HM2-FW-MIB: View SNMP OID List / Download MIB

VENDOR: RICHARD HIRSCHMANN


 Home MIB: HM2-FW-MIB
Download as:   
SNMPv2-CONFIF-MIBSNMP-FRAMEWORK-MIBHM2-TC-MIBSNMPv2-SMISNMPv2-TC

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 hm2FwMib 1.3.6.1.4.1.248.11.79
SNMP interface for Hirschmann Firewall modules. Copyright (C)
       hm2FwNotifications 1.3.6.1.4.1.248.11.79.0
           hm2DynFwRuleAppliedTrap 1.3.6.1.4.1.248.11.79.0.1
A rule of the dynamic firewall was applied. The rule is identified by the given rule index of the rule table.
           hm2DynFwRuleAppliedAndLoggedTrap 1.3.6.1.4.1.248.11.79.0.2
A rule of the dynamic firewall was applied and logged according to the current logging mechanism. The rule is identified by the given rule index of the rule table.
           hm2L3RuleAppliedTrap 1.3.6.1.4.1.248.11.79.0.3
A rule of the L3 firewall was applied. The rule is identified by the given rule index of the rule table.
           hm2L3RuleAppliedAndLoggedTrap 1.3.6.1.4.1.248.11.79.0.4
A rule of the L3 firewall was applied and logged according the current logging mechanism. The rule is identified by the given rule index of the rule table.
       hm2FwObjects 1.3.6.1.4.1.248.11.79.1
           hm2FwGeneralSettings 1.3.6.1.4.1.248.11.79.1.1
               hm2DynFwMaxRules 1.3.6.1.4.1.248.11.79.1.1.1 integer32 read-only
Maximum number of allowed rules for dynamic firewalling.
               hm2L3MaxRules 1.3.6.1.4.1.248.11.79.1.1.2 integer32 read-only
Maximum number of allowed rules for L3 firewalling.
               hm2ResetStatistics 1.3.6.1.4.1.248.11.79.1.1.3 hmactionvalue read-write
Setting this value to action(2) will reset the statistics of the whole firewall module. It will be set to noop(1) automatically after reset.
               hm2FlushTables 1.3.6.1.4.1.248.11.79.1.1.4 hmactionvalue read-write
Setting this value to action(2) will flush all connection tracking states. It will be set to noop(1) automatically after table flush.
               hm2DefaultPolicy 1.3.6.1.4.1.248.11.79.1.1.5 integer read-write
The default policy for forwarding packets: o accept(1): Packets matching this rule are accepted and will be forwarded o drop(2): Packets matching this rule will be silently discarded o reject(3): Packets matching this rule will be dropped and the originator gets informed by an ICMP message Enumeration: 'drop': 2, 'accept': 1, 'reject': 3.
               hm2ConnTrackValidateCheckSum 1.3.6.1.4.1.248.11.79.1.1.6 truthvalue read-write
This value describes, whether the Firewall connection tracking in the Linux kernel shall validate the protocol checksums. Disable this validation (false) improves routing throughput.
           hm2DynFw 1.3.6.1.4.1.248.11.79.1.2
               hm2DynFwRuleObjects 1.3.6.1.4.1.248.11.79.1.2.1
                   hm2DynFwRuleCount 1.3.6.1.4.1.248.11.79.1.2.1.1 integer32 read-only
Number of current dynamic firewalls rules
                   hm2DynFwIfMappingRuleCount 1.3.6.1.4.1.248.11.79.1.2.1.2 integer32 read-only
Number of current DynFw IF mapping entries.
                   hm2DynFwRulePendingActions 1.3.6.1.4.1.248.11.79.1.2.1.3 truthvalue read-only
This value describes, whether the DynFW rule table was modified but not yet written to the firewall implementation (set to true). After writing all modifications to the firewall, the value switches automatically back to false.
                   hm2DynFwCommitPendingActions 1.3.6.1.4.1.248.11.79.1.2.1.4 hmactionvalue read-write
Setting this value to action(2) writes not yet committed changes to the firewall (DynFW and Interface Mapping Table). After writing all modifications, the value switches automatically back to noop(1).
               hm2DynFwRuleTables 1.3.6.1.4.1.248.11.79.1.2.2
                   hm2DynFwRuleTable 1.3.6.1.4.1.248.11.79.1.2.2.1 no-access
The list of rules for this dynamic firewall
                       hm2DynFwRuleEntry 1.3.6.1.4.1.248.11.79.1.2.2.1.1 no-access
Dynamic firewall rule entry.
                           hm2DynFwRuleIndex 1.3.6.1.4.1.248.11.79.1.2.2.1.1.1 integer32 no-access
Rule index of this dynamic firewall rule
                           hm2DynFwSourceAddress 1.3.6.1.4.1.248.11.79.1.2.2.1.1.2 displaystring read-only
The source address of the packet to filter. Allowed formats are: - keyword 'any' - single address ('10.0.0.1') - CIDR address range ('10.0.0.0/8') - netobject ('$name')
                           hm2DynFwSourcePort 1.3.6.1.4.1.248.11.79.1.2.2.1.1.3 displaystring read-only
The source port of the packet to filter. Allowed formats are: - keyword 'any' - single port ('10') - port range with first and last port separated by hyphen ('10-15') - comma separated list of ports ('1235,25,123') - combination of the points above ('10,25-30,125,1993') The number of named ports (1 for each individual port, 2 for port ranges) must not exceed 15.
                           hm2DynFwTargetAddress 1.3.6.1.4.1.248.11.79.1.2.2.1.1.4 displaystring read-only
The destination address of the packet to filter. Allowed formats are: - keyword 'any' - single address ('10.0.0.1') - CIDR address range ('10.0.0.0/8') - netobject ('$name')
                           hm2DynFwTargetPort 1.3.6.1.4.1.248.11.79.1.2.2.1.1.5 displaystring read-only
The destination port of the packet to filter. Allowed formats are: - keyword 'any' - single port ('10') - port range with first and last port separated by hyphen ('10-15') - comma separated list of ports ('1235,25,123') - combination of the points above ('10,25-30,125,1993') The number of named ports (1 for each individual port, 2 for port ranges) must not exceed 15.
                           hm2DynFwProto 1.3.6.1.4.1.248.11.79.1.2.2.1.1.6 integer read-only
The IP protocol (RFC 791) for protocol-independent filtering. The following values are currently supported: o icmp(1): internet control message protocol (RFC 792) o igmp(2): internet group management protocol o ipip(3): IP in IP tunnelling (RFC 1853) o tcp(4): transmission control protocol (RFC 793) o udp(5): user datagram protocol (RFC 768) o esp(6): IPsec encapsulated security payload (RFC 2406) o ah(7): IPsec authentication header (RFC 2402) o icmpv6(8): internet control message protocol for IPv6 o any(9): apply to all protocols Enumeration: 'udp': 5, 'esp': 6, 'ah': 7, 'ipip': 3, 'tcp': 4, 'icmpv6': 8, 'icmp': 1, 'any': 9, 'igmp': 2.
                           hm2DynFwRuleParams 1.3.6.1.4.1.248.11.79.1.2.2.1.1.7 displaystring read-only
Additional parameters to this rule as string. A parameter has the syntax: = Parameters are separated by a comma. If more than one value is given for a parameter, values are separated by a |-sign Following paramters are defined based on the different protocols: o icmp: type= (specify ICMP type to filter) code= (specify ICMP code to filter) o tcp: frag= (apply to fragments) flags= (apply to packets with give flags o udp/tcp: state= (apply to packets according current state of connection> o general: mac= (specify source MAC address for this rule)
                           hm2DynFwAction 1.3.6.1.4.1.248.11.79.1.2.2.1.1.8 integer read-only
The action of the corresponding rule: o accept(1): Packets matching this rule are accepted and will be forwarded o drop(2): Packets matching this rule will be silently discarded o reject(3): Packets matching this rule will be dropped and the originator gets informed by an ICMP message Enumeration: 'drop': 2, 'accept': 1, 'reject': 3.
                           hm2DynFwLog 1.3.6.1.4.1.248.11.79.1.2.2.1.1.9 truthvalue read-only
Set to true if application of this rule shall be logged
                           hm2DynFwTrap 1.3.6.1.4.1.248.11.79.1.2.2.1.1.10 truthvalue read-only
Set to true if application of this rule shall send a trap.
                           hm2DynFwRowStatus 1.3.6.1.4.1.248.11.79.1.2.2.1.1.11 rowstatus read-only
This is a standard row status value: - active(1): The rule is active. Note that until committed, the rule will not be applied. - notInService(2): The rule is inactive because of user action. - notReady(3): The rule is inactive because of agent action. - createAndGo(4): Create the rule with default parameters activated. - createAndWait(5): Create the rule inactive. - destroy(6): Delete the rule. You cannot delete a rule with interface mappings to it.
                           hm2DynFwDescription 1.3.6.1.4.1.248.11.79.1.2.2.1.1.12 displaystring read-only
User defined textual description related to this rule.
                   hm2DynFwRuleIfMappingTable 1.3.6.1.4.1.248.11.79.1.2.2.2 no-access
Table for mapping L3 rules to interfaces
                       hm2DynFwRuleIfMappingEntry 1.3.6.1.4.1.248.11.79.1.2.2.2.1 no-access
Entry in rule interface mapping table
                           hm2DynFwIfmRuleIndex 1.3.6.1.4.1.248.11.79.1.2.2.2.1.1 integer32 no-access
The index of the DynFw rule this mapping entry is assigned to. The DynFw rule must exist before creation of mapping entry.
                           hm2DynFwIfmDirection 1.3.6.1.4.1.248.11.79.1.2.2.2.1.2 integer no-access
Meanings: - ingress(1): Apply this rule to packets arriving on this interface - egress(2): Apply this rule to packets leaving from this interface - both(3): Apply this rule to packets coming in and going out on this interface. If an ingress and an egress interface are given, this is taken to mean that the rule shall apply to packets arriving on the ingress interface AND to be leaving on the egress interface. A rule without ingress interface matches on all packets going out to the egress interface given, and vice versa. Enumeration: 'both': 3, 'ingress': 1, 'egress': 2.
                           hm2DynFwIfmPriority 1.3.6.1.4.1.248.11.79.1.2.2.2.1.3 unsigned32 read-only
The priority is the sorting key for rules in to this interface. They don't need to be unique, but no clear order can be assumed among rules with the same priority. Priorities are processed in ascending order (0 highest priority).
                           hm2DynFwIfmInterface 1.3.6.1.4.1.248.11.79.1.2.2.2.1.4 interfaceindex no-access
The interface this mapping entry is applied to. This has to be either an hm2AgentSwitchIpInterfaceIfIndex or an hm2AgentSwitchIpVlanIfIndex. Note that for physical interfaces this only works if the corresponding hm2AgentSwitchIpInterfaceRoutingMode is set to enable.
                           hm2DynFwIfmRowStatus 1.3.6.1.4.1.248.11.79.1.2.2.2.1.5 rowstatus read-only
The RowStatus value for this entry with the usual meanings: - active(1): The interface mapping is in place - notInService(2): The interface mapping is not in place because the user said so - notReady(3): The interface mapping is not in place because the agent said so - createAndGo(4): Create this mapping with the default priority and activate it. - createAndWait(5): Create this mapping deactivated. - destroy(6): Destroy this interface mapping.
               hm2DynFwStats 1.3.6.1.4.1.248.11.79.1.2.4
                   hm2DynFwGeneralStats 1.3.6.1.4.1.248.11.79.1.2.4.1
                       hm2DynFwStatsTtPck 1.3.6.1.4.1.248.11.79.1.2.4.1.1 counter64 read-only
Total number of packets processed by the dynamic firewall
                       hm2DynFwStatsTtPckSize 1.3.6.1.4.1.248.11.79.1.2.4.1.2 counter64 read-only
Total number of bytes processed by the dynamic firewall
                       hm2DynFwStatsTtPckDenDrop 1.3.6.1.4.1.248.11.79.1.2.4.1.3 counter64 read-only
Total number of packets dropped or denied by the dynamic firewall
                       hm2DynFwStatsTtPckAccepted 1.3.6.1.4.1.248.11.79.1.2.4.1.4 counter64 read-only
Total number of packets accepted by the dynamic firewall
                   hm2DynFwStatsTables 1.3.6.1.4.1.248.11.79.1.2.4.2
                       hm2DynFwStatsRuleTable 1.3.6.1.4.1.248.11.79.1.2.4.2.1 no-access
Table of per-rule statistics of the dynamic firewall
                           hm2DynFwStatsRuleEntry 1.3.6.1.4.1.248.11.79.1.2.4.2.1.1 no-access
Statistics table entry for the dynamic firewall
                               hm2DynFwStatsPacketCount 1.3.6.1.4.1.248.11.79.1.2.4.2.1.1.1 counter64 read-only
Number of packets matched by this rule
                               hm2DynFwStatsPacketSize 1.3.6.1.4.1.248.11.79.1.2.4.2.1.1.2 counter64 read-only
Number of bytes processed by this rule
                               hm2DynFwStatsLastApplied 1.3.6.1.4.1.248.11.79.1.2.4.2.1.1.3 hmtimeseconds1970 read-only
Local system time (hm2SystemLocalTime) when the rule was applied the last time
           hm2L3Fw 1.3.6.1.4.1.248.11.79.1.3
               hm2L3RuleObjects 1.3.6.1.4.1.248.11.79.1.3.1
                   hm2L3RuleCount 1.3.6.1.4.1.248.11.79.1.3.1.1 integer32 read-only
Number of current L3 rules
                   hm2L3IfMappingRuleCount 1.3.6.1.4.1.248.11.79.1.3.1.2 integer32 read-only
Number of current L3 IF mapping entries.
                   hm2L3RulePendingActions 1.3.6.1.4.1.248.11.79.1.3.1.3 truthvalue read-only
This value describes, whether the L3 rule table was modified but not yet written to the firewall implementation (set to true). After writing all modifications to the firewall, the value switches automatically back to false.
                   hm2L3CommitPendingActions 1.3.6.1.4.1.248.11.79.1.3.1.4 hmactionvalue read-write
Setting this value to action(2) writes not yet committed changes to the firewall (L3 and Interface Mapping Table). After writing all modifications, the value switches automatically back to noop(1).
               hm2L3RuleTables 1.3.6.1.4.1.248.11.79.1.3.2
                   hm2L3RuleTable 1.3.6.1.4.1.248.11.79.1.3.2.1 no-access
The list of L3 rules for this firewall
                       hm2L3RuleEntry 1.3.6.1.4.1.248.11.79.1.3.2.1.1 no-access
L3 rule entry.
                           hm2L3RuleIndex 1.3.6.1.4.1.248.11.79.1.3.2.1.1.1 integer32 no-access
Rule index of this L3 rule
                           hm2L3SourceAddress 1.3.6.1.4.1.248.11.79.1.3.2.1.1.2 displaystring read-only
The source address of the packet to filter. Allowed formats are: - keyword 'any' - single address ('10.0.0.1') - CIDR address range ('10.0.0.0/8') - netobject ('$name') - a prepending '!' selects the complement set
                           hm2L3SourcePort 1.3.6.1.4.1.248.11.79.1.3.2.1.1.3 displaystring read-only
The source port of the packet to reroute. Allowed formats are: - keyword 'any' - single port ('10') - port range with first and last port separated by hyphen ('10-15') - comma separated list of ports ('1235,25,123') - combination of the points above ('10,25-30,125,1993') The number of named ports (1 for each individual port, 2 for port ranges) must not exceed 15.
                           hm2L3TargetAddress 1.3.6.1.4.1.248.11.79.1.3.2.1.1.4 displaystring read-only
The destination address of the packet to filter. Allowed formats are: - keyword 'any' - single address ('10.0.0.1') - CIDR address range ('10.0.0.0/8') - netobject ('$name')
                           hm2L3TargetPort 1.3.6.1.4.1.248.11.79.1.3.2.1.1.5 displaystring read-only
The destination port of the packet to. Allowed formats are: - keyword 'any' - single port ('10') - port range with first and last port separated by hyphen ('10-15') - comma separated list of ports ('1235,25,123') - combination of the points above ('10,25-30,125,1993') The number of named ports (1 for each individual port, 2 for port ranges) must not exceed 15.
                           hm2L3Proto 1.3.6.1.4.1.248.11.79.1.3.2.1.1.6 integer read-only
The IP protocol (RFC 791) for protocol-independent filtering. The following values are currently supported: o icmp(1): internet control message protocol (RFC 792) o igmp(2): internet group management protocol o ipip(3): IP in IP tunnelling (RFC 1853) o tcp(4): transmission control protocol (RFC 793) o udp(5): user datagram protocol (RFC 768) o esp(6): IPsec encapsulated security payload (RFC 2406) o ah(7): IPsec authentication header (RFC 2402) o icmpv6(8): internet control message protocol for IPv6 o any(9): apply to all protocols Enumeration: 'udp': 5, 'esp': 6, 'ah': 7, 'ipip': 3, 'tcp': 4, 'icmpv6': 8, 'icmp': 1, 'any': 9, 'igmp': 2.
                           hm2L3RuleParams 1.3.6.1.4.1.248.11.79.1.3.2.1.1.7 displaystring read-only
Additional parameters to this rule as string. A parameter has the syntax: = Parameters are separated by a comma. If more than one value is given for a parameter, values are separated by a |-sign (pipe). Following parameters are defined based on the different protocols: o icmp: type= (specify ICMP type to filter) code= (specify ICMP code to filter) o tcp: flags= (apply to packets with given flags) o general: state= (apply to packets according to current state of connection>) mac= (specify source MAC address for this rule) frag= (apply to fragments)
                           hm2L3Action 1.3.6.1.4.1.248.11.79.1.3.2.1.1.8 integer read-only
The action of the corresponding rule: o accept(1): Packets matching this rule are accepted and will be forwarded o drop(2): Packets matching this rule will be silently discarded o reject(3): Packets matching this rule will be dropped and the originator gets informed by an ICMP message o enforce-modbus(4): Packets matching this rule are enforced by modbus enforcer and will be forwarded or discarded. The selected protocol should be tcp or udp o enforce-opc(5): Packets matching this rule are enforced by opc enforcer and will be forwarded or discarded. The selected protocol should be tcp Enumeration: 'drop': 2, 'enforce-opc': 5, 'enforce-modbus': 4, 'accept': 1, 'reject': 3.
                           hm2L3Log 1.3.6.1.4.1.248.11.79.1.3.2.1.1.9 truthvalue read-only
Set to true if application of this rule shall be logged
                           hm2L3Trap 1.3.6.1.4.1.248.11.79.1.3.2.1.1.10 truthvalue read-only
Set to true if application of this rule shall send a trap.
                           hm2L3RowStatus 1.3.6.1.4.1.248.11.79.1.3.2.1.1.11 rowstatus read-only
This is a standard row status value: - active(1): The rule is active. Note that until committed, the rule will not be applied. You cannot activate the rule if an enforcer mappings to an inactive profile. - notInService(2): The rule is inactive because of user action. - notReady(3): The rule is inactive because of agent action. - createAndGo(4): Create the rule with default parameters activated. - createAndWait(5): Create the rule inactive. - destroy(6): Delete the rule. You cannot delete a rule with interface mappings to it.
                           hm2L3Description 1.3.6.1.4.1.248.11.79.1.3.2.1.1.12 displaystring read-only
User defined textual description related to this rule.
                           hm2DPIProfileIndex 1.3.6.1.4.1.248.11.79.1.3.2.1.1.13 integer32 read-only
The index of the DPI profile this rule is assigned to depending on enforcer action. Value 0 no DPI profile this rule is assigned to. You cannot assign the rule to an inactive profile if an active enforcer will mapping to it.
                   hm2L3RuleIfMappingTable 1.3.6.1.4.1.248.11.79.1.3.2.2 no-access
Table for mapping L3 rules to interfaces
                       hm2L3RuleIfMappingEntry 1.3.6.1.4.1.248.11.79.1.3.2.2.1 no-access
Entry in rule interface mapping table
                           hm2L3IfmRuleIndex 1.3.6.1.4.1.248.11.79.1.3.2.2.1.1 integer32 no-access
The index of the L3 rule this mapping entry is assigned to. The rule must exist before the mapping entry can be created.
                           hm2L3IfmDirection 1.3.6.1.4.1.248.11.79.1.3.2.2.1.2 integer no-access
Meanings: - ingress(1): Apply this rule to packets arriving on this interface - egress(2): Apply this rule to packets leaving from this interface - both(3): Apply this rule to packets coming in and going out on this interface. If an ingress and an egress interface are given, this is taken to mean that the rule shall apply to packets arriving on the ingress interface AND to-be leaving on the egress interface. A rule without ingress interface matches on all packets going out to the egress interface given, and vice versa. Enumeration: 'both': 3, 'ingress': 1, 'egress': 2.
                           hm2L3IfmPriority 1.3.6.1.4.1.248.11.79.1.3.2.2.1.3 unsigned32 read-only
The priority is the sorting key for rules in to this interface. They don't need to be unique, but no clear order can be assumed among rules with the same priority. Priorities are processed in ascending order (0 highest priority.
                           hm2L3IfmInterface 1.3.6.1.4.1.248.11.79.1.3.2.2.1.4 interfaceindex no-access
The interface this mapping entry is assigned to. This has to be either an hm2AgentSwitchIpInterfaceIfIndex or an hm2AgentSwitchIpVlanIfIndex. Note that for physical interfaces this only works if the corresponding hm2AgentSwitchIpInterfaceRoutingMode is set to enable.
                           hm2L3IfmRowStatus 1.3.6.1.4.1.248.11.79.1.3.2.2.1.5 rowstatus read-only
The RowStatus value for this entry with the usual meanings: - active(1): The interface mapping is in place - notInService(2): The interface mapping is not in place because the user said so - notReady(3): The interface mapping is not in place because the agent said so - createAndGo(4): Create this mapping with the default priority and activate it. - createAndWait(5): Create this mapping deactivated. - destroy(6): Destroy this interface mapping.
               hm2L3Stats 1.3.6.1.4.1.248.11.79.1.3.4
                   hm2L3GeneralStats 1.3.6.1.4.1.248.11.79.1.3.4.1
                       hm2L3StatsTotalPck 1.3.6.1.4.1.248.11.79.1.3.4.1.1 counter64 read-only
Total number of packets processed by the L3 firewall
                       hm2L3StatsTotalPckSize 1.3.6.1.4.1.248.11.79.1.3.4.1.2 counter64 read-only
Total number of bytes processed by the L3 firewall
                       hm2L3StatsTotalPckDenDrop 1.3.6.1.4.1.248.11.79.1.3.4.1.3 counter64 read-only
Total number of packets dropped or denied by the L3 firewall
                       hm2L3StatsTotalPckAccepted 1.3.6.1.4.1.248.11.79.1.3.4.1.4 counter64 read-only
Total number of packets accepted by the L3 firewall
                   hm2L3StatsTables 1.3.6.1.4.1.248.11.79.1.3.4.2
                       hm2L3StatsRuleTable 1.3.6.1.4.1.248.11.79.1.3.4.2.1 no-access
Table of per-rule statistics of the L3 firewall
                           hm2L3StatsRuleEntry 1.3.6.1.4.1.248.11.79.1.3.4.2.1.1 no-access
Statistics table entry for the L3 firewall
                               hm2L3StatsPacketCount 1.3.6.1.4.1.248.11.79.1.3.4.2.1.1.1 counter64 read-only
Number of packets matched by this rule
                               hm2L3StatsPacketSize 1.3.6.1.4.1.248.11.79.1.3.4.2.1.1.2 counter64 read-only
Number of bytes processed by this rule
                               hm2L3StatsLastApplied 1.3.6.1.4.1.248.11.79.1.3.4.2.1.1.3 hmtimeseconds1970 read-only
Time of last application of the rule in seconds since the Unix epoch.
               hm2DPIProfileModbusObjects 1.3.6.1.4.1.248.11.79.1.3.11
                     hm2DPIProfileModbusPendingActions 1.3.6.1.4.1.248.11.79.1.3.11.1 truthvalue read-only
This value describes, whether the DPI MODBUS profile table was modified but not yet written to the enforcer implementation (set to true). After writing all modifications to the enforcer, the value switches automatically back to false.
                     hm2DPIProfileModbusCommitPendingActions 1.3.6.1.4.1.248.11.79.1.3.11.2 hmactionvalue read-write
Setting this value to action(2) writes not yet committed changes to the enforcer (DPI MODBUS Profile Table). After writing all modifications, the value switches automatically back to noop(1).
               hm2DPIProfileOpcObjects 1.3.6.1.4.1.248.11.79.1.3.12
                     hm2DPIProfileOpcPendingActions 1.3.6.1.4.1.248.11.79.1.3.12.1 truthvalue read-only
This value describes, whether the L3 OPC profile table was modified but not yet written to the enforcer implementation (set to true). After writing all modifications to the enforcer, the value switches automatically back to false.
                     hm2DPIProfileOpcCommitPendingActions 1.3.6.1.4.1.248.11.79.1.3.12.2 hmactionvalue read-write
Setting this value to action(2) writes not yet committed changes to the enforcer (DPI OPC Profile Table). After writing all modifications, the value switches automatically back to noop(1).
               hm2DPIProfileTables 1.3.6.1.4.1.248.11.79.1.3.21
                     hm2DPIProfileModbusTable 1.3.6.1.4.1.248.11.79.1.3.21.1 no-access
The list of DPI MODBUS profiles for this enforcer
                         hm2DPIProfileModbusEntry 1.3.6.1.4.1.248.11.79.1.3.21.1.1 no-access
DPI MODBUS profile entry.
                             hm2DPIProfileModbusIndex 1.3.6.1.4.1.248.11.79.1.3.21.1.1.1 integer32 no-access
Profile index of this DPI MODBUS profile
                             hm2DPIProfileModbusDescription 1.3.6.1.4.1.248.11.79.1.3.21.1.1.2 displaystring read-only
User defined textual description related to this profile.
                             hm2DPIProfileModbusFunctionType 1.3.6.1.4.1.248.11.79.1.3.21.1.1.3 integer read-only
The function types of the corresponding function codes: o readonly(1): Selects read only function codes for the function code list. o readwrite(2): Selects read write function codes for the function code list. o programming(3): Selects programming function codes for the function code list. o all(4): Selects all possible function codes for the function code list. Any function code will be allowed. o advanced(5): Keeps the function code list from the previous selection and makes it editable by the user. Enumeration: 'readwrite': 2, 'readonly': 1, 'programming': 3, 'all': 4, 'advanced': 5.
                             hm2DPIProfileModbusFunctionCodeList 1.3.6.1.4.1.248.11.79.1.3.21.1.1.4 displaystring read-only
The function codes for this enforcer as string. A function code has the syntax: Function codes are separated by a comma. If more than one value is given for a function code, values are separated by a | -sign (pipe). Following function codes are defined: <1..255>|<0-65535>|<0-65535> (apply to packets with given function codes <1..255>, address range <0-65535>, address range <0-65535>) 1|<0-65535> (apply to packets with given function code read coils, coil address range <0-65535>) 2|<0-65535> (apply to packets with given function code read discrete inputs, input address range <0-65535>) 3|<0-65535> (apply to packets with given function code read holding registers, register address range <0-65535>) 4|<0-65535> (apply to packets with given function code read input registers, register address range <0-65535>) 5|<0-65535> (apply to packets with given function code write single coil, coil address range <0-65535>) 6|<0-65535> (apply to packets with given function code write single register, register address range <0-65535>) 7 (apply to packets with given function code read exception status) 8 (apply to packets with given function code diagnostic) 11 (apply to packets with given function code get com event counter) 12 (apply to packets with given function code get comm event log) 13 (apply to packets with given function code program (584/984)) 14 (apply to packets with given function code poll (584/984)) 15|<0-65535> (apply to packets with given function code write multiple coils, coil address range <0-65535>) 16|<0-65535> (apply to packets with given function code write multiple registers, register address range <0-65535>) 17 (apply to packets with given function code report slave id) 20 (apply to packets with given function code read file record) 21 (apply to packets with given function code write file record) 22|<0-65535> (apply to packets with given function code mask write register, register address range <0-65535>) 23|<0-65535>|<0-65535> (apply to packets with given function code read/write multiple registers, read address range <0-65535>, write address range <0-65535>) 24|<0-65535> (apply to packets with given function code read fifo queue, pointer address range <0-65535>) 40 (apply to packets with given function code program (concept)) 42 (apply to packets with given function code concept symbol table) 43 (apply to packets with given function code encapsulated interface transport) 48 (apply to packets with given function code advantech co. ltd. - management functions) 66 (apply to packets with given function code scan data inc. - expanded read holding registers) 67 (apply to packets with given function code scan data inc. - expanded write holding registers) 90 (apply to packets with given function code unity programming/ofs) 100 (apply to packets with given function code scattered register read) 125 (apply to packets with given function code schneider electric - firmware replacement) 126 (apply to packets with given function code schneider electric - program)
                             hm2DPIProfileModbusUnitIdentifierList 1.3.6.1.4.1.248.11.79.1.3.21.1.1.5 displaystring read-only
Unit identifiers for this enforcer as string. A unit identifier has the syntax: To specify no options, the value 'none' must be given. Unit identifiers are separated by a comma. Following unit identifiers are defined: <0..255> (apply to packets for which a unit identifier is set)
                             hm2DPIProfileModbusSanityCheck 1.3.6.1.4.1.248.11.79.1.3.21.1.1.6 truthvalue read-only
Set to true if apply to packets for which a sanity check including format and specification shall be done
                             hm2DPIProfileModbusException 1.3.6.1.4.1.248.11.79.1.3.21.1.1.7 truthvalue read-only
Set to true if apply to packets for which a device exception message shall be sent
                             hm2DPIProfileModbusReset 1.3.6.1.4.1.248.11.79.1.3.21.1.1.8 truthvalue read-only
Set to true if apply to packets for which a reset connection message shall be sent
                             hm2DPIProfileModbusRowStatus 1.3.6.1.4.1.248.11.79.1.3.21.1.1.9 rowstatus read-only
This is a standard row status value: - active(1): The profile is active. You cannot modify it. - notInService(2): The profile is inactive because of user action. You cannot inactivate the profile if an active enforcer mappings to it. - notReady(3): The profile is inactive because of agent action. - createAndGo(4): Create the profile with default parameters activated. - createAndWait(5): Create the profile inactive. - destroy(6): Delete the profile. You cannot delete the active profile or if an enforcer mappings to it.
                     hm2DPIProfileOpcTable 1.3.6.1.4.1.248.11.79.1.3.21.2 no-access
The list of DPI OPC profiles for this enforcer
                         hm2DPIProfileOpcEntry 1.3.6.1.4.1.248.11.79.1.3.21.2.1 no-access
DPI OPC profile entry.
                             hm2DPIProfileOpcIndex 1.3.6.1.4.1.248.11.79.1.3.21.2.1.1 integer32 no-access
Profile index of this DPI OPC profile
                             hm2DPIProfileOpcDescription 1.3.6.1.4.1.248.11.79.1.3.21.2.1.2 displaystring read-only
User defined textual description related to this profile.
                             hm2DPIProfileOpcSanityCheck 1.3.6.1.4.1.248.11.79.1.3.21.2.1.3 truthvalue read-only
Set to true if apply to packets for which a sanity check including format and specification shall be done
                             hm2DPIProfileOpcFragmentCheck 1.3.6.1.4.1.248.11.79.1.3.21.2.1.4 truthvalue read-only
Set to true if apply to packets for which a fragment check shall be done
                             hm2DPIProfileOpcTimeoutConnect 1.3.6.1.4.1.248.11.79.1.3.21.2.1.5 unsigned32 read-only
Set to nonzero if apply to packets for which a timeout at connect in seconds shall be done. Value 0 disables this match criteria.
                             hm2DPIProfileOpcRowStatus 1.3.6.1.4.1.248.11.79.1.3.21.2.1.6 rowstatus read-only
This is a standard row status value: - active(1): The profile is active. You cannot modify it. - notInService(2): The profile is inactive because of user action. You cannot inactivate the profile if an active enforcer mappings to it. - notReady(3): The profile is inactive because of agent action. - createAndGo(4): Create the profile with default parameters activated. - createAndWait(5): Create the profile inactive. - destroy(6): Delete the profile. You cannot delete the active profile or if an enforcer mappings to it.
           hm2FwLearningMode 1.3.6.1.4.1.248.11.79.1.4
               hm2FLMObjects 1.3.6.1.4.1.248.11.79.1.4.1
                   hm2FLMAdminState 1.3.6.1.4.1.248.11.79.1.4.1.1 hmenabledstatus read-write
Enable or disable the Firewall Learning Mode.
                   hm2FLMAction 1.3.6.1.4.1.248.11.79.1.4.1.2 integer read-write
Actions to control the Firewall Learning Mode. Enumeration: 'start': 2, 'none': 1, 'continue': 4, 'stop': 3, 'clear': 5.
                   hm2FLMAppState 1.3.6.1.4.1.248.11.79.1.4.1.3 integer read-only
State of running FLM Application. Enumeration: 'stopped-data-notpresent': 2, 'pending': 5, 'off': 1, 'stopped-data-present': 3, 'learning': 4.
                   hm2FLMAppInfoEnum 1.3.6.1.4.1.248.11.79.1.4.1.4 integer read-only
Memory status of FLM Application. Enumeration: 'low-memory': 3, 'none': 1, 'out-of-memory': 4, 'connection-drop': 5, 'normal': 2.
                   hm2FLMAppInfoString 1.3.6.1.4.1.248.11.79.1.4.1.5 snmpadminstring read-only
Special status message.
                   hm2FLML3Entries 1.3.6.1.4.1.248.11.79.1.4.1.6 unsigned32 read-only
Number of Layer 3 entries in the connection table.
                   hm2FLMFreeMem 1.3.6.1.4.1.248.11.79.1.4.1.7 unsigned32 read-only
Free memory(%) for learning data.
                   hm2FLMMaxEntries 1.3.6.1.4.1.248.11.79.1.4.1.8 unsigned32 read-only
Number of maximum interface entries that can be selected.
               hm2FLMTables 1.3.6.1.4.1.248.11.79.1.4.2
                   hm2FLMInterfaceTable 1.3.6.1.4.1.248.11.79.1.4.2.1 no-access
The list of interfaces selected for Firewall Learning Mode.
                       hm2FLMInterfaceEntry 1.3.6.1.4.1.248.11.79.1.4.2.1.1 no-access
Interface selected for Firewall Learning Mode.
                           hm2FLMInterfaceIndex 1.3.6.1.4.1.248.11.79.1.4.2.1.1.1 interfaceindex read-write
Interface index of the entry.
                           hm2FLMInterfaceRowStatus 1.3.6.1.4.1.248.11.79.1.4.2.1.1.2 rowstatus read-only
This is a standard row status value: - active(1): The interface is active. - notInService(2): The interface is inactive because routing was disabled. - notReady(3): The interface is inactive because of agent action. - createAndGo(4): Create the interface with default parameters activated. - createAndWait(5): Create the interface inactive. - destroy(6): Delete the interface.
       hm2FwConformance 1.3.6.1.4.1.248.11.79.2
           hm2FwCompliances 1.3.6.1.4.1.248.11.79.2.1
               hm2FwCompliance 1.3.6.1.4.1.248.11.79.2.1.1
The compliance statement for an SNMP entity which implements the Hirschmann firewall MIB.
           hm2FwGroups 1.3.6.1.4.1.248.11.79.2.2
               hm2FwGeneralGroup 1.3.6.1.4.1.248.11.79.2.2.1
A collection of all Hirschmann objects provided by the firewall module.
               hm2FwNotificationsGroup 1.3.6.1.4.1.248.11.79.2.2.2
A collection of all Hirschmann notifications provided by the firewall module.