlobalNumFloods interface{}
// The number of times the firewall dropped an incoming frame because the
// destination MAC address is missing in the bridge table. This counter is
// accumulated since the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615.
CufwL2GlobalNumDrops interface{}
// The number of times an existing entry from the ARP cache had to be ejected
// in order to insert a new entry in the last 300 seconds. This counter is
// accumulated since the last reboot of the firewall. The type is interface{}
// with range: 0..4294967295.
CufwL2GlobalArpOverflowRate5 interface{}
// The number of malformed ARP responses received by the firewall in trying to
// resolve the MAC address of the destination IP address in an incoming frame.
// This counter is accumulated since the last reboot of the firewall. The
// type is interface{} with range: 0..18446744073709551615. Units are ARP
// Responses.
CufwL2GlobalNumBadArpResponses interface{}
// The number of spoofed ARP responses received by the firewall. Such an event
// would occur when the firewall encounters an ARP response mapping an IP
// address to a different MAC Address from the one present in the local ARP
// cache. This counter is accumulated since the last reboot of the firewall.
// The type is interface{} with range: 0..18446744073709551615. Units are ARP
// Responses.
CufwL2GlobalNumSpoofedArpResps interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals
func (*CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals) GetEntityData ¶
func (cufwL2FwGlobals *CISCOUNIFIEDFIREWALLMIB_CufwL2FwGlobals) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the summary of connection activity for a specific layer
// 7 protocol in a specific policy applied to the specified policy target.
// The type is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry.
CufwPolicyAppConnSummaryEntry []*CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable This table lists the summary of firewall connections pertaining to Layer 7 protocols, catalogued on a per policy basis
Each entry in the table lists the connection summary of a distinct application protocol, configured on the specified policy on the firewall, and pertaining to a specified target to which the policy has been applied.
If a policy is bound to a target, it would have one or more entries in this table. If the policy is detached from the target, all entries corresponding to the association between the policy and the target are elminated from this table.
Although the information is indexed by policy targets as well, one may aggregate the connection summary for a specific policy across all the target to which the policy is currently applied by setting
cufwAppConnPolicyTargetType = 'targetALL'
func (*CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable) GetEntityData ¶
func (cufwPolicyAppConnSummaryTable *CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The identity of the firewall policy for which this
// conceptual row contains the connection activity summary. The type is
// string with length: 0..128.
CufwPolAppConnPolicy interface{}
// This attribute is a key. The type of the entity to which the firewall
// policy 'cufwPolAppConnPolicy' has been applied. This could be an interface
// type (most commonly), the type of another object or a group of objects
// defined in the firewall configuration. When this object is set to
// 'targetALL', the value of index object cufwAppConnPolicyTarget is ignored.
// The type is CFWPolicyTargetType.
CufwPolAppConnPolicyTargetType interface{}
// This attribute is a key. The identity of the entity to which the firewall
// policy 'cufwPolAppProtocol' refers. This could be an interface object
// (most commonly), another object or group of objects defined in the firewall
// configuration. The type is string with length: 0..128.
CufwPolAppConnPolicyTarget interface{}
// This attribute is a key. The layer7 protocol for which this conceptual row
// summarizes the connection activity for this firewall. The type is
// CFWApplicationProtocol.
CufwPolAppConnProtocol interface{}
// The number of connections attempted since the last reboot of the firewall,
// corresponding to the protocol denoted by 'cufwPolAppConnProtocol', in the
// policy 'cufwPolAppConnPolicy' applied to the entity identified by
// 'cufwPolAppConnPolicyTarget'. This value is accumulated from the last
// reboot of the firewall subject to the control exercised by
// cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolAppConnNumAttempted interface{}
// The number of connection setup attempts, corresponding to the protocol
// denoted by 'cufwPolAppConnProtocol', associated with the policy
// 'cufwPolAppConnPolicy' applied to the entity identified by
// 'cufwPolAppConnPolicyTarget', that were aborted before the connections
// could proceed to completion. The counter includes setup attempts aborted
// by the firewall as well as those aborted by the initiator and/or the
// responder(s) of/to the connection setup attempt. Consequently, this value
// subsumes the values of objects 'cufwPolAppConnNumPolicyDeclined' and
// 'cufwPolAppConnNumResDeclined'. This value is accumulated from the last
// reboot of the firewall subject to the control exercised by
// cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolAppConnNumSetupsAborted interface{}
// The number of connection attempts that were declined due to security
// policy, corresponding to the protocol denoted by 'cufwPolAppConnProtocol',
// in the policy 'cufwPolAppConnPolicy' applied to the entity identified by
// 'cufwPolAppConnPolicyTarget'. This value is accumulated from the last
// reboot of the firewall subject to the control exercised by
// cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolAppConnNumPolicyDeclined interface{}
// The number of connection attempts that were declined due to resource
// unavailability, corresponding to the protocol denoted by
// 'cufwPolAppConnProtocol', in the policy 'cufwPolAppConnPolicy' applied to
// the entity identified by 'cufwPolAppConnPolicyTarget'. This value is
// accumulated from the last reboot of the firewall subject to the control
// exercised by cufwConnReptAppStats. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolAppConnNumResDeclined interface{}
// The number of connections that are currently in the process of being
// established, corresponding to the protocol denoted by
// 'cufwPolAppConnProtocol', in the policy 'cufwPolAppConnPolicy' applied to
// the entity identified by 'cufwPolAppConnPolicyTarget'. The type is
// interface{} with range: 0..4294967295. Units are Connections.
CufwPolAppConnNumHalfOpen interface{}
// The number of connections that are currently active, corresponding to the
// protocol denoted by 'cufwPolAppConnProtocol', in the policy
// 'cufwPolAppConnPolicy' applied to the entity identified by
// 'cufwPolAppConnPolicyTarget'. The type is interface{} with range:
// 0..4294967295. Units are Connections.
CufwPolAppConnNumActive interface{}
// The number of connections that were abnormally terminated after successful
// establishment, corresponding to the protocol denoted by
// 'cufwPolAppConnProtocol', in the policy 'cufwPolAppConnPolicy' applied to
// the entity identified by 'cufwPolAppConnPolicyTarget'. The type is
// interface{} with range: 0..18446744073709551615. Units are Connections.
CufwPolAppConnNumAborted interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry Each entry contains the summary of connection activity for a specific layer 7 protocol in a specific policy applied to the specified policy target.
func (*CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry) GetEntityData ¶
func (cufwPolicyAppConnSummaryEntry *CISCOUNIFIEDFIREWALLMIB_CufwPolicyAppConnSummaryTable_CufwPolicyAppConnSummaryEntry) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the summary of connection activity for a specific
// protocol in a specific policy applied to the specified policy target. The
// type is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry.
CufwPolicyConnSummaryEntry []*CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable This table lists the summary of firewall connections for layer3-layer 4 protocols catalogued on a per policy basis.
Each entry in the table lists the connection summary of a distinct network protocol, configured on the specified policy on the firewall, and pertaining to a specified target to which the policy is currently applied.
If a policy is bound to a target, it would have one or more entries in this table. If the policy is detached from the target, all entries corresponding to the association between the policy and the target are elminated from this table.
Although the information is indexed by policy targets as well, one may aggregate the connection summary for a specific policy across all the target to which the policy is currently applied by setting
cufwConnPolicyTargetType = 'targetAll'
func (*CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable) GetEntityData ¶
func (cufwPolicyConnSummaryTable *CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The identity of the firewall policy for which this
// conceptual row contains the connection activity summary. The type is
// string with length: 0..128.
CufwPolConnPolicy interface{}
// This attribute is a key. The type of the entity to which the firewall
// policy 'cufwPolConnPolicy' has been applied. This could be an interface
// type (most commonly), the type of another object or a group of objects
// defined in the firewall configuration. When this object is set to
// 'targetALL', the value of index object cufwConnPolicyTarget is ignored. The
// type is CFWPolicyTargetType.
CufwPolConnPolicyTargetType interface{}
// This attribute is a key. The identity of the entity to which the firewall
// policy 'cufwPolConnPolicy' is applied. This could be an interface object
// (most commonly), another object or group of objects defined in the firewall
// configuration. The type is string with length: 0..128.
CufwPolConnPolicyTarget interface{}
// This attribute is a key. The (L3-L4) protocol corresponding to which this
// conceptual row summarizes the connection activity on the firewall. The type
// is CFWNetworkProtocol.
CufwPolConnProtocol interface{}
// The number of connections attempted since the last reboot of the firewall,
// corresponding to the protocol denoted by 'cufwPolConnProtocol', in the
// policy 'cufwPolConnPolicy' applied to the entity identified by
// 'cufwPolConnPolicyTarget'. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolConnNumAttempted interface{}
// The number of connection setup attempts, corresponding to the protocol
// denoted by 'cufwPolConnProtocol', associated with the policy
// 'cufwPolConnPolicy' applied to the entity identified by
// 'cufwPolConnPolicyTarget', that were aborted before the connection could
// proceed to completion. The counter includes setup attempts aborted by the
// firewall as well as those aborted by the initiator and/or the
// responder(s) of/to the connection setup attempt. Consequently, this value
// subsumes the values of objects 'cufwPolConnNumPolicyDeclined' and
// 'cufwPolConnNumResDeclined'. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolConnNumSetupsAborted interface{}
// The number of connection attempts that were declined due to security
// policy, corresponding to the protocol denoted by 'cufwPolConnProtocol', in
// the policy 'cufwPolConnPolicy' applied to the entity identified by
// 'cufwPolConnPolicyTarget'. The type is interface{} with range:
// 0..18446744073709551615. Units are Connections.
CufwPolConnNumPolicyDeclined interface{}
// The number of connection attempts that were declined due to resource
// unavailability, corresponding to the protocol denoted by
// 'cufwPolConnProtocol', in the policy 'cufwPolConnPolicy' applied to the
// entity identified by 'cufwPolConnPolicyTarget'. The type is interface{}
// with range: 0..18446744073709551615. Units are Connections.
CufwPolConnNumResDeclined interface{}
// The number of connections that are currently in the process of being
// established, corresponding to the protocol denoted by
// 'cufwPolConnProtocol', in the policy 'cufwPolConnPolicy' applied to the
// entity identified by 'cufwPolConnPolicyTarget'. The type is interface{}
// with range: 0..4294967295. Units are Connections.
CufwPolConnNumHalfOpen interface{}
// The number of connections that are currently active, corresponding to the
// protocol denoted by 'cufwPolConnProtocol', in the policy
// 'cufwPolConnPolicy' applied to the entity identified by
// 'cufwPolConnPolicyTarget'. The type is interface{} with range:
// 0..4294967295. Units are Connections.
CufwPolConnNumActive interface{}
// The number of connections that were abnormally terminated after successful
// establishment, corresponding to the protocol denoted by
// 'cufwPolConnProtocol', in the policy 'cufwPolConnPolicy' applied to the
// entity identified by 'cufwPolConnPolicyTarget'. The type is interface{}
// with range: 0..18446744073709551615. Units are Connections.
CufwPolConnNumAborted interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry Each entry contains the summary of connection activity for a specific protocol in a specific policy applied to the specified policy target.
func (*CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry) GetEntityData ¶
func (cufwPolicyConnSummaryEntry *CISCOUNIFIEDFIREWALLMIB_CufwPolicyConnSummaryTable_CufwPolicyConnSummaryEntry) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals ¶
type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// URL Filtering Operation _________
// 2.2 Request | | |---------->| Server |
// | | | _________ __|_
// |_________| | |<--(5. Response )---| | 3. Response | |
// | | |<-------------| | Client |---(1. Request
// )--->|FW | |_________| |____|<--------------|
// | 4. URLF Resp ____|______ | | |
// |------------>|URLF Server| 2.1 URLF Req |___________|
// 1) Client sends a Request containing a URL to the Server 2.1) FW
// extracts the URL from the Request and sends it to URL Filtering Server (or
// Verifies the URL locally) 2.2) FW also forwards the original Request from
// the Client to the Server 3) Any Responses from the Server received
// before receiving a response from URLF Server are cached by the FW 4) URLF
// Response indicates whether the URL access should be allowed or denied 5)
// If the URLF Response allows the URL, FW forwards the URL Access responses
// from the Server to the Client 6) If the URLF Response indicates that the
// URL access should be denied, FW drops all the cached URL responses and
// forces the connection between the Client and the Server to be terminated
// Specifically, the object cufwUrlfFunctionEnabled indicates if the URL
// filtering function is enabled. When this MIB object contains the value
// 'false', the firewall device will not perform URL filtering function, even
// if it contains configuration pertaining to other aspects of URL filtering.
// The type is interface{} with range: 0..2.
CufwUrlfFunctionEnabled interface{}
// The number of URL access requests processed by this firewall. This value
// is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are Requests.
CufwUrlfRequestsNumProcessed interface{}
// The number of URL access requests processed per seconds by this firewall
// averaged over the last 60 seconds. The type is interface{} with range:
// 0..4294967295. Units are Requests per second.
CufwUrlfRequestsProcRate1 interface{}
// The number of URL access requests processed per second by this firewall
// averaged over the last 300 seconds. The type is interface{} with range:
// 0..4294967295. Units are Requests per second.
CufwUrlfRequestsProcRate5 interface{}
// The number of URL access requests allowed by this firewall, due to a
// directive from a URL filtering server or a static policy configured on
// the firewall. This value is accumulated from the last reboot of the
// firewall. The type is interface{} with range: 0..18446744073709551615.
// Units are Requests.
CufwUrlfRequestsNumAllowed interface{}
// The number of URL access requests declined by this firewall, due to a
// directive from a URL filtering server, a static policy configured on the
// firewall, due to resource constraints or any other reason. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are Requests.
CufwUrlfRequestsNumDenied interface{}
// The rate at which URL access requests were denied by this firewall, due to
// a directive from a URL filtering server, a static policy configured on
// the firewall, due to resource constraints or any other reason, averaged
// over the last 60 seconds. The type is interface{} with range:
// 0..4294967295. Units are Requests per second.
CufwUrlfRequestsDeniedRate1 interface{}
// The rate at which URL access requests were denied by this firewall, due to
// a directive from a URL filtering server, a static policy configured on
// the firewall, due to resource constraints or any other reason, averaged
// over the last 300 seconds. The type is interface{} with range:
// 0..4294967295. Units are Requests Per Second.
CufwUrlfRequestsDeniedRate5 interface{}
// The number of URL access requests allowed by the firewall because of a
// cached entry holding the result from a previous URL access request that was
// handled either by a URLF Server or exclusive domain configuration. This
// value is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are Requests.
CufwUrlfRequestsNumCacheAllowed interface{}
// The number of URL access requests denied by the firewall because of a
// cached entry holding the result from a previous URL access request that was
// handled either by a URLF Server or exclusive domain configuration. This
// value is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615. Units are Requests.
CufwUrlfRequestsNumCacheDenied interface{}
// The number of URL access requests that were allowed by the firewall when
// the URL filtering server was not available. This value is accumulated from
// the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Requests.
CufwUrlfAllowModeReqNumAllowed interface{}
// The number of URL access requests that were declined by the firewall when
// the URL filtering server was not available. This value is accumulated from
// the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Requests.
CufwUrlfAllowModeReqNumDenied interface{}
// The number of incoming URL access requests that were dropped by the
// firewall because of resource constraints. This value is accumulated from
// the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615. Units are Requests.
CufwUrlfRequestsNumResDropped interface{}
// The rate at which incoming URL access requests were dropped by the
// firewall because of resource constraints, averaged over the last 60
// seconds. The type is interface{} with range: 0..4294967295. Units are
// Requests Per Second.
CufwUrlfRequestsResDropRate1 interface{}
// The rate at which incoming URL access requests were dropped by the
// firewall because of resource constraints, averaged over the last 300
// seconds. The type is interface{} with range: 0..4294967295. Units are
// Requests Per Second.
CufwUrlfRequestsResDropRate5 interface{}
// The number of times the firewall failed to receive a response from the
// configured URL filtering servers for a request to authorize a URL access
// request. This is equal to the number of times a firewall removed a URL
// access request from the queue of pending requests because no response was
// received from the URL filtering server(s). This value is accumulated from
// the last reboot of the firewall. The type is interface{} with range:
// 0..18446744073709551615.
CufwUrlfNumServerTimeouts interface{}
// The number of URL access authorization requests re-sent by the firewall to
// the URL Filtering Servers because a response was not received within the
// configured time interval. This value is accumulated from the last reboot
// of the firewall. The type is interface{} with range:
// 0..18446744073709551615.
CufwUrlfNumServerRetries interface{}
// The number of responses from URL filtering servers which were received
// after the original URL access request was removed from the queue of pending
// requests. This value is accumulated from the last reboot of the firewall.
// The type is interface{} with range: 0..18446744073709551615. Units are
// Responses.
CufwUrlfResponsesNumLate interface{}
// The number of transport packets constituting responses to URL access
// requests that were dropped by the firewall due to resource constraints
// waiting for a response from the filtering server. This value is
// accumulated from the last reboot of the firewall. The type is interface{}
// with range: 0..18446744073709551615. Units are Responses.
CufwUrlfUrlAccRespsNumResDropped interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals
func (*CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals) GetEntityData ¶
func (cufwUrlFilterGlobals *CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterGlobals) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage ¶
type CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// The amount of memory occupied by all the caches used in the firewall to
// cache pending URL access requests. The type is interface{} with range:
// 0..4294967295. Units are KBytes.
CufwUrlfResTotalRequestCacheSize interface{}
// The amount of memory occupied by all the caches used in the firewall to
// cache responses for URL requests received from servers while awaiting a
// response from URL filter server. The type is interface{} with range:
// 0..4294967295. Units are KBytes.
CufwUrlfResTotalRespCacheSize interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage
func (*CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage) GetEntityData ¶
func (cufwUrlFilterResourceUsage *CISCOUNIFIEDFIREWALLMIB_CufwUrlFilterResourceUsage) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable ¶
type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Each entry contains the configuration of a specific URL filtering server.
// The type is slice of
// CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry.
CufwUrlfServerEntry []*CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry
}
CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable This table lists the URL filtering servers configured on the managed device and their performance statistics.
This table is not meant as a device to configure URL filtering servers.
func (*CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable) GetEntityData ¶
func (cufwUrlfServerTable *CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable) GetEntityData() *types.CommonEntityData
type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry ¶
type CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. The type of the IP address of the URL filtering
// server. The type is InetAddressType.
CufwUrlfServerAddrType interface{}
// This attribute is a key. The value of the IP address of the URL filtering
// server. The type is string with length: 0..255.
CufwUrlfServerAddress interface{}
// This attribute is a key. The value of the port at which the URL filtering
// server listens for incoming requests. The type is interface{} with range:
// 0..65535.
CufwUrlfServerPort interface{}
// The vendor type of the URL filtering server. The type is CFWUrlfVendorId.
CufwUrlfServerVendor interface{}
// The status of the URL filtering server corresponding to this conceptual
// row. The type is CFWUrlServerStatus.
CufwUrlfServerStatus interface{}
// The number of URL access requests forwarded by the managed firewall device
// to the URL filtering server corresponding to this conceptual row. This
// value is counted from the last reboot of the managed device. The type is
// interface{} with range: 0..18446744073709551615.
CufwUrlfServerReqsNumProcessed interface{}
// The number of URL access requests allowed by the URL filtering server
// corresponding to this conceptual row. This counter does not include late
// responses. This value is counted from the last reboot of the managed
// device. The type is interface{} with range: 0..18446744073709551615.
CufwUrlfServerReqsNumAllowed interface{}
// The number of URL access requests denied by the URL filtering server
// corresponding to this conceptual row. This counter does not include late
// responses. This value is counted from the last reboot of the managed
// device. The type is interface{} with range: 0..18446744073709551615.
CufwUrlfServerReqsNumDenied interface{}
// The number of times the firewall failed to receive a response from the URL
// filtering server corresponding to this conceptual row, for a request to
// authorize a URL access request. This is equal to the number of times a
// firewall removed a URL access request from the queue of pending requests
// because no response was received from the URL filtering server. This value
// is accumulated from the last reboot of the firewall. The type is
// interface{} with range: 0..18446744073709551615.
CufwUrlfServerNumTimeouts interface{}
// The number of URL access authorization requests re-sent by the firewall to
// the URL Filtering Server corresponding to this conceptual row, because a
// response was not received within the configured time interval from the
// server. This value is counted from the last reboot of the managed device.
// The type is interface{} with range: 0..18446744073709551615.
CufwUrlfServerNumRetries interface{}
// The number of URL access responses received by the firewall from the URL
// filtering server corresponding to this conceptual row. This counter does
// not include late responses. This value is counted from the last reboot of
// the managed device. The type is interface{} with range:
// 0..18446744073709551615.
CufwUrlfServerRespsNumReceived interface{}
// The number of URL access responses received by the managed firewall from
// the URL filtering server corresponding to this conceptual row after the
// original URL access request was removed from the queue of pending
// requests. This value is counted from the last reboot of the managed
// device. The type is interface{} with range: 0..18446744073709551615.
CufwUrlfServerRespsNumLate interface{}
// The average round-trip response time of the URL filtering server computed
// over the last 60 seconds. A value of zero indicates that there was
// insufficient data to compute this value over the last time interval. The
// type is interface{} with range: 0..4294967295. Units are seconds.
CufwUrlfServerAvgRespTime1 interface{}
// The average round-trip response time of the URL filtering server computed
// over the last 300 seconds. A value of zero indicates that there was
// insufficient data to compute this value over the last time interval. The
// type is interface{} with range: 0..4294967295. Units are seconds.
CufwUrlfServerAvgRespTime5 interface{}
}
CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry Each entry contains the configuration of a specific URL filtering server.
func (*CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry) GetEntityData ¶
func (cufwUrlfServerEntry *CISCOUNIFIEDFIREWALLMIB_CufwUrlfServerTable_CufwUrlfServerEntry) GetEntityData() *types.CommonEntityData
Source Files
Click to show internal directories.
Click to hide internal directories.