ENTERASYS-NAT-MIB DEFINITIONS ::= BEGIN

--  enterasys-nat-mib.txt
--
--  Part Number:
--
--
--  This module provides authoritative definitions for Enterasys
--  Networks NAT functionality.
--
--  This module will be extended, as needed.

--  Enterasys Networks reserves the right to make changes in this
--  specification and other information contained in this document
--  without prior notice.  The reader should consult Enterasys Networks
--  to determine whether any such changes have been made.
--
--  In no event shall Enterasys Networks be liable for any incidental,
--  indirect, special, or consequential damages whatsoever (including
--  but not limited to lost profits) arising out of or related to this
--  document or the information contained in it, even if Enterasys
--  Networks has been advised of, known, or should have known, the
--  possibility of such damages.
--
--  Enterasys Networks grants vendors, end-users, and other interested
--  parties a non-exclusive license to use this Specification in
--  connection with the management of Enterasys Networks products.

--  Copyright May, 2010 Enterasys Networks, Inc.

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE
        FROM SNMPv2-SMI
    Unsigned32, Gauge32, Counter32, Integer32
        FROM SNMPv2-SMI
    MODULE-COMPLIANCE, OBJECT-GROUP
        FROM SNMPv2-CONF
    RowStatus, TruthValue, DateAndTime
        FROM SNMPv2-TC
    InetVersion, InetAddressType, InetAddress, InetPortNumber,
    InetAddressPrefixLength
        FROM INET-ADDRESS-MIB
    InterfaceIndexOrZero
        FROM IF-MIB
    etsysModules
        FROM ENTERASYS-MIB-NAMES
    SnmpAdminString 
         FROM SNMP-FRAMEWORK-MIB;

etsysNatMIB MODULE-IDENTITY
    LAST-UPDATED "201006021153Z"  -- Wed Jun  2 11:53 UTC 2010
    ORGANIZATION "Enterasys Networks, Inc"
    CONTACT-INFO
        "Postal:  Enterasys Networks
                  50 Minuteman Rd.
                  Andover, MA 01810-1008
                  USA
         Phone:   +1 978 684 1000
         E-mail:  support@enterasys.com
         WWW:     http://www.enterasys.com"
    DESCRIPTION
        "The Enterasys Networks Proprietary MIB module for entities 
         implementing NAT."

    REVISION    "201006021153Z"  -- Wed Jun  2 11:53 UTC 2010

    DESCRIPTION "Initial version"

    ::= { etsysModules 75 }

-- -------------------------------------------------------------
-- NAT Extension MIB Groups
-- -------------------------------------------------------------

  etsysNatGlobal       
                        OBJECT IDENTIFIER ::= { etsysNatMIB 1 }
  etsysNatGlobalStats  
                        OBJECT IDENTIFIER ::= { etsysNatGlobal 1 }
  etsysNatGlobalIpv4Config   
                        OBJECT IDENTIFIER ::= { etsysNatGlobal 2 }

  etsysNatTables       
                        OBJECT IDENTIFIER ::= { etsysNatMIB 2 }
  etsysNatConformance  
                        OBJECT IDENTIFIER ::= { etsysNatMIB 3 }

-- -------------------------------------------------------------
-- NAT Global Statistics Branch
-- -------------------------------------------------------------
etsysNatStatsPoolsUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of NAT Pools currently 
         configured."
    ::= { etsysNatGlobalStats 1 }

etsysNatStatsListRulesUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of NAT List Rules currently
         configured."
    ::= { etsysNatGlobalStats 2 }
    
etsysNatStatsStaticRulesUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of NAT Static Rules currently
         configured."
    ::= { etsysNatGlobalStats 3 }

etsysNatStatsAddressUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of NAT IP Addresses currently
         configured."
    ::= { etsysNatGlobalStats 4 }
    
etsysNatStatsPortMapsUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of NAT Port Maps currently
         configured."
    ::= { etsysNatGlobalStats 5 }
    
etsysNatStatsBindingsCurrent OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the current number of active NAT 
         bindings."
    ::= { etsysNatGlobalStats 6 }

etsysNatStatsBindingsHigh OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the highest number of NAT bindings active
         at one time."
    ::= { etsysNatGlobalStats 7 }

etsysNatStatsBindingsDeleted OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the total number of NAT bindings that 
         have been deleted."
    ::= { etsysNatGlobalStats 8 }

etsysNatStatsBindingsTotal OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the total number of NAT bindings 
         created."
    ::= { etsysNatGlobalStats 9 }

etsysNatStatsBindingsExhausted OBJECT-TYPE
    SYNTAX       Counter32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of times a request to create
         a NAT binding failed because there were no available free 
         entries."
    ::= { etsysNatGlobalStats 10 }

etsysNatStatsBindingsMaxReached OBJECT-TYPE
    SYNTAX       Counter32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of times a request to create 
         a NAT binding failed because the maximum number of bindings 
         specified in etsysNatConfigMaxEntries allowed has been reached."
    ::= { etsysNatGlobalStats 11 }

etsysNatStatsBindingsNoIpAddr OBJECT-TYPE
    SYNTAX       Counter32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of times a request to create 
         a NAT binding failed because there were no available configured
         IP addresses to establish a binding."
    ::= { etsysNatGlobalStats 12 }

etsysNatStatsBindingsNoPortmapPort OBJECT-TYPE
    SYNTAX       Counter32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of times a request to create 
         a NAT binding failed because there were no available Port 
         Map Port entries to establish a binding."
    ::= { etsysNatGlobalStats 13 }

etsysNatStatsBindingsNoFtpALG OBJECT-TYPE
    SYNTAX       Counter32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the number of times a request to create 
         a NAT binding failed because there were no available FTP 
         ALG's to establish a binding."
    ::= { etsysNatGlobalStats 14 }

etsysNatStatsBindingsPerSecond OBJECT-TYPE
    SYNTAX       Gauge32 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the average number of NAT bindings 
         created per second.  Normalized for 5 seconds."
    ::= { etsysNatGlobalStats 15 }
    
etsysNatStatsClear OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "Setting this object to a value of true(1) will clear NAT 
         statistics and cause the following objects to be reset to zero
         and new values generated: 
         etsysNatStatsBindingsDeleted,
         etsysNatStatsBindingsTotal,
         etsysNatStatsBindingsExhausted,
         etsysNatStatsBindingsMaxReached,
         etsysNatStatsBindingsNoIpAddr,
         etsysNatStatsBindingsNoPortmapPort,
         etsysNatStatsBindingsNoFtpALG,
         etsysNatStatsBindingsPerSecond.
         
         The following etsysNatStatsBindingsHigh object will be reset to
         its current active count.
 
         Setting this object to a value of false(2) has no effect.  
         This object will always return a value of false(2)."
    DEFVAL       { false }
    ::= { etsysNatGlobalStats 16 }
    
etsysNatStatsClearDateAndTime OBJECT-TYPE
    SYNTAX       DateAndTime
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The date / time the NAT statistics were cleared."
    ::= { etsysNatGlobalStats 17 }

etsysNatStatsTranslationProtocolRulesCount OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The number of etsysNatTranslationProtocolRulesEntry in the
         etsysNatTranslationProtocolRulesTable"
    ::= { etsysNatGlobalStats 18 }
    
etsysNatStatsMinTimeoutValue OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
         "The minimum timeout value allowable for NAT timeouts."
    ::= { etsysNatGlobalStats 19 }

etsysNatStatsMaxTimeoutValue OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
         "The maximum timeout value allowable for NAT timeouts."
    ::= { etsysNatGlobalStats 20 }
    
-- -------------------------------------------------------------
-- NAT Global Ipv4 Configuration Branch
-- -------------------------------------------------------------

etsysNatIpv4ConfigLogTranslations OBJECT-TYPE
    SYNTAX       INTEGER {
                   disabled(1),
                   enabled(2)
                 }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the state of NAT IPv4 Translations 
         logging.
         - `disabled', a log message will not be generated when a NAT
           binding is either created or deleted.
         - `enabled', a log message will be generated when a NAT
          binding is either created or deleted."
    DEFVAL { disabled }
    ::= { etsysNatGlobalIpv4Config 1 }
    
etsysNatIpv4ConfigInspectDNS OBJECT-TYPE
    SYNTAX       INTEGER {
                   disabled(1),
                   enabled(2)
                   }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the state of NAT IPv4 Inspect/Fix up DNS.
         NAT DNS packet inspection and fix up consists of parsing DNS 
         request or response packets, identifying IP addresses contained
         within that may need to be NAT'ed, and fixing up the DNS packet
         with the appropriate NAT translations.
         - `disabled', NAT does not inspect DNS packets that are being 
           forwarded by the NAT process.
         - `enabled', NAT inspects DNS packets that are being forwarded
           by the NAT process."
    DEFVAL { disabled }
    ::= { etsysNatGlobalIpv4Config 2 }
    
etsysNatIpv4ConfigFtpCtrlPort OBJECT-TYPE
    SYNTAX       InetPortNumber (1..65535)
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 FTP control port."
    DEFVAL { 21 }
    ::= { etsysNatGlobalIpv4Config 3 }
    
etsysNatIpv4ConfigMaxEntries OBJECT-TYPE
    SYNTAX       Unsigned32 (0 | 1..4294967295)
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the maximum number of NAT IPv4 
         Translation entries.  A value of '0' indicates that there is no
         limit."
    DEFVAL { 0 }
    ::= { etsysNatGlobalIpv4Config 4 }
    
etsysNatIpv4ConfigTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the general NAT IPv4 idle translation 
         timeout value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 5 }

etsysNatIpv4ConfigUdpTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 UDP idle translation timeout 
         value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 6 }

etsysNatIpv4ConfigTcpTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 TCP idle translation timeout 
         value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 7 }

etsysNatIpv4ConfigFtpTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 FTP idle translation timeout
         value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 8 }

etsysNatIpv4ConfigDnsTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 DNS idle translation timeout
         value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 9 }

etsysNatIpv4ConfigIcmpTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object contains the NAT IPv4 ICMP idle translation 
         timeout value."
    DEFVAL { 240 }
    ::= { etsysNatGlobalIpv4Config 10 }
    
etsysNatIpv4ConfigFinRstTimeout OBJECT-TYPE
    SYNTAX       Unsigned32 (0 | 1..4294967295)
    UNITS        "seconds" 
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
         "The timeout value after TCP FIN/RST observed on IPv4 NAT 
          bindings.  Setting a value of '0' results in this feature 
          being disabled."
    DEFVAL { 3 }
    ::= { etsysNatGlobalIpv4Config 11 }

etsysNatIpv4ConfigFinRstTimeoutHalfClosedStatus OBJECT-TYPE
    SYNTAX       INTEGER {
                   disabled(1),
                   enabled(2)
                   }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object indicates if the IPv4 TCP FIN/RST timeout will
         apply to bindings only when the hardware connections have 
         aged out.
         - `disabled', indicates the IPv4 TCP FIN/RST timeout does not
           apply to half closed bindings.
         - `enabled', indicates the IPv4 TCP FIN/RST timeout applies
           to half closed bindings."
    DEFVAL { enabled }
    ::= { etsysNatGlobalIpv4Config 12 }
    
-- -------------------------------------------------------------
-- NAT Translation Protocol Rules Table
-- -------------------------------------------------------------

etsysNatTranslationProtocolRulesTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF EtsysNatTranslationProtocolRulesEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION    
        "A table of entries defining NAT rules for non standard 
         protocols."
    ::={ etsysNatTables  1 }

etsysNatTranslationProtocolRulesEntry OBJECT-TYPE
    SYNTAX       EtsysNatTranslationProtocolRulesEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
         "An entry in the etsysNatTranslationProtocolRulesTable 
          defining the configuration values for a unique NAT 
          Translation Protocol entry.  The Translation Protocol Rules 
          Table entry defines the protocol and timeout value for a 
          NAT Translation Protocol."
    INDEX  { etsysNatTranslationInetVersion,
             etsysNatTranslationProtocol, 
             etsysNatTranslationPort }
     ::= { etsysNatTranslationProtocolRulesTable 1 }
     
EtsysNatTranslationProtocolRulesEntry ::=
    SEQUENCE {
        etsysNatTranslationInetVersion
            InetVersion,
        etsysNatTranslationProtocol
            Integer32,
        etsysNatTranslationPort
            InetPortNumber,
        etsysNatTranslationTimeout
            Unsigned32,
        etsysNatTranslationOneShot
            INTEGER,
        etsysNatTranslationRowStatus
            RowStatus
    }
            
etsysNatTranslationInetVersion OBJECT-TYPE
    SYNTAX       InetVersion
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The Internet address version of the NAT Translation 
         Protocol Rule."
    ::= { etsysNatTranslationProtocolRulesEntry 1 }

etsysNatTranslationProtocol OBJECT-TYPE 
    SYNTAX       Integer32 (0|1..255)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION 
        "The NAT Translation Internet Protocol number.  A value of 
         any(0) indicates that any protocol is allowed.  Common IP
         Protocol values are ICMP(1), TCP(6) or UDP(17).  All IP 
         Protocol values except for TCP and UDP require a 
         etsysNatTranslationPort value of '0'.  TCP or UDP may have a 
         non zero value in etsysNatTranslationPort."
    ::= { etsysNatTranslationProtocolRulesEntry 2 } 

etsysNatTranslationPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
         "The port assigned to this NAT Translation Protocol 
          entry.  A value of '0' indicates any port is allowed for this
          NAT Translation Protocol entry.  An entry in 
          etsysNatTranslationProtocol of either TCP(6) or UDP(17) 
          may contain a non-zero value in this entry indicating the 
          specific port assigned for this protocol.  Any other value
          in etsysNatTranslationProtocol requires that this entry be 
          set to '0'."
    ::= { etsysNatTranslationProtocolRulesEntry 3 }
    
etsysNatTranslationTimeout OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The timeout value for idle NAT translations using this 
         NAT Translation Protocol entry."
    DEFVAL { 240 }
    ::= { etsysNatTranslationProtocolRulesEntry 4 }

etsysNatTranslationOneShot OBJECT-TYPE
    SYNTAX       INTEGER {
                   disabled(1),
                   enabled(2)
                   }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object enables the One Shot feature for this NAT
         Translation Protocol entry.  One Shot is a feature specific to
         protocol bindings such as ICMP and UDP traffic such as DNS
         which are generally bi-directional and usually only send one
         packet in each direction.  One Shot provides the benefit of 
         quickly cleaning up such bindings given their temporary nature."
    DEFVAL { disabled }
    ::= { etsysNatTranslationProtocolRulesEntry 5 }

etsysNatTranslationRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object permits management of the table by facilitating
         actions such as row creation and deletion.

         The value of this object has no effect on whether other 
         objects in the conceptual row can be modified.
        
         The only allowable row status of this conceptual row in the 
         table are:
         active(1)
         - The NAT Translation Protocol entry is available for use
           in NAT operations.
 
         createAndGo(4)
         - This is the preferred mechanism for creating conceptual rows 
           in this table.  A valid etsysNatTranslationProtocol must 
           be present.  A value in etsysNatTranslationProtocol not 
           equal to either TCP(6), UDP(17) requires a '0' value in 
           etsysNatTranslationPort.  There are no other writable 
           leaves so a successful createAndGo will always transition a
           new entry to the active(1) state.
           
        destroy(6)
         - This will remove the 
           etsysNatTranslationProtocolRulesEntry from the 
           etsysNatTranslationProtocolRulesTable and make it 
           unavailable for NAT operations."
    ::= { etsysNatTranslationProtocolRulesEntry 6 }

-- -------------------------------------------------------------
-- NAT Pool Table
-- -------------------------------------------------------------
etsysNatPoolTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF EtsysNatPoolEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION    
        "A table of entries defining the operational characteristics
         of NAT Pools."
    ::={ etsysNatTables  2 }

etsysNatPoolEntry OBJECT-TYPE
    SYNTAX       EtsysNatPoolEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry in the etsysNatPoolTable containing the operational
         characteristics of a NAT Pool.  A NAT Pool defines a range of 
         public (outside) IP addresses defining this NAT pool and is 
         identified by etsysNatPoolName."
    INDEX  { etsysNatPoolAddressType,
             etsysNatPoolName }
     ::= { etsysNatPoolTable 1 }

EtsysNatPoolEntry ::=
    SEQUENCE {
        etsysNatPoolAddressType
            InetAddressType,
        etsysNatPoolName
            SnmpAdminString,
        etsysNatPoolFirstIpAddr 
            InetAddress,
        etsysNatPoolLastIpAddr 
            InetAddress,
        etsysNatPoolPrefixLen
            InetAddressPrefixLength,
        etsysNatPoolNextIpAddr 
            InetAddress,
        etsysNatPoolAddrCount 
            Gauge32,
        etsysNatPoolAddrUsed 
            Gauge32,
        etsysNatPoolAddrAlloc 
            Gauge32,
        etsysNatPoolOutOfAddrs 
            Counter32,
        etsysNatPoolPortAlloc 
            Gauge32,
        etsysNatPoolOutOfPorts 
            Counter32,
        etsysNatPoolConns 
            Gauge32,
        etsysNatPoolHits 
            Counter32,
        etsysNatPoolListRulesCount 
            Gauge32,
        etsysNatPoolLsnatVservers 
            Gauge32,
        etsysNatPoolRowStatus
            RowStatus
    }

etsysNatPoolAddressType OBJECT-TYPE 
    SYNTAX       InetAddressType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION 
        "The Internet Protocol version.  The value of this property 
         affects the size and format of: etsysNatPoolFirstIpAddr, 
         etsysNatPoolLastIpAddr, and etsysNatPoolNextIpAddr. 
         All objects must be of the same INET Address Type."
    ::= { etsysNatPoolEntry 1 } 
    
etsysNatPoolName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..63))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This object contains the unique name of the NAT Pool."
    ::= { etsysNatPoolEntry  2}

etsysNatPoolFirstIpAddr OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(4|16))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The assigned IP address represents the first IP address in
         the range for this NAT Pool entry."
    ::= { etsysNatPoolEntry 3 }

etsysNatPoolLastIpAddr OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(4|16))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The assigned IP address represents the last IP address in the
         range for this NAT Pool entry."
    ::= { etsysNatPoolEntry 4 }

etsysNatPoolPrefixLen OBJECT-TYPE
    SYNTAX       InetAddressPrefixLength
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The length of the IP network mask used to refine the range of
         IP addresses defined by etsysNatPoolFirstIpAddr and 
         etsysNatPoolLastIpAddr in defining the range of IP addresses 
         for this NAT Pool entry.  The values for the index objects 
         etsysNatPoolFirstIpAddr, etsysNatPoolLastIpAddr and
         etsysNatPoolPrefixLen must be consistent.  If a prefix length
         of '0' is specified than all addresses in the range are used."
    ::= { etsysNatPoolEntry 5 }

etsysNatPoolNextIpAddr OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(4|16))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The Next NAT IP address that the pool is due to assign to a 
         dynamic translation binding"
    ::= { etsysNatPoolEntry 6 }

etsysNatPoolAddrCount OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of IP addresses assigned to this NAT Pool 
         entry."
    ::= { etsysNatPoolEntry 7 }

etsysNatPoolAddrUsed OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of IP addresses in use for this NAT Pool 
         entry."
    ::= { etsysNatPoolEntry 8 }

etsysNatPoolAddrAlloc OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of IP addresses allocated for this NAT Pool
         entry."
    ::= { etsysNatPoolEntry 9 }

etsysNatPoolOutOfAddrs OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The number of times an allocation of a Pool entry failed 
         because there were no available NAT IP addresses for this NAT
         Pool entry."
    ::= { etsysNatPoolEntry 10 }

etsysNatPoolPortAlloc OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of Port Maps allocated for this Nat Pool 
         entry."
    ::= { etsysNatPoolEntry 11 }

etsysNatPoolOutOfPorts OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The number of times an allocation of a Pool entry failed 
         because there were no available NAT Port Maps for this NAT
         Pool entry."
    ::= { etsysNatPoolEntry 12 }

etsysNatPoolConns OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The current number of active NAT connections established 
         using this NAT Pool entry."
    ::= { etsysNatPoolEntry 13 }

etsysNatPoolHits OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of hits this NAT Pool has received."
    ::= { etsysNatPoolEntry 14 }

etsysNatPoolListRulesCount OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of List Rules (etsysNatListPoolName) 
         configured using this Nat Pool entry."
    ::= { etsysNatPoolEntry 15 }
        
etsysNatPoolLsnatVservers OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The number of Virtual Servers 
         (etsysLsnatVserverSourceNatPool) using this Nat Pool."
    ::= { etsysNatPoolEntry 16 }
    
etsysNatPoolRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object permits management of the table by facilitating
         actions such as row creation and deletion.

         The value of this object has no effect on whether other objects
         in the conceptual row can be modified.
        
         The only allowable row status of this conceptual row in the 
         table are:
         active(1)
         - The NAT Pool entry is available for use by NAT operations. 
           Other writable leaves in this table MAY be modified while the
           row is in the active state.
                    
         createAndGo(4)
         - This is the preferred mechanism for creating conceptual rows 
           in this table.  A valid createAndGo requires a unique 
           etsysNatPoolName, errors resulting from existing 
           etsysNatPoolNames will result in the row not being created. 
           A valid createAndGo also requires sets to these leaves as 
           part of a multi-varbind set when creating the instance:
             etsysNatPoolFirstIpAddr,
             etsysNatPoolLastIpAddr,
             etsysNatPoolPrefixLen
           A valid createAndGo also requires a valid IP address range 
           and etsysNatPoolPrefixLen, errors resulting from an invalid
           IP range or prefix length will result in the row not being 
           created.  There are no other writable leaves so a successful
           createAndGo will always transition a new entry to the 
           active(1) state.
           
         destroy(6)
         - This will remove the etsysNatPoolEntry from the 
           etsysNatPoolTable and make it unavailable for NAT operations.
           This will result in any NAT List table entries 
           (etsysNatListPoolName) using this entry to be deleted.  In 
           addition this will also result in all associated LSNAT 
           Virtual Server Table entries (etsysLsnatVserverSourceNatPool)
           to also be deleted."
    ::= { etsysNatPoolEntry 17 }

-- -------------------------------------------------------------
-- NAT List Rule Table
-- -------------------------------------------------------------

etsysNatListRuleTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF EtsysNatListRuleEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION    
        "A table of entries defining the operational characteristics
         of NAT Lists rules."
    ::={ etsysNatTables 3 }

etsysNatListRuleEntry OBJECT-TYPE
    SYNTAX       EtsysNatListRuleEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry in the etsysNatListRuleTable containing the 
         operational characteristics of a NAT List rule.  A NAT List
         rule defines the operational characteristics for the forming
         of dynamic address bindings from a pre-configured address pool 
         (etsysNatPoolName) of public outside addresses and a 
         pre-configured access-list (etsysNatListRuleName) of local inside
         addresses."
    INDEX  { etsysNatListRuleInetVersion,
             etsysNatListRuleDirection,
             etsysNatListRuleMatchType,
             etsysNatListRuleName,
             etsysNatListRuleInsideVrfName }
     ::= { etsysNatListRuleTable 1 }

EtsysNatListRuleEntry ::=
    SEQUENCE {
        etsysNatListRuleInetVersion
            InetVersion,
        etsysNatListRuleDirection 
            INTEGER,
        etsysNatListRuleMatchType 
            INTEGER,
        etsysNatListRuleName
            SnmpAdminString,
        etsysNatListRuleInsideVrfName
            SnmpAdminString,
        etsysNatListRulePoolName
            SnmpAdminString,
        etsysNatListRuleIfIndex 
            InterfaceIndexOrZero,
        etsysNatListRuleOverloaded 
            TruthValue,
        etsysNatListRuleConns 
            Gauge32,
        etsysNatListRuleHits 
            Counter32,
        etsysNatListRuleRowStatus
            RowStatus
    }

etsysNatListRuleInetVersion OBJECT-TYPE
    SYNTAX       InetVersion
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The Internet address version of the NAT List rule.  The value
         of etsysNatListRuleInetVersion must be consistent with the 
         value of etsysNatPoolAddressType defined by the 
         etsysNatPoolName associated with this etsysNatListRuleEntry."
    ::= { etsysNatListRuleEntry 1 }

etsysNatListRuleDirection OBJECT-TYPE
    SYNTAX       INTEGER {
                   inside(1),
                   outside(2)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This value identifies if this NAT List rule is associated with
         an 'inside' or 'outside' network."
    ::= { etsysNatListRuleEntry 2 }

etsysNatListRuleMatchType OBJECT-TYPE
    SYNTAX       INTEGER {
                   source(1),
                   destination(2)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This value identifies if this NAT List rule is associated with
         a 'source' or 'destination' packet."
    ::= { etsysNatListRuleEntry 3 }

etsysNatListRuleName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..64))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This object contains the unique name of the access-list of IP
         addresses to translate for the inside source address defined by
         this NAT List rule."
    ::= { etsysNatListRuleEntry 4 }

etsysNatListRuleInsideVrfName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..16))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This object contains the unique name of the Inside VRF for 
         cross VRF NAT for this NAT List rule."
    ::= { etsysNatListRuleEntry  5 }

etsysNatListRulePoolName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..63))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object contains the unique name of the NAT Pool.  This 
         value must be set with the row status set that creates the 
         entry.  The value may not be changed after the row is created."
    ::= { etsysNatListRuleEntry  6 }

etsysNatListRuleIfIndex OBJECT-TYPE
    SYNTAX       InterfaceIndexOrZero
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The outside NAT List rule interface index used for this NAT 
         List rule entry.  A value of '0' indicates that this List Rule
         would apply to 'any' interface.  This value must be set with the 
         row status set that creates the entry.  The value may not be 
         changed after the row is created."
    DEFVAL { 0 }
    ::= { etsysNatListRuleEntry 7 }

etsysNatListRuleOverloaded OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This entry indicates if this NAT List rule entry will be 
         overloaded enabling Network Address Port Translation (NAPT).
         This value must be set with the row status set that creates 
         the entry.  The value may not be changed after the row is created."
   DEFVAL { false }
   ::= { etsysNatListRuleEntry 8 }

etsysNatListRuleConns OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The current number of active NAT connections established on 
         this NAT List rule entry."
    ::= { etsysNatListRuleEntry 9 }

etsysNatListRuleHits OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of hits this NAT List rule entry has 
         received."
    ::= { etsysNatListRuleEntry 10 }

etsysNatListRuleRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object permits management of the table by facilitating
         actions such as row creation and deletion.

         The value of this object has no effect on whether other objects
         in the conceptual row can be modified.
        
         The only allowable row status of this conceptual row in the 
         table are:
         active(1)
         - The NAT List rule entry is available for use in NAT 
           operations.
          
         createAndGo(4)
         - This is the preferred mechanism for creating conceptual rows 
           in this table.  A valid createAndGo requires an active(1) 
           etsysNatPoolName be provided for the etsysNatListRulePoolName.
           If the list rule leaves:
           etsysNatListRuleIfIndex or etsysNatListRuleOverloaded are to
           be set, then can only be set at create time.  Sets to these
           leaves:   etsysNatListRulePoolName,
                     etsysNatListRuleIfIndex,
                     etsysNatListRuleOverloaded
 
           Will not be accepted after the entry is created. 

           Errors resulting from an invalid 
           configuration will result in the row not being created.  There
           are no other writable leaves so a successful createAndGo will
           always transition a new entry to the active(1) state.
          
         destroy(6)
         - This will remove the etsysNatListRuleEntry from the 
           etsysNatListRuleTable and make it unavailable for NAT 
           operations."
    ::= { etsysNatListRuleEntry 11 }
    
-- -------------------------------------------------------------
-- NAT Static Rule Table
-- -------------------------------------------------------------
etsysNatStaticRuleTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF EtsysNatStaticRuleEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION    
        "A table of entries defining the operational characteristics
         of NAT Static rules."
    ::={ etsysNatTables 4 }

etsysNatStaticRuleEntry OBJECT-TYPE
    SYNTAX       EtsysNatStaticRuleEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry in the etsysNatStaticRuleTable containing the 
         operational characteristics of a NAT Static rule.  A NAT Static
         rule defines a range of private (inside) IP addresses and 
         operational characteristics for which specified NAT Static 
         rules will be applied.  Static inside address translations are
         one-to-one bindings between the inside and outside IP 
         addresses."
    INDEX  { etsysNatStaticRuleAddressType,
             etsysNatStaticRuleDirection,
             etsysNatStaticRuleMatchType,
             etsysNatStaticRuleProtocol, 
             etsysNatStaticRuleLocalIpAddr,
             etsysNatStaticRuleLocalPort,
             etsysNatStaticRuleGlobalIpAddr,
             etsysNatStaticRuleGlobalPort,
             etsysNatStaticRuleInsideVrfName }
     ::= { etsysNatStaticRuleTable 1 }

EtsysNatStaticRuleEntry ::=
    SEQUENCE {
        etsysNatStaticRuleAddressType
            InetAddressType,
        etsysNatStaticRuleDirection 
            INTEGER,
        etsysNatStaticRuleMatchType 
            INTEGER,
        etsysNatStaticRuleProtocol
            INTEGER,
        etsysNatStaticRuleLocalIpAddr
            InetAddress,
        etsysNatStaticRuleLocalPort
            InetPortNumber,
        etsysNatStaticRuleGlobalIpAddr
            InetAddress,
        etsysNatStaticRuleGlobalPort
            InetPortNumber,
        etsysNatStaticRuleInsideVrfName
            SnmpAdminString,
        etsysNatStaticRuleOverloaded 
            TruthValue,
        etsysNatStaticRuleConns 
            Gauge32,
        etsysNatStaticRuleHits 
            Counter32,
        etsysNatStaticRuleReservedBindingId
            Unsigned32,
        etsysNatStaticRuleRowStatus
            RowStatus
    }

etsysNatStaticRuleAddressType OBJECT-TYPE 
    SYNTAX       InetAddressType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION 
        "The Internet Protocol version.  The value of this property 
         affects the size and format of: etsysNatStaticRuleLocalIpAddr,
         and etsysNatStaticRuleGlobalIpAddr both objects must be of the
         same INET Address Type."
    ::= { etsysNatStaticRuleEntry 1 } 

etsysNatStaticRuleDirection OBJECT-TYPE
    SYNTAX       INTEGER {
                   inside(1),
                   outside(2)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This value identifies if this NAT Static rule is associated 
         with an 'inside' or 'outside' network."
    ::= { etsysNatStaticRuleEntry 2 }

etsysNatStaticRuleMatchType OBJECT-TYPE
    SYNTAX       INTEGER {
                   source(1),
                   destination(2)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This value identifies if this NAT List rule is associated with
         a 'source' or 'destination' packet."
    ::= { etsysNatStaticRuleEntry 3 }

etsysNatStaticRuleProtocol OBJECT-TYPE
    SYNTAX       INTEGER {
                   any(0),
                   tcp(6),
                   udp(17)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding protocol type.  A value
         of '0' indicates that the protocol type is 'any' and requires 
         that etsysNatStaticRuleLocalPort and 
         etsysNatStaticRuleGlobalPort be set to a value of '0'.  A value
         of tcp(6) or udp(17) indicates that this entry defines NAPT 
         translation of inside source addresses."
    ::= { etsysNatStaticRuleEntry 4 }

etsysNatStaticRuleLocalIpAddr OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(4|16))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The NAT Static Local rule IP addresses representing the local
         IP address for this NAT Static rule entry."
    ::= { etsysNatStaticRuleEntry 5 }

etsysNatStaticRuleLocalPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The NAT Static Local rule port representing the local port 
         for this NAT Static rule entry.  This value is only meaningful 
         if the etsysNatStaticRuleProtocol is set to tcp(6) or udp(17) 
         otherwise this value must be set to '0'."
    ::= { etsysNatStaticRuleEntry 6 }

etsysNatStaticRuleGlobalIpAddr OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(4|16))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The NAT Static Global rule IP addresses representing the 
         global IP address for this NAT Static rule entry."
    ::= { etsysNatStaticRuleEntry 7 }
    
etsysNatStaticRuleGlobalPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The NAT Static Global rule port representing the global port 
         for this NAT Static rule entry.  This value is only meaningful 
         if the etsysNatStaticRuleProtocol is set to tcp(6) or udp(17) 
         otherwise this value must be set to '0'."
    ::= { etsysNatStaticRuleEntry 8 }

etsysNatStaticRuleInsideVrfName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..16))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This object contains the unique name of the Inside VRF for 
         cross VRF NAT."
    ::= { etsysNatStaticRuleEntry  9 }

etsysNatStaticRuleOverloaded OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This entry indicates if this NAT Static rule entry is 
         overloaded enabling Network Address Port Translation (NAPT).
         If the etsysNatStaticRuleProtocol is set to tcp(6) or udp(17)
         this value will display true(1) otherwise it will display 
         false(2)."
    ::= { etsysNatStaticRuleEntry 10 }

etsysNatStaticRuleConns OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The current number of active NAT connections established on 
         this NAT Static rule entry."
    ::= { etsysNatStaticRuleEntry 11 }

etsysNatStaticRuleHits OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The total number of hits this NAT Static rule entry has 
         received."
    ::= { etsysNatStaticRuleEntry 12 }
    
etsysNatStaticRuleReservedBindingId OBJECT-TYPE
    SYNTAX       Unsigned32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This value is a unique NAT Static rule binding identifier 
         reserved by NAT at the creation of this Static rule entry.
         A value of '0' indicates that there is no binding 
         identifier currently set for this static entry."
    ::= { etsysNatStaticRuleEntry 13 }

etsysNatStaticRuleRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "This object permits management of the table by facilitating
         actions such as row creation and deletion.

         The value of this object has no effect on whether other objects
         in the conceptual row can be modified.
        
         The only allowable row status of this conceptual row in the 
         table are:
         active(1)
         - The NAT Static rule entry is available for use in NAT 
           operations.
           
         createAndGo(4)
         - This is the preferred mechanism for creating conceptual rows 
           in this table.  A valid createAndGo requires a valid 
           etsysNatStaticRuleProtocol, a valid IP addresses for 
           etsysNatStaticRuleLocalIpAddr and 
           etsysNatStaticRuleGlobalIpAddr, and a valid port for 
           etsysNatStaticRuleLocalPort and etsysNatStaticRuleGlobalPort,
           errors resulting from an invalid configuration will result in
           the row not being created.  There are no other writable leaves
           so a successful createAndGo will always transition a new 
           entry to the active(1) state.
      
         destroy(6)
         - This will remove the etsysNatStaticRuleEntry from the 
           etsysNatStaticRuleTable, remove it's static NAT binding entry
           and make it unavailable for NAT operations."
    ::= { etsysNatStaticRuleEntry 14 }

-- -------------------------------------------------------------
-- NAT Binding Table
-- -------------------------------------------------------------
etsysNatBindingTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF EtsysNatBindingEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION    
        "A table of entries defining active NAT bindings."
    ::={ etsysNatTables  5 }

etsysNatBindingEntry OBJECT-TYPE
    SYNTAX       EtsysNatBindingEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry in the etsysNatBindingTable defining an active NAT 
         binding.  The etsysNatBindingEntry defines the runtime 
         characteristics of a NAT binding."
    INDEX  { etsysNatBindingId }
    ::= { etsysNatBindingTable  1 }

EtsysNatBindingEntry ::=
    SEQUENCE {
        etsysNatBindingId
            Unsigned32,
        etsysNatBindingState
            INTEGER,
        etsysNatBindingAddressType
            InetAddressType,
        etsysNatBindingForwardSrcIp
            InetAddress,
        etsysNatBindingForwardSrcPort
            InetPortNumber,
        etsysNatBindingForwardDstIp
            InetAddress,
        etsysNatBindingForwardDstPort
            InetPortNumber,
        etsysNatBindingReverseSrcIp
            InetAddress,
        etsysNatBindingReverseSrcPort
            InetPortNumber,
        etsysNatBindingReverseDstIp
            InetAddress,
        etsysNatBindingReverseDstPort
            InetPortNumber,
        etsysNatBindingRuleType
            INTEGER,
        etsysNatBindingPoolName
            SnmpAdminString,
        etsysNatBindingProtocol
            Integer32,
        etsysNatBindingAlgType
            INTEGER,
        etsysNatBindingFtpDataChannelCount
            Unsigned32,
        etsysNatBindingIcmpFwdIdent
            Unsigned32,
        etsysNatBindingIcmpRevIdent
            Unsigned32,
        etsysNatBindingHWConns
            Gauge32,
        etsysNatBindingCreationDate
            DateAndTime,
        etsysNatBindingExpirationDate
            DateAndTime,
        etsysNatBindingIdleTime
            Unsigned32,
        etsysNatBindingExpireTime
            Unsigned32,
        etsysNatBindingClear
            TruthValue
    }
	
etsysNatBindingId OBJECT-TYPE
    SYNTAX       Unsigned32
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "This value is a unique NAT binding identifier assigned by 
         NAT during binding creation."
    ::= { etsysNatBindingEntry 1 }

etsysNatBindingState OBJECT-TYPE
    SYNTAX       INTEGER {
                   init(1),
                   syncing(2),
                   waitroute(3),
                   established(4)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the state of the binding.
         - `init', indicates this binding is initializing.
         - `syncing', indicates this binding is syncing.
         - `waitroute', indicates this binding is in a wait
            route state.
         - `established', indicates this binding is established."
    ::= { etsysNatBindingEntry 2 }
    
etsysNatBindingAddressType OBJECT-TYPE 
    SYNTAX       InetAddressType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION 
        "The Internet Protocol version.  The value of this property 
         affects the size and format of:  
         etsysNatBindingForwardSrcIp, etsysNatBindingForwardDstIp,
         etsysNatBindingReverseSrcIp and etsysNatBindingReverseDstIp 
         objects."
    ::= { etsysNatBindingEntry 3 } 

etsysNatBindingForwardSrcIp OBJECT-TYPE
    SYNTAX       InetAddress
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The forward source IP address for this NAT binding entry."
    ::= { etsysNatBindingEntry 4 }

etsysNatBindingForwardSrcPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The forward source port for this NAT binding entry.  This 
         value is only meaningful if the etsysNatBindingProtocol is set
         to tcp(6) or udp(17) otherwise this object will return a value
         of '0'."
    ::= { etsysNatBindingEntry 5 }

etsysNatBindingForwardDstIp OBJECT-TYPE
    SYNTAX       InetAddress 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The forward destination IP address for this NAT binding 
         entry."
    ::= { etsysNatBindingEntry 6 }

etsysNatBindingForwardDstPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The forward destination port for this NAT binding entry.  This 
         value is only meaningful if the etsysNatBindingProtocol is set
         to tcp(6) or udp(17) otherwise this object will return a value
         of '0'."
    ::= { etsysNatBindingEntry 7 }

etsysNatBindingReverseSrcIp OBJECT-TYPE
    SYNTAX       InetAddress 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The reverse NAT source IP address for this NAT binding entry."
    ::= { etsysNatBindingEntry 8 }

etsysNatBindingReverseSrcPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The reverse NAT source port for this NAT binding entry.  This 
         value is only meaningful if the etsysNatBindingProtocol is set
         to tcp(6) or udp(17) otherwise this object will return a value
         of '0'."
    ::= { etsysNatBindingEntry 9 }

etsysNatBindingReverseDstIp OBJECT-TYPE
    SYNTAX       InetAddress 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The reverse NAT destination IP address for this NAT binding 
         entry."
    ::= { etsysNatBindingEntry 10 }

etsysNatBindingReverseDstPort OBJECT-TYPE
    SYNTAX       InetPortNumber (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The reverse NAT destination port for this NAT binding entry.
         This value is only meaningful if the etsysNatBindingProtocol 
         is set to tcp(6) or udp(17) otherwise this object will return
         a value of '0'."
    ::= { etsysNatBindingEntry 11 }
 
etsysNatBindingRuleType OBJECT-TYPE
    SYNTAX       INTEGER {
                   static(1),
                   dynamic(2),
                   staticReserved(3),
                   dynamicReserved(4)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding Rule type.
         - `static', indicates that the NAT binding is static.
         - `dynamic', indicates that the NAT binding is dynamic.
         - `staticReserved', indicates that the NAT binding is static 
           (reserved).
         - `dynamicReserved', indicates that the NAT binding is 
           dynamic (reserved)."
    ::= { etsysNatBindingEntry 12 }
    
etsysNatBindingPoolName OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE(1..63))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the name of the NAT Pool
         (etsysNatPoolName) associated with this NAT binding."
    ::= { etsysNatBindingEntry  13}

etsysNatBindingProtocol OBJECT-TYPE
    SYNTAX       Integer32 (0|1..255)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding protocol type.  A value
         of '0' indicates that the protocol type is 'any'.  Common IP
         Protocol values are TCP(6) and UDP(17)."
    ::= { etsysNatBindingEntry 14 }
    
etsysNatBindingAlgType OBJECT-TYPE
    SYNTAX       INTEGER {
                   none(1),
                   ftpctrl(2),
                   ftpdata(3),
                   tftpctrl(4),
                   icmpecho(5)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT ALG Binding type.
         - `none', indicates that this NAT binding is not an ALG 
           binding.
         - `ftpctrl', indicates that this NAT binding is a FTP control 
           binding.
         - `ftpdata, indicates that this NAT binding is a FTP data 
           binding.
         - `tftpctrl', indicates that this NAT binding is a TFTP control 
           binding.
         - `icmpecho', indicates that this NAT binding is an ICMP echo 
           binding."
    ::= { etsysNatBindingEntry 15 }

etsysNatBindingFtpDataChannelCount OBJECT-TYPE
    SYNTAX       Unsigned32 (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding FTP Data channel.  This 
         value is only significant if the etsysNatBindingAlgType is 
         ftpctrl(2), otherwise this object will return a value of '0'."
    ::= { etsysNatBindingEntry 16 }
    
etsysNatBindingIcmpFwdIdent OBJECT-TYPE
    SYNTAX       Unsigned32 (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding ICMP Forward ID.  This 
         value is only significant if the etsysNatBindingAlgType is 
         icmpecho(5), otherwise this object will return a value of '0'."
    ::= { etsysNatBindingEntry 17 }
    
etsysNatBindingIcmpRevIdent OBJECT-TYPE
    SYNTAX       Unsigned32 (0|1..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the NAT Binding ICMP Reverse ID.  This 
         value is only significant if the etsysNatBindingAlgType is 
         icmpecho(5), otherwise this object will return a value of '0'."
    ::= { etsysNatBindingEntry 18 }
    
etsysNatBindingHWConns OBJECT-TYPE
    SYNTAX       Gauge32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "This object contains the total number of hardware connections 
         currently active using this NAT binding."
    ::= { etsysNatBindingEntry 19 }

etsysNatBindingCreationDate OBJECT-TYPE
    SYNTAX       DateAndTime
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
         "The creation date / time for this NAT binding entry."
    ::= { etsysNatBindingEntry 20 }

etsysNatBindingExpirationDate OBJECT-TYPE
    SYNTAX       DateAndTime
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The expiration date / time for this NAT binding entry.  
         If the NAT binding expire time (etsysNatBindingExpireTime) is 
         '0' there is no expiration date and this object will return 
         the current date / time."
    ::= { etsysNatBindingEntry 21 }

etsysNatBindingIdleTime OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The consecutive number of seconds this NAT binding entry
         has been idle."
    ::= { etsysNatBindingEntry 22 }

etsysNatBindingExpireTime OBJECT-TYPE
    SYNTAX       Unsigned32
    UNITS        "seconds" 
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The number of idle seconds left before this NAT binding
         entry will age out.  A value of '0' indicates that this NAT 
         binding will not age out."
    ::= { etsysNatBindingEntry 23 }

etsysNatBindingClear OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "Setting this object to a value of true(1) will cause this
         etsysNatBindingEntry to be deleted from the 
         etsysNatBindingTable if the corresponding 
         etsysNatBindingRuleType is 'dynamic(2)' or 
         'dynamicReserved(4)' otherwise the binding entry will not be
         deleted.

         Setting this object to a value of false(2) has no effect.  
         This object will always return a value of false(2)."
    DEFVAL { false }
    ::= { etsysNatBindingEntry 24 }
    
-- ------------------------------------
-- Conformance information
-- ------------------------------------

etsysNatMIBGroups         
    OBJECT IDENTIFIER ::= { etsysNatConformance 1 }
etsysNatMIBCompliances 
    OBJECT IDENTIFIER ::= { etsysNatConformance 2 }

-- -------------------------------------------------------------
-- Units of conformance
-- -------------------------------------------------------------
etsysNatMIBGlobalStatsGroup  OBJECT-GROUP 
    OBJECTS { 
        etsysNatStatsPoolsUsed,
        etsysNatStatsListRulesUsed,
        etsysNatStatsStaticRulesUsed,
        etsysNatStatsAddressUsed,
        etsysNatStatsPortMapsUsed,
        etsysNatStatsBindingsCurrent,
        etsysNatStatsBindingsHigh,
        etsysNatStatsBindingsDeleted,
        etsysNatStatsBindingsTotal,
        etsysNatStatsBindingsExhausted,
        etsysNatStatsBindingsMaxReached,
        etsysNatStatsBindingsNoIpAddr,
        etsysNatStatsBindingsNoPortmapPort,
        etsysNatStatsBindingsNoFtpALG,
        etsysNatStatsBindingsPerSecond,
        etsysNatStatsClear,
        etsysNatStatsClearDateAndTime,
        etsysNatStatsTranslationProtocolRulesCount,
        etsysNatStatsMinTimeoutValue,
        etsysNatStatsMaxTimeoutValue
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT global resources and
        operations." 
    ::= { etsysNatMIBGroups 1 }

etsysNatMIBGlobalIpv4ConfigGroup  OBJECT-GROUP 
    OBJECTS { 
        etsysNatIpv4ConfigLogTranslations,
        etsysNatIpv4ConfigInspectDNS,
        etsysNatIpv4ConfigFtpCtrlPort,
        etsysNatIpv4ConfigMaxEntries,
        etsysNatIpv4ConfigTimeout,
        etsysNatIpv4ConfigUdpTimeout,
        etsysNatIpv4ConfigTcpTimeout,
        etsysNatIpv4ConfigFtpTimeout,
        etsysNatIpv4ConfigDnsTimeout, 
        etsysNatIpv4ConfigIcmpTimeout,
        etsysNatIpv4ConfigFinRstTimeout,
        etsysNatIpv4ConfigFinRstTimeoutHalfClosedStatus
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT IPv4 global resources and
        operations." 
    ::= { etsysNatMIBGroups 2 }
    
etsysNatMIBTranslationProtocolRulesTableGroup  OBJECT-GROUP 
    OBJECTS { 
        etsysNatTranslationTimeout,
        etsysNatTranslationOneShot,
        etsysNatTranslationRowStatus
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT global IPv4 Translation Protocol
         Rules configuration." 
    ::= { etsysNatMIBGroups 3 }

etsysNatMIBNatPoolTableGroup  OBJECT-GROUP 
    OBJECTS {
        etsysNatPoolFirstIpAddr,
        etsysNatPoolLastIpAddr,
        etsysNatPoolPrefixLen,
        etsysNatPoolNextIpAddr,
        etsysNatPoolAddrCount,
        etsysNatPoolAddrUsed,
        etsysNatPoolAddrAlloc,
        etsysNatPoolOutOfAddrs,
        etsysNatPoolPortAlloc,
        etsysNatPoolOutOfPorts,
        etsysNatPoolConns,
        etsysNatPoolHits,
        etsysNatPoolListRulesCount,
        etsysNatPoolLsnatVservers,
        etsysNatPoolRowStatus
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT Pool configurations." 
    ::= { etsysNatMIBGroups 4 }

etsysNatMIBNatListRuleTableGroup  OBJECT-GROUP 
    OBJECTS {
        etsysNatListRulePoolName,
        etsysNatListRuleIfIndex,
        etsysNatListRuleOverloaded,
        etsysNatListRuleConns,
        etsysNatListRuleHits,
        etsysNatListRuleRowStatus
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT List rule configurations." 
    ::= { etsysNatMIBGroups 5 }

etsysNatMIBNatStaticRuleTableGroup  OBJECT-GROUP 
    OBJECTS {
        etsysNatStaticRuleOverloaded,
        etsysNatStaticRuleConns,
        etsysNatStaticRuleHits,
        etsysNatStaticRuleReservedBindingId,
        etsysNatStaticRuleRowStatus
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT static rule configurations." 
    ::= { etsysNatMIBGroups 6 }

etsysNatMIBNatBindingTableGroup  OBJECT-GROUP 
    OBJECTS {
        etsysNatBindingState,
        etsysNatBindingAddressType,
        etsysNatBindingForwardSrcIp,
        etsysNatBindingForwardSrcPort,
        etsysNatBindingForwardDstIp,
        etsysNatBindingForwardDstPort,
        etsysNatBindingReverseSrcIp,
        etsysNatBindingReverseSrcPort,
        etsysNatBindingReverseDstIp,
        etsysNatBindingReverseDstPort,
        etsysNatBindingRuleType,
        etsysNatBindingPoolName,
        etsysNatBindingProtocol,
        etsysNatBindingAlgType,
        etsysNatBindingFtpDataChannelCount,
        etsysNatBindingIcmpFwdIdent,
        etsysNatBindingIcmpRevIdent,
        etsysNatBindingHWConns,
        etsysNatBindingCreationDate,
        etsysNatBindingExpirationDate,
        etsysNatBindingIdleTime,
        etsysNatBindingExpireTime,
        etsysNatBindingClear
    }
    STATUS       current
    DESCRIPTION 
        "The information group for NAT bindings." 
    ::= { etsysNatMIBGroups 7 }

-- ------------------------------------
-- Compliance statements
-- ------------------------------------
etsysNatMIBCompliance MODULE-COMPLIANCE 
    STATUS       current
    DESCRIPTION 
        "The compliance statement for implementation of the Router 
        Application Services NAT functionality."
    MODULE
        MANDATORY-GROUPS  { 
            etsysNatMIBGlobalStatsGroup,
            etsysNatMIBGlobalIpv4ConfigGroup,
            etsysNatMIBTranslationProtocolRulesTableGroup,
            etsysNatMIBNatPoolTableGroup,
            etsysNatMIBNatListRuleTableGroup,
            etsysNatMIBNatStaticRuleTableGroup,
            etsysNatMIBNatBindingTableGroup
        }
        
        
        OBJECT      etsysNatStatsClear
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required."

        OBJECT      etsysNatTranslationRowStatus
        SYNTAX      RowStatus { 
                      active(1), 
                      createAndGo(4), 
                      destroy(6) 
                    }
        DESCRIPTION
            "Only active, createAndGo and destroy are allowed."

        OBJECT      etsysNatPoolRowStatus
        SYNTAX      RowStatus { 
                      active(1), 
                      createAndGo(4), 
                      destroy(6) 
                    }
        DESCRIPTION
            "Only active, createAndGo and destroy are allowed."

        OBJECT      etsysNatListRuleRowStatus
        SYNTAX      RowStatus { 
                      active(1), 
                      createAndGo(4), 
                      destroy(6) 
                    }
        DESCRIPTION
            "Only active, createAndGo and destroy are allowed."

        OBJECT      etsysNatStaticRuleRowStatus
        SYNTAX      RowStatus { 
                      active(1), 
                      createAndGo(4), 
                      destroy(6) 
                    }
        DESCRIPTION
            "Only active, createAndGo and destroy are allowed."

        OBJECT      etsysNatBindingAddressType
        SYNTAX      InetAddressType { 
                      ipv4(1), 
                      ipv6(2) 
                    }
        DESCRIPTION
            "Only IPv4 and IPv6 addresses are allowed."
            
        OBJECT      etsysNatBindingClear
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required."

    ::= { etsysNatMIBCompliances 1 }

   END
