
ACL-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        Counter32,Counter64,TimeTicks,NOTIFICATION-TYPE,
        MODULE-IDENTITY,OBJECT-TYPE,IpAddress, Unsigned32
                                        FROM SNMPv2-SMI
        MacAddress, RowStatus           FROM SNMPv2-TC
        DisplayString                   FROM RFC1213-MIB
    	SnmpAdminString					FROM SNMP-FRAMEWORK-MIB
--		Ipv6Address                     FROM IPV6-TC
        dlink-common-mgmt				FROM DLINK-ID-REC-MIB;
    	
    swAclMgmtMIB MODULE-IDENTITY
	    LAST-UPDATED "0007150000Z"
	    ORGANIZATION " "
	    CONTACT-INFO
	        "    "
	    DESCRIPTION
		    "The Structure of Access Control List  Information for the
		    proprietary enterprise."
        ::= { dlink-common-mgmt 9 }

    PortList                ::= OCTET STRING(SIZE (0..127))
    
    swAclCtrl 				     OBJECT IDENTIFIER ::= { swAclMgmtMIB 1 }    
    swAclMaskMgmt                OBJECT IDENTIFIER ::= { swAclMgmtMIB 2 }
    swAclRuleMgmt                OBJECT IDENTIFIER ::= { swAclMgmtMIB 3 }
    swCpuAclMaskMgmt             OBJECT IDENTIFIER ::= { swAclMgmtMIB 4 }
    swCpuAclRuleMgmt             OBJECT IDENTIFIER ::= { swAclMgmtMIB 5 }

    
-- ---------------------------------------------------------- --
-- Textual Conventions
-- ---------------------------------------------------------- --
-- This definition may be excluded if IPv6 Supported
Ipv6Address ::= TEXTUAL-CONVENTION
	DISPLAY-HINT "2x:"
	STATUS       current
	DESCRIPTION
		"This data type is used to model IPv6 addresses.
		This is a binary string of 16 octets in network
		byte-order."
	SYNTAX       OCTET STRING (SIZE (16))

-- *************************************************************************
-- swAclCtrl
-- *************************************************************************
   
    swCpuInterfacefilterState OBJECT-TYPE
    	SYNTAX INTEGER{
    		enable(1),
    		disable(2)
    	}	
    	MAX-ACCESS read-write
    	STATUS current
    	DESCRIPTION
    	    "enable/disable CPU Interface Filtering( also call Software ACL),
    	    default is disabled. If enable is configured, the filtering entries in
    	    the swAclRuleMgmt tables will be set to action if it's RuleSwAclState is
    	    enable.If disable is configured the software ACL function will be disabled."
    	::={ swAclCtrl 1}	
	
--***************************************************************************
--swACLEthernetTable
--***************************************************************************
    swACLEthernetTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLEthernetEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of Ethernet information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's layer 2 part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swAclMaskMgmt 1 }
        
    swACLEthernetEntry OBJECT-TYPE
        SYNTAX  SwACLEthernetEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of Ethernet."
        INDEX  { swACLEthernetProfileID }
        ::= { swACLEthernetTable 1 }
      
    SwACLEthernetEntry ::= 
        SEQUENCE {
            swACLEthernetProfileID
                INTEGER,
--            swACLEthernetPort
--                PortList, 
            swACLEthernetUsevlan
                INTEGER,
            swACLEthernetMacAddrMaskState
                INTEGER,
            swACLEthernetSrcMacAddrMask
                MacAddress,
            swACLEthernetDstMacAddrMask
                MacAddress,
            swACLEthernetUse8021p
                INTEGER,
            swACLEthernetUseEthernetType
                INTEGER,                   
            swACLEthernetRowStatus
                RowStatus                                                         
        }
    swACLEthernetProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLEthernetEntry 1 }

--    swACLEthernetPort OBJECT-TYPE
--        SYNTAX  PortList
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "This object indicates which port(s) should be filtered."
--        ::= { swACLEthernetEntry 2 } 
    
    swACLEthernetUsevlan OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the switch will examine the VLAN part of each packet header."
        ::= { swACLEthernetEntry 2 }        

    swACLEthernetMacAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-mac-addr(2),
               src-mac-addr(3),
               dst-src-mac-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of MAC address mask. 

            other(1) - Neither source MAC address nor destination MAC address are 
                masked.
            dst-mac-addr(2) - recieved frames's destination MAC address are  
                currently used to be filtered as it meets with the MAC 
                address entry of the table.
            src-mac-addr(3) - recieved frames's source MAC address are currently 
                used to be filtered as it meets with the MAC address entry 
                of the table.
            dst-src-mac-addr(4) - recieved frames's destination MAC address or 
                source MAC address are currently used to be filtered as it meets
                with the MAC address entry of the table."
        ::= { swACLEthernetEntry 3 }    
        
    swACLEthernetSrcMacAddrMask OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies the MAC address mask for the source MAC address."
        ::= { swACLEthernetEntry 4 }     
        
    swACLEthernetDstMacAddrMask OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object  Specifies the  MAC address mask for the destination MAC address."
        ::= { swACLEthernetEntry 5 }   
        
    swACLEthernetUse8021p OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies if the switch will examine the 802.1p priority value in the frame's header
              or not."
        ::= { swACLEthernetEntry 6 }     
        
    swACLEthernetUseEthernetType OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies if the switch will examine the Ethernet type value in each frame's header 
              or not."
        ::= { swACLEthernetEntry 7 }     
                
    swACLEthernetRowStatus OBJECT-TYPE --swACLEthernetState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLEthernetEntry 8 }        
        
        
--***************************************************************************
--swACLIpTable
--***************************************************************************  
    swACLIpTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLIpEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of IP information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's IP layer part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields."
        ::= { swAclMaskMgmt 2 }
        
    swACLIpEntry OBJECT-TYPE
        SYNTAX  SwACLIpEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of IP Layer."
        INDEX  { swACLIpProfileID }
        ::= { swACLIpTable 1 }
      
    SwACLIpEntry ::= 
        SEQUENCE {
            swACLIpProfileID	
                INTEGER,
--            swACLIpPort		
--                PortList,       
            swACLIpUsevlan
                INTEGER,
            swACLIpIpAddrMaskState
                INTEGER,
            swACLIpSrcIpAddrMask
                IpAddress,
            swACLIpDstIpAddrMask
                IpAddress,
            swACLIpUseDSCP		
                INTEGER,
            swACLIpUseProtoType
                INTEGER,        
            swACLIpIcmpOption	
                INTEGER,                        
            swACLIpIgmpOption
                INTEGER,                        
            swACLIpTcpOption
                INTEGER,                        
            swACLIpUdpOption	
             	INTEGER,   
            swACLIpTCPorUDPSrcPortMask
				OCTET STRING,	
	    	swACLIpTCPorUDPDstPortMask
				OCTET STRING,	     
	    	swACLIpTCPFlagBit
				INTEGER,              
            swACLIpTCPFlagBitMask	
            	INTEGER,                             
            swACLIpProtoIDOption
                INTEGER,                        
            swACLIpProtoIDMask
                OCTET STRING,	                     
            swACLIpRowStatus	
                RowStatus                                                         
        }
    swACLIpProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLIpEntry 1 }

--    swACLIpPort OBJECT-TYPE
--        SYNTAX  PortList
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "This object indicates which port(s) should be filtered."
--        ::= { swACLIpEntry 2 }  

    swACLIpUsevlan OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates if IP layer vlan is examined or not."
        ::= { swACLIpEntry 2 }        

    swACLIpIpAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-ip-addr(2),
               src-ip-addr(3),
               dst-src-ip-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of IP address mask. 

            other(1) - Neither source IP address nor destination IP address are 
                masked.
            dst-ip-addr(2) - recieved frames's destination IP address are 
                currently used to be filtered as it meets with the IP 
                address entry of the table.
            src-ip-addr(3) - recieved frames's source IP address are currently 
                used to be filtered as it meets with the IP address entry of
                the table.
            dst-src-ip-addr(4) - recieved frames's destination IP address or 
                source IP address are currently used to be filtered as it meets
                with the IP address entry of the table."
        ::= { swACLIpEntry 3 }    
        
    swACLIpSrcIpAddrMask OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies IP address mask for the source IP address."
        ::= { swACLIpEntry 4 }     
        
    swACLIpDstIpAddrMask OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies the IP address mask for the destination IP address."
        ::= { swACLIpEntry 5 }   
        
    swACLIpUseDSCP OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates DSCP protocol is is examined or not."
        ::= { swACLIpEntry 6 }     
        
    swACLIpUseProtoType OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               icmp(2),
               igmp(3),
               tcp(4),
               udp(5),
               protocolId(6)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "That object indicates which protocol will be examined."
        ::= { swACLIpEntry 7 }     

    swACLIpIcmpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               type(2),
               code(3),
               type-code(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates which fields should be filled in of ICMP.
            none(1)- two fields are null.
            type(2)- type field should be filled in.     
            code(3)- code field should be filled in.  
            type-code(4)- not only type fileld but code field should be filled in.
            "
        ::= { swACLIpEntry 8 }     
        
    swACLIpIgmpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
              }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates Options of IGMP is examined or not."
        ::= { swACLIpEntry 9 }     

    swACLIpTcpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               other(1),
               dst-addr(2),
               src-addr(3),
               dst-src-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of filtered address of TCP. 

           	other(1) - Neither source port nor destination port are 
                masked.
            dst-addr(2) - recieved frames's destination port are 
                currently used to be filtered .
            src-addr(3) - recieved frames's source port are currently 
                used to be filtered .
            dst-src-addr(4) - both recieved frames's destination port and 
                source port are currently used to be filtered ."
        ::= { swACLIpEntry 10 }     
            
    swACLIpUdpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               other(1),
               dst-addr(2),
               src-addr(3),
               dst-src-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of filtered address of UDP . 

            other(1) - Neither source port nor destination port are 
                masked.
            dst-addr(2) - recieved frames's destination port are 
                currently used to be filtered .
            src-addr(3) - recieved frames's source port are currently 
                used to be filtered .
            dst-src-addr(4) - recieved frames's destination port or 
                source port are currently used to be filtered."

        ::= { swACLIpEntry 11 }         

    swACLIpTCPorUDPSrcPortMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(2)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP port mask for the source port  if swACLIpUseProtoType is TCP
             Specifies a UDP port mask for the source port if swACLIpUseProtoType is UDP.
             "
        ::= { swACLIpEntry 12 }     

    swACLIpTCPorUDPDstPortMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(2))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP port mask for the destination port  if swACLIpUseProtoType is TCP
             Specifies a UDP port mask for the destination port if swACLIpUseProtoType is UDP."
        ::= { swACLIpEntry 13 }         
	
    swACLIpTCPFlagBit OBJECT-TYPE
		SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP connection flag mask."
        ::= { swACLIpEntry 14 }                 

    swACLIpTCPFlagBitMask OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "A value which indicates the set of TCP flags that this
            entity may potentially offers.  The value is a sum.  This
            sum initially takes the value zero, Then, for each flag, L,
            in the range 1 through 6, that this node performs
            transactions for, 2 raised to (L - 1) is added to the sum.
            Note that values should be calculated accordingly:

                 Flag      functionality
                   6        urg bit
                   5        ack bit
                   4        psh bit
                   3        rst bit
                   2		syn bit
                   1 		fin bit                 
			For example,it you want to enable urg bit and ack bit,you
			should set vlaue 48(2^(5-1) + 2^(6-1))."
        ::= { swACLIpEntry 15 } 

    swACLIpProtoIDOption OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the switch will examine each frame's Protocol ID field or not."
        ::= { swACLIpEntry 16 }    

    swACLIpProtoIDMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IP protocol ID and the mask options
             behind the IP header."
        ::= { swACLIpEntry 17 }     

    swACLIpRowStatus OBJECT-TYPE	
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLIpEntry 18 }       

--***************************************************************************
--swACLPktContMaskTable
--***************************************************************************
    swACLPktContMaskTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLPktContMaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of user-defined information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's user-defined part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swAclMaskMgmt 3 }
        
    swACLPktContMaskEntry OBJECT-TYPE
        SYNTAX  SwACLPktContMaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of user-defined."
        INDEX  { swACLPktContMaskProfileID }
        ::= { swACLPktContMaskTable 1 }
      
    SwACLPktContMaskEntry ::= 
        SEQUENCE {
            swACLPktContMaskProfileID
                INTEGER,
--            swACLPktContMaskPort		
--                PortList,       
            swACLPktContMaskOffset0to15
                OCTET STRING,
            swACLPktContMaskOffset16to31
                OCTET STRING,
            swACLPktContMaskOffset32to47
                OCTET STRING,
            swACLPktContMaskOffset48to63
                OCTET STRING,
            swACLPktContMaskOffset64to79
                OCTET STRING,
            swACLPktContMaskRowStatus	
                RowStatus                                                     
        }
    swACLPktContMaskProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLPktContMaskEntry 1 }
        
--    swACLPktContMaskPort OBJECT-TYPE
--        SYNTAX  PortList
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "This object indicates which port(s) should be filtered."
--        ::= { swACLPktContMaskEntry 2 }
          
    swACLPktContMaskOffset0to15 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset0to15) and
             the mask options."
        ::= { swACLPktContMaskEntry 2 }     

    swACLPktContMaskOffset16to31 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset16to31) and
             the mask options."
         ::= { swACLPktContMaskEntry 3 }     

    swACLPktContMaskOffset32to47 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset32to47) and
             the mask options."
        ::= { swACLPktContMaskEntry 4 } 

    swACLPktContMaskOffset48to63 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset48to63) and
             the mask options."
        ::= { swACLPktContMaskEntry 5 } 

    swACLPktContMaskOffset64to79 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset64to79) and
             the mask options."
        ::= { swACLPktContMaskEntry 6 }         
        
    swACLPktContMaskRowStatus OBJECT-TYPE --swACLEthernetState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLPktContMaskEntry 7 }        

--***************************************************************************
--swACLIpv6MaskTable
--***************************************************************************
    swACLIpv6MaskTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLIpv6MaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of user-defined information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's ipv6 part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swAclMaskMgmt 4 }
        
    swACLIpv6MaskEntry OBJECT-TYPE
        SYNTAX  SwACLIpv6MaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of user-defined."
        INDEX  { swACLIpv6MaskProfileID }
        ::= { swACLIpv6MaskTable 1 }
      
    SwACLIpv6MaskEntry ::= 
        SEQUENCE {
            swACLIpv6MaskProfileID
                INTEGER,
--            swACLIpv6MaskPort		
--                PortList,       
            swACLIpv6MaskClass
                INTEGER,
            swACLIpv6MaskFlowlabel
                INTEGER,
            swACLIpv6IpAddrMaskState
                INTEGER,
            swACLIpv6MaskSrcIpv6Mask
                Ipv6Address,
            swACLIpv6MaskDstIpv6Mask
                Ipv6Address,
            swACLIpv6MaskRowStatus	
                RowStatus                                                     
        }
    swACLIpv6MaskProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLIpv6MaskEntry 1 }
        
--    swACLIpv6MaskPort OBJECT-TYPE
--        SYNTAX  PortList
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "This object indicates which port(s) should be filtered."
--        ::= { swACLIpv6MaskEntry 2 }
          
    swACLIpv6MaskClass OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 class field and the mask options."
        ::= { swACLIpv6MaskEntry 2 }     

    swACLIpv6MaskFlowlabel OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 flowlabel field and the mask options."
        ::= { swACLIpv6MaskEntry 3 }     

    swACLIpv6IpAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-ipv6-addr(2),
               src-ipv6-addr(3),
               dst-src-ipv6-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of IPv6 address mask. 

            other(1) - Neither source IPv6 address nor destination IPv6 address are 
                masked.
            dst-ipv6-addr(2) - recieved frames's destination IPv6 address are 
                currently used to be filtered as it meets with the IPv6
                address entry of the table.
            src-ipv6-addr(3) - recieved frames's source IPv6 address are currently 
                used to be filtered as it meets with the IPv6 address entry of
                the table.
            dst-src-ipv6-addr(4) - recieved frames's destination IPv6 address or 
                source IPv6 address are currently used to be filtered as it meets
                with the IPv6 address entry of the table."
        ::= { swACLIpv6MaskEntry 4 }    

    swACLIpv6MaskSrcIpv6Mask OBJECT-TYPE
        SYNTAX  Ipv6Address
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the Source IPv6 address and the mask options.
            This should be 16 byte octet string."
        ::= { swACLIpv6MaskEntry 5 } 

    swACLIpv6MaskDstIpv6Mask OBJECT-TYPE
        SYNTAX  Ipv6Address 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the Destination IPv6 address and the mask options.
            This should be 16 byte octet string."
        ::= { swACLIpv6MaskEntry 6 }       
        
    swACLIpv6MaskRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLIpv6MaskEntry 7 }        


--***************************************************************************
--swACLEtherRuleTable
--***************************************************************************  
    swACLEtherRuleTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLEtherRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of ethernet information."
        ::= { swAclRuleMgmt 1 }
        
    swACLEtherRuleEntry OBJECT-TYPE
        SYNTAX  SwACLEtherRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the layer 2 part of each packet."
        INDEX  { swACLEtherRuleProfileID,swACLEtherRuleAccessID }
        ::= { swACLEtherRuleTable 1 }
      
    SwACLEtherRuleEntry ::= 
        SEQUENCE {
            swACLEtherRuleProfileID		
                INTEGER,
            swACLEtherRuleAccessID
                INTEGER,
            swACLEtherRuleVlan
                SnmpAdminString,
            swACLEtherRuleSrcMacAddress
                MacAddress,
            swACLEtherRuleDstMacAddress	
                MacAddress,             
            swACLEtherRule8021P
                INTEGER,        
            swACLEtherRuleEtherType
                OCTET STRING,   
            swACLEtherRuleEnablePriority
                INTEGER,
            swACLEtherRulePriority
                INTEGER,             
            swACLEtherRuleReplacePriority	
                INTEGER,       
            swACLEtherRuleEnableReplaceDscp
                INTEGER,                    
            swACLEtherRuleRepDscp	
                INTEGER,              
            swACLEtherRulePermit
                INTEGER,         
            swACLEtherRulePort
--                INTEGER,
                PortList,
--            swACLEtherRuleSwAclState
--                INTEGER,
            swACLEtherRuleRowStatus
                RowStatus                                                         
        }
    swACLEtherRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLEtherRuleEntry 1 }
    
    swACLEtherRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (0..65535)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swACLEtherRuleProfileID.
            while row creation Set to 0 to indicate assign Access ID automatically 
            for the ports in the swACLEtherRulePort  to create Rule entries for swACLEtherRulePort
            accordingly. 
            Set to 1-65535 indicates to create the exact access ID for the swACLEtherRulePort
            and the swACLEtherRulePort must set one port only otherwise the row creation will 
            be fail."
        ::= { swACLEtherRuleEntry 2 }        
         
    swACLEtherRuleVlan OBJECT-TYPE
        SYNTAX  SnmpAdminString (SIZE (1..32))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to this VLAN."
        ::= { swACLEtherRuleEntry 3 }     
        
    swACLEtherRuleSrcMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply to only packets with
             this source MAC address."
        ::= { swACLEtherRuleEntry 4 }   
        
    swACLEtherRuleDstMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply to only packets
              with this destination MAC address."
        ::= { swACLEtherRuleEntry 5 }       
        
    swACLEtherRule8021P OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
              this 802.1p priority value."
        ::= { swACLEtherRuleEntry 6 }      
        
    swACLEtherRuleEtherType OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE (2))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with this
             hexidecimal 802.1Q Ethernet type value in the packet header."
        ::= { swACLEtherRuleEntry 7 }      

    swACLEtherRuleEnablePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
             priority value."
        ::= { swACLEtherRuleEntry 8 }     
        
    swACLEtherRulePriority OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the priority will change to the packets while the swACLEtherRuleReplacePriority
             is enabled ."
        ::= { swACLEtherRuleEntry 9 }     
        
    swACLEtherRuleReplacePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will changed the
             802.1p priority tag field by the switch or not ."
        ::= { swACLEtherRuleEntry 10 }  
        
    swACLEtherRuleEnableReplaceDscp OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will replaced the
             DSCP field by the switch or not ."
        ::= { swACLEtherRuleEntry 11 }  

    swACLEtherRuleRepDscp OBJECT-TYPE	
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "specify a value to be written to the DSCP field of an incoming packet
             that meets the criteria specified in the first part of the command.
             This value will over-write the value in the DSCP field of the packet."
        ::= { swACLEtherRuleEntry 12 }  

    swACLEtherRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swACLEtherRuleEntry 13 }  
        
    swACLEtherRulePort OBJECT-TYPE
--        SYNTAX  INTEGER (1..65535)
        SYNTAX  PortList
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply to only to port(s)."
        ::= { swACLEtherRuleEntry 14 }  

--    swACLEtherRuleSwAclState OBJECT-TYPE
--        SYNTAX  INTEGER {
--               enable(1),
--               disable(2)
--               }
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "Specifies that the access will apply to only to software ACL state."
--        ::= { swACLEtherRuleEntry 15 }     
               
    swACLEtherRuleRowStatus OBJECT-TYPE	--swACLEtherRuleState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLEtherRuleEntry 15 }   

--***************************************************************************
--swACLIpRuleTable
--***************************************************************************  
    swACLIpRuleTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwACLIpRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            ""
        ::= { swAclRuleMgmt 2 }
        
    swACLIpRuleEntry OBJECT-TYPE
        SYNTAX  SwACLIpRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            ""
        INDEX  { swACLIpRuleProfileID , swACLIpRuleAccessID }
        ::= { swACLIpRuleTable 1 }
      
    SwACLIpRuleEntry ::= 
        SEQUENCE {
            swACLIpRuleProfileID
                INTEGER,
            swACLIpRuleAccessID
                INTEGER,
            swACLIpRuleVlan
                SnmpAdminString,
            swACLIpRuleSrcIpaddress  
            	IpAddress,
            swACLIpRuleDstIpaddress
            	IpAddress,
            swACLIpRuleDscp		 
            	INTEGER,
            swACLIpRuleProtocol
                INTEGER,
            swACLIpRuleType			
            	INTEGER,
            swACLIpRuleCode			
            	INTEGER,
            swACLIpRuleSrcPort		
            	INTEGER,
            swACLIpRuleDstPort		
            	INTEGER,
            swACLIpRuleFlagBits		
            	INTEGER,
            swACLIpRuleProtoID		
            	INTEGER,
            swACLIpRuleUserMask		
            	OCTET STRING,	
            swACLIpRuleEnablePriority
                INTEGER,
            swACLIpRulePriority
                INTEGER,             
            swACLIpRuleReplacePriority
                INTEGER,       
            swACLIpRuleEnableReplaceDscp
                INTEGER,                    
            swACLIpRuleRepDscp
                INTEGER,           
            swACLIpRulePermit
            	INTEGER,         
            swACLIpRulePort
--            	INTEGER,         
                PortList,
--            swACLIpRuleSwAclState
--                INTEGER,
            swACLIpRuleRowStatus	
                RowStatus                                                         
        }
    swACLIpRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLIpRuleEntry 1 }
    
    swACLIpRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (0..65535)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swACLIPRuleProfileID.
            while row creation Set to 0 to indicate assign Access ID automatically 
            for the ports in the swACLIpRulePort  to create Rule entries for swACLIpRulePort
            accordingly. 
            Set to 1-65535 indicates to create the exact access ID for the swACLIpRulePort
            and the swACLIpRulePort must set one port only otherwise the row creation will 
            be fail."
        ::= { swACLIpRuleEntry 2 }        
        
    swACLIpRuleVlan OBJECT-TYPE
        SYNTAX  SnmpAdminString (SIZE (1..32))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to this VLAN."
        ::= { swACLIpRuleEntry 3 }     
        
    swACLIpRuleSrcIpaddress OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific an IP source address."
        ::= { swACLIpRuleEntry 4 }  

    swACLIpRuleDstIpaddress OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific an IP destination address."
        ::= { swACLIpRuleEntry 5 }  
        
    swACLIpRuleDscp OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the value of dscp, the value can be configured 0 to 63"
        ::= { swACLIpRuleEntry 6 }       

    swACLIpRuleProtocol OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               icmp(2),
               igmp(3),
               tcp(4),
               udp(5),
               protocolId(6)
               }
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Specifies the IP protocol which has been configured in swACLIpEntry  ."
        ::= { swACLIpRuleEntry 7 }   

    swACLIpRuleType OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of  icmp type traffic."
        ::= { swACLIpRuleEntry 8 }    

    swACLIpRuleCode OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of icmp code traffic."
        ::= { swACLIpRuleEntry 9 }    

    swACLIpRuleSrcPort OBJECT-TYPE
        SYNTAX  INTEGER(0..65535)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies the range of tcp/udp source port"
        ::= { swACLIpRuleEntry 10 }    

    swACLIpRuleDstPort OBJECT-TYPE
        SYNTAX  INTEGER(0..65535)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the range of tcp/udp destination port range"
        ::= { swACLIpRuleEntry 11 }    

    swACLIpRuleFlagBits OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "A value which indicates the set of TCP flags that this
            entity may potentially offers.  The value is a sum.  This
            sum initially takes the value zero, Then, for each flag, L,
            in the range 1 through 6, that this node performs
            transactions for, 2 raised to (L - 1) is added to the sum.
            Note that values should be calculated accordingly:

                 Flag      functionality
                   6        urg bit
                   5        ack bit
                   4        psh bit
                   3        rst bit
                   2		syn bit
                   1 		fin bit                 
			For example,it you want to enable urg bit and ack bit,you
			should set vlaue 48(2^(5-1) + 2^(6-1))."
        ::= { swACLIpRuleEntry 12 } 

    swACLIpRuleProtoID OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of  ip protocol id traffic"
        ::= { swACLIpRuleEntry 13 }    

    swACLIpRuleUserMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the ip protocol id and the range of
             options behind the IP header."
        ::= { swACLIpRuleEntry 14 }    
        
    swACLIpRuleEnablePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
             priority value."
        ::= { swACLIpRuleEntry 15 }     
        
    swACLIpRulePriority OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the priority will change to the packets while the swACLIpRuleEnablePriority
             is enabled ."
        ::= { swACLIpRuleEntry 16 }     
        
    swACLIpRuleReplacePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will changed the
             802.1p priority tag field by the switch or not ."
        ::= { swACLIpRuleEntry 17 }  
        
    swACLIpRuleEnableReplaceDscp OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Indicate weather the DSCP field can be over-write or not. "
        ::= { swACLIpRuleEntry 18 }  

    swACLIpRuleRepDscp OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "specify a value to be written to the DSCP field of an incoming packet
             that meets the criteria specified in the first part of the command.
             This value will over-write the value in the DSCP field of the packet."
        ::= { swACLIpRuleEntry 19 }  

    swACLIpRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swACLIpRuleEntry 20 }  
        
    swACLIpRulePort OBJECT-TYPE
--        SYNTAX  INTEGER (1..65535)
        SYNTAX  PortList
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to port(s)."
        ::= { swACLIpRuleEntry 21 } 
         
--    swACLIpRuleSwAclState OBJECT-TYPE
--        SYNTAX  INTEGER {
--               enable(1),
--               disable(2)
--               }
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "Specifies that the access will apply to only to software ACL state."
--        ::= { swACLIpRuleEntry 22 }    
        
    swACLIpRuleRowStatus OBJECT-TYPE	
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLIpRuleEntry 22 }            

--***************************************************************************
--swACLPktContRuleTable
--***************************************************************************  
    swACLPktContRuleTable OBJECT-TYPE 
        SYNTAX  SEQUENCE OF SwACLPktContRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of user-defined information."
        ::= { swAclRuleMgmt 3 }
        
    swACLPktContRuleEntry OBJECT-TYPE
        SYNTAX  SwACLPktContRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the user-defined part of each packet."
        INDEX  { swACLPktContRuleProfileID,swACLPktContRuleAccessID }
        ::= { swACLPktContRuleTable 1 }
      
    SwACLPktContRuleEntry ::= 
        SEQUENCE {
            swACLPktContRuleProfileID		
                INTEGER,
            swACLPktContRuleAccessID
                INTEGER,
            swACLPktContRuleOffset0to15
                OCTET STRING,
            swACLPktContRuleOffset16to31
                OCTET STRING,
            swACLPktContRuleOffset32to47
                OCTET STRING,
            swACLPktContRuleOffset48to63
                OCTET STRING,             
            swACLPktContRuleOffset64to79
                OCTET STRING,
            swACLPktContRuleEnablePriority
            	INTEGER,      
            swACLPktContRulePriority
                INTEGER,             
            swACLPktContRuleReplacePriority	
                INTEGER,       
            swACLPktContRuleEnableReplaceDscp
                INTEGER,                    
            swACLPktContRuleRepDscp	
                INTEGER,              
            swACLPktContRulePermit
                INTEGER,         
            swACLPktContRulePort
--                INTEGER,         
                PortList,
--            swACLPktContRuleSwAclState
--                INTEGER,
            swACLPktContRuleRowStatus
                RowStatus                                                         
        }
    swACLPktContRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLPktContRuleEntry 1 }
    
    swACLPktContRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (0..65535)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swACLPktContRuleProfileID.
            while row creation Set to 0 to indicate assign Access ID automatically 
            for the ports in the swACLPktContRulePort  to create Rule entries for swACLPktContRulePort
            accordingly. 
            Set to 1-65535 indicates to create the exact access ID for the swACLPktContRulePort
            and the swACLPktContRulePort must set one port only otherwise the row creation will 
            be fail."
        ::= { swACLPktContRuleEntry 2 }        

    swACLPktContRuleOffset0to15 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swACLPktContRuleEntry 3 }      
         
    swACLPktContRuleOffset16to31 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swACLPktContRuleEntry 4 }      
        
    swACLPktContRuleOffset32to47 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swACLPktContRuleEntry 5 }      
        
    swACLPktContRuleOffset48to63 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swACLPktContRuleEntry 6 }           
        
    swACLPktContRuleOffset64to79 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swACLPktContRuleEntry 7 }               

    swACLPktContRuleEnablePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
             priority value."
        ::= { swACLPktContRuleEntry 8 }  
                
    swACLPktContRulePriority OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the priority will change to the packets while the swACLPktContRuleReplacePriority
             is enabled ."
        ::= { swACLPktContRuleEntry 9 }     
        
    swACLPktContRuleReplacePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will changed the
             802.1p priority tag field by the switch or not ."
        ::= { swACLPktContRuleEntry 10 }  
        
    swACLPktContRuleEnableReplaceDscp OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will replaced the
             DSCP field by the switch or not ."
        ::= { swACLPktContRuleEntry 11 }  

    swACLPktContRuleRepDscp OBJECT-TYPE	
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "specify a value to be written to the DSCP field of an incoming packet
             that meets the criteria specified in the first part of the command.
             This value will over-write the value in the DSCP field of the packet."
        ::= { swACLPktContRuleEntry 12 }  

    swACLPktContRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swACLPktContRuleEntry 13 }  

    swACLPktContRulePort OBJECT-TYPE
--        SYNTAX  INTEGER (1..65535)
        SYNTAX  PortList
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
             "Specifies that the access  will apply to only to port(s)."
         ::= { swACLPktContRuleEntry 14 }  
 
 --   swACLPktContRuleSwAclState OBJECT-TYPE
 --       SYNTAX  INTEGER {
 --              enable(1),
 --              disable(2)
--              }
--       MAX-ACCESS  read-create
--       STATUS  current
--       DESCRIPTION
--           "Specifies that the access will apply to only to software ACL state."
--       ::= { swACLPktContRuleEntry 15 }    
        
    swACLPktContRuleRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLPktContRuleEntry 15 }   

--***************************************************************************
--swACLIpv6RuleTable
--***************************************************************************  
    swACLIpv6RuleTable OBJECT-TYPE 
        SYNTAX  SEQUENCE OF SwACLIpv6RuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of user-defined information."
        ::= { swAclRuleMgmt 4 }
        
    swACLIpv6RuleEntry OBJECT-TYPE
        SYNTAX  SwACLIpv6RuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the user-defined part of each packet."
        INDEX  { swACLIpv6RuleProfileID,swACLIpv6RuleAccessID }
        ::= { swACLIpv6RuleTable 1 }
      
    SwACLIpv6RuleEntry ::= 
        SEQUENCE {
            swACLIpv6RuleProfileID		
                INTEGER,
            swACLIpv6RuleAccessID
                INTEGER,
            swACLIpv6RuleClass
                INTEGER,
            swACLIpv6RuleFlowlabel
                OCTET STRING,
            swACLIpv6RuleSrcIpv6Addr
                Ipv6Address,
            swACLIpv6RuleDstIpv6Addr
                Ipv6Address,             
            swACLIpv6RuleEnablePriority
            	INTEGER,      
            swACLIpv6RulePriority
                INTEGER,             
            swACLIpv6RuleReplacePriority	
                INTEGER,       
--            swACLIpv6RuleEnableReplaceDscp
--                INTEGER,                    
--            swACLIpv6RuleRepDscp	
--                INTEGER,              
            swACLIpv6RulePermit
                INTEGER,         
            swACLIpv6RulePort
--                INTEGER,         
                PortList,
--            swACLIpv6RuleSwAclState
--                INTEGER,
            swACLIpv6RuleRowStatus
                RowStatus                                                         
        }
    swACLIpv6RuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..255)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swACLIpv6RuleEntry 1 }
    
    swACLIpv6RuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (0..65535)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swACLIpv6RuleProfileID.
             while row creation Set to 0 to indicate assign Access ID automatically 
            for the ports in the swACLIpv6RulePort  to create Rule entries for swACLIpv6RulePort
            accordingly. 
            Set to 1-65535 indicates to create the exact access ID for the swACLIpv6RulePort
            and the swACLIpv6RulePort must set one port only otherwise the row creation will 
            be fail."
        ::= { swACLIpv6RuleEntry 2 }        

    swACLIpv6RuleClass OBJECT-TYPE
        SYNTAX  INTEGER (0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 class filed."
        ::= { swACLIpv6RuleEntry 3 }      
         
    swACLIpv6RuleFlowlabel OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 flowlabel filed."
        ::= { swACLIpv6RuleEntry 4 }      
        
    swACLIpv6RuleSrcIpv6Addr OBJECT-TYPE
        SYNTAX  Ipv6Address
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the source IPv6 address.
            This should be 16 byte octet string."
        ::= { swACLIpv6RuleEntry 5 }      
        
    swACLIpv6RuleDstIpv6Addr OBJECT-TYPE
        SYNTAX  Ipv6Address 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the destination IPv6 address.
            This should be 16 byte octet string."
        ::= { swACLIpv6RuleEntry 6 }           
        
    swACLIpv6RuleEnablePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
             priority value."
        ::= { swACLIpv6RuleEntry 7 }  

    swACLIpv6RulePriority OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the priority will change to the packets while the swACLIpv6RuleReplacePriority
             is enabled ."
        ::= { swACLIpv6RuleEntry 8 }     
        
    swACLIpv6RuleReplacePriority OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the packets that match the access profile will changed the
             802.1p priority tag field by the switch or not ."
        ::= { swACLIpv6RuleEntry 9 }  
        
--    swACLIpv6RuleEnableReplaceDscp OBJECT-TYPE
--        SYNTAX  INTEGER {
--               enabled(1),
--               disabled(2)
--               }
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "Specific the packets that match the access profile will replaced the
--             DSCP field by the switch or not ."
--        ::= { swACLIpv6RuleEntry 9 }  
--
--    swACLIpv6RuleRepDscp OBJECT-TYPE	
--        SYNTAX  INTEGER(0..63)
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "specify a value to be written to the DSCP field of an incoming packet
--             that meets the criteria specified in the first part of the command.
--             This value will over-write the value in the DSCP field of the packet."
--        ::= { swACLIpv6RuleEntry 10 }  

    swACLIpv6RulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swACLIpv6RuleEntry 10 }  
        
    swACLIpv6RulePort OBJECT-TYPE
--        SYNTAX  INTEGER (1..65535)
        SYNTAX  PortList
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to port(s)."
        ::= { swACLIpv6RuleEntry 11 }  

--    swACLIpv6RuleSwAclState OBJECT-TYPE
--        SYNTAX  INTEGER {
--               enable(1),
--               disable(2)
--               }
--        MAX-ACCESS  read-create
--        STATUS  current
--        DESCRIPTION
--            "Specifies that the access will apply to only to software ACL state."
--        ::= { swACLIpv6RuleEntry 13 }    
                        
    swACLIpv6RuleRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swACLIpv6RuleEntry 12 }   

--***************************************************************************
--swCpuAclEthernetTable
--***************************************************************************
    swCpuAclEthernetTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclEthernetEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of Ethernet information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's layer 2 part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swCpuAclMaskMgmt 1 }
        
    swCpuAclEthernetEntry OBJECT-TYPE
        SYNTAX  SwCpuAclEthernetEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of Ethernet."
        INDEX  { swCpuAclEthernetProfileID }
        ::= { swCpuAclEthernetTable 1 }
      
    SwCpuAclEthernetEntry ::= 
        SEQUENCE {
            swCpuAclEthernetProfileID
                INTEGER,
            swCpuAclEthernetUsevlan
                INTEGER,
            swCpuAclEthernetMacAddrMaskState
                INTEGER,
            swCpuAclEthernetSrcMacAddrMask
                MacAddress,
            swCpuAclEthernetDstMacAddrMask
                MacAddress,
            swCpuAclEthernetUse8021p
                INTEGER,
            swCpuAclEthernetUseEthernetType
                INTEGER,                   
            swCpuAclEthernetRowStatus
                RowStatus                                                         
        }
    swCpuAclEthernetProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclEthernetEntry 1 }
    
    swCpuAclEthernetUsevlan OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the switch will examine the VLAN part of each packet header."
        ::= { swCpuAclEthernetEntry 2 }        

    swCpuAclEthernetMacAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-mac-addr(2),
               src-mac-addr(3),
               dst-src-mac-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of MAC address mask. 

            other(1) - Neither source MAC address nor destination MAC address are 
                masked.
            dst-mac-addr(2) - recieved frames's destination MAC address are  
                currently used to be filtered as it meets with the MAC 
                address entry of the table.
            src-mac-addr(3) - recieved frames's source MAC address are currently 
                used to be filtered as it meets with the MAC address entry 
                of the table.
            dst-src-mac-addr(4) - recieved frames's destination MAC address or 
                source MAC address are currently used to be filtered as it meets
                with the MAC address entry of the table."
        ::= { swCpuAclEthernetEntry 3 }    
        
    swCpuAclEthernetSrcMacAddrMask OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies the MAC address mask for the source MAC address."
        ::= { swCpuAclEthernetEntry 4 }     
        
    swCpuAclEthernetDstMacAddrMask OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object  Specifies the  MAC address mask for the destination MAC address."
        ::= { swCpuAclEthernetEntry 5 }   
        
    swCpuAclEthernetUse8021p OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies if the switch will examine the 802.1p priority value in the frame's header
              or not."
        ::= { swCpuAclEthernetEntry 6 }     
        
    swCpuAclEthernetUseEthernetType OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies if the switch will examine the Ethernet type value in each frame's header 
              or not."
        ::= { swCpuAclEthernetEntry 7 }     
                
    swCpuAclEthernetRowStatus OBJECT-TYPE --swCpuAclEthernetState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclEthernetEntry 8 }        
        
        
--***************************************************************************
--swCpuAclIpTable
--***************************************************************************  
    swCpuAclIpTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclIpEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of IP information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's IP layer part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields."
        ::= { swCpuAclMaskMgmt 2 }
        
    swCpuAclIpEntry OBJECT-TYPE
        SYNTAX  SwCpuAclIpEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of IP Layer."
        INDEX  { swCpuAclIpProfileID }
        ::= { swCpuAclIpTable 1 }
      
    SwCpuAclIpEntry ::= 
        SEQUENCE {
            swCpuAclIpProfileID	
                INTEGER,
            swCpuAclIpUsevlan
                INTEGER,
            swCpuAclIpIpAddrMaskState
                INTEGER,
            swCpuAclIpSrcIpAddrMask
                IpAddress,
            swCpuAclIpDstIpAddrMask
                IpAddress,
            swCpuAclIpUseDSCP		
                INTEGER,
            swCpuAclIpUseProtoType
                INTEGER,        
            swCpuAclIpIcmpOption	
                INTEGER,                        
            swCpuAclIpIgmpOption
                INTEGER,                        
            swCpuAclIpTcpOption
                INTEGER,                        
            swCpuAclIpUdpOption	
             	INTEGER,   
            swCpuAclIpTCPorUDPSrcPortMask
				OCTET STRING,	
	    	swCpuAclIpTCPorUDPDstPortMask
				OCTET STRING,	     
	    	swCpuAclIpTCPFlagBit
				INTEGER,              
            swCpuAclIpTCPFlagBitMask	
            	INTEGER,                             
            swCpuAclIpProtoIDOption
                INTEGER,                        
            swCpuAclIpProtoIDMask
                OCTET STRING,	                     
            swCpuAclIpRowStatus	
                RowStatus                                                         
        }
    swCpuAclIpProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclIpEntry 1 }

    swCpuAclIpUsevlan OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates if IP layer vlan is examined or not."
        ::= { swCpuAclIpEntry 2 }        

    swCpuAclIpIpAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-ip-addr(2),
               src-ip-addr(3),
               dst-src-ip-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of IP address mask. 

            other(1) - Neither source IP address nor destination IP address are 
                masked.
            dst-ip-addr(2) - recieved frames's destination IP address are 
                currently used to be filtered as it meets with the IP 
                address entry of the table.
            src-ip-addr(3) - recieved frames's source IP address are currently 
                used to be filtered as it meets with the IP address entry of
                the table.
            dst-src-ip-addr(4) - recieved frames's destination IP address or 
                source IP address are currently used to be filtered as it meets
                with the IP address entry of the table."
        ::= { swCpuAclIpEntry 3 }    
        
    swCpuAclIpSrcIpAddrMask OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies IP address mask for the source IP address."
        ::= { swCpuAclIpEntry 4 }     
        
    swCpuAclIpDstIpAddrMask OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object Specifies the IP address mask for the destination IP address."
        ::= { swCpuAclIpEntry 5 }   
        
    swCpuAclIpUseDSCP OBJECT-TYPE
        SYNTAX  INTEGER {
               enabled(1),
               disabled(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates DSCP protocol is is examined or not."
        ::= { swCpuAclIpEntry 6 }     
        
    swCpuAclIpUseProtoType OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               icmp(2),
               igmp(3),
               tcp(4),
               udp(5),
               protocolId(6)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "That object indicates which protocol will be examined."
        ::= { swCpuAclIpEntry 7 }     

    swCpuAclIpIcmpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               type(2),
               code(3),
               type-code(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates which fields should be filled in of ICMP.
            none(1)- two fields are null.
            type(2)- type field should be filled in.     
            code(3)- code field should be filled in.  
            type-code(4)- not only type fileld but code field should be filled in.
            "
        ::= { swCpuAclIpEntry 8 }     
        
    swCpuAclIpIgmpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
              }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates Options of IGMP is examined or not."
        ::= { swCpuAclIpEntry 9 }     

    swCpuAclIpTcpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               other(1),
               dst-addr(2),
               src-addr(3),
               dst-src-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of filtered address of TCP. 

           	other(1) - Neither source port nor destination port are 
                masked.
            dst-addr(2) - recieved frames's destination port are 
                currently used to be filtered .
            src-addr(3) - recieved frames's source port are currently 
                used to be filtered .
            dst-src-addr(4) - both recieved frames's destination port and 
                source port are currently used to be filtered ."
        ::= { swCpuAclIpEntry 10 }     
            
    swCpuAclIpUdpOption OBJECT-TYPE
        SYNTAX  INTEGER {
               other(1),
               dst-addr(2),
               src-addr(3),
               dst-src-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of filtered address of UDP . 

            other(1) - Neither source port nor destination port are 
                masked.
            dst-addr(2) - recieved frames's destination port are 
                currently used to be filtered .
            src-addr(3) - recieved frames's source port are currently 
                used to be filtered .
            dst-src-addr(4) - recieved frames's destination port or 
                source port are currently used to be filtered."

        ::= { swCpuAclIpEntry 11 }         

    swCpuAclIpTCPorUDPSrcPortMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(2)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP port mask for the source port  if swCpuAclIpUseProtoType is TCP
             Specifies a UDP port mask for the source port if swCpuAclIpUseProtoType is UDP.
             "
        ::= { swCpuAclIpEntry 12 }     

    swCpuAclIpTCPorUDPDstPortMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(2))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP port mask for the destination port  if swCpuAclIpUseProtoType is TCP
             Specifies a UDP port mask for the destination port if swCpuAclIpUseProtoType is UDP."
        ::= { swCpuAclIpEntry 13 }         
	
    swCpuAclIpTCPFlagBit OBJECT-TYPE
		SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies a TCP connection flag mask."
        ::= { swCpuAclIpEntry 14 }                 

    swCpuAclIpTCPFlagBitMask OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "A value which indicates the set of TCP flags that this
            entity may potentially offers.  The value is a sum.  This
            sum initially takes the value zero, Then, for each flag, L,
            in the range 1 through 6, that this node performs
            transactions for, 2 raised to (L - 1) is added to the sum.
            Note that values should be calculated accordingly:

                 Flag      functionality
                   6        urg bit
                   5        ack bit
                   4        psh bit
                   3        rst bit
                   2		syn bit
                   1 		fin bit                 
			For example,it you want to enable urg bit and ack bit,you
			should set vlaue 48(2^(5-1) + 2^(6-1))."
        ::= { swCpuAclIpEntry 15 } 

    swCpuAclIpProtoIDOption OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the switch will examine each frame's Protocol ID field or not."
        ::= { swCpuAclIpEntry 16 }    

    swCpuAclIpProtoIDMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IP protocol ID and the mask options
             behind the IP header."
        ::= { swCpuAclIpEntry 17 }     

    swCpuAclIpRowStatus OBJECT-TYPE	
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclIpEntry 18 }       

--***************************************************************************
--swCpuAclPktContMaskTable
--***************************************************************************
    swCpuAclPktContMaskTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclPktContMaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of user-defined information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's user-defined part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swCpuAclMaskMgmt 3 }
        
    swCpuAclPktContMaskEntry OBJECT-TYPE
        SYNTAX  SwCpuAclPktContMaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of user-defined."
        INDEX  { swCpuAclPktContMaskProfileID }
        ::= { swCpuAclPktContMaskTable 1 }
      
    SwCpuAclPktContMaskEntry ::= 
        SEQUENCE {
            swCpuAclPktContMaskProfileID
                INTEGER,
            swCpuAclPktContMaskOffset0to15
                OCTET STRING,
            swCpuAclPktContMaskOffset16to31
                OCTET STRING,
            swCpuAclPktContMaskOffset32to47
                OCTET STRING,
            swCpuAclPktContMaskOffset48to63
                OCTET STRING,
            swCpuAclPktContMaskOffset64to79
                OCTET STRING,
            swCpuAclPktContMaskRowStatus	
                RowStatus                                                     
        }
    swCpuAclPktContMaskProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclPktContMaskEntry 1 }
          
    swCpuAclPktContMaskOffset0to15 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset0to15) and
             the mask options."
        ::= { swCpuAclPktContMaskEntry 2 }     

    swCpuAclPktContMaskOffset16to31 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset16to31) and
             the mask options."
         ::= { swCpuAclPktContMaskEntry 3 }     

    swCpuAclPktContMaskOffset32to47 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset32to47) and
             the mask options."
        ::= { swCpuAclPktContMaskEntry 4 } 

    swCpuAclPktContMaskOffset48to63 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset48to63) and
             the mask options."
        ::= { swCpuAclPktContMaskEntry 5 } 

    swCpuAclPktContMaskOffset64to79 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the packet content(Offset64to79) and
             the mask options."
        ::= { swCpuAclPktContMaskEntry 6 }         
        
    swCpuAclPktContMaskRowStatus OBJECT-TYPE --swCpuAclEthernetState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclPktContMaskEntry 7 }        

--***************************************************************************
--swCpuAclIpv6MaskTable
--***************************************************************************
    swCpuAclIpv6MaskTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclIpv6MaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL mask of user-defined information.
             Access profiles will be created on the switch by row creation and to
              define which parts of each incoming frame's ipv6 part of header
              the switch will examine.  Masks can be entered that will be combined 
              with the values the switch finds in the  specified frame header fields.  "
        ::= { swCpuAclMaskMgmt 4 }
        
    swCpuAclIpv6MaskEntry OBJECT-TYPE
        SYNTAX  SwCpuAclIpv6MaskEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL of user-defined."
        INDEX  { swCpuAclIpv6MaskProfileID }
        ::= { swCpuAclIpv6MaskTable 1 }
      
    SwCpuAclIpv6MaskEntry ::= 
        SEQUENCE {
            swCpuAclIpv6MaskProfileID
                INTEGER,
            swCpuAclIpv6MaskClass
                INTEGER,
            swCpuAclIpv6MaskFlowlabel
                INTEGER,
            swCpuAclIpv6IpAddrMaskState
                INTEGER,
            swCpuAclIpv6MaskSrcIpv6Mask
                Ipv6Address,
            swCpuAclIpv6MaskDstIpv6Mask
                Ipv6Address,
            swCpuAclIpv6MaskRowStatus	
                RowStatus                                                     
        }
    swCpuAclIpv6MaskProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclIpv6MaskEntry 1 }
          
    swCpuAclIpv6MaskClass OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 class field and the mask options."
        ::= { swCpuAclIpv6MaskEntry 2 }     

    swCpuAclIpv6MaskFlowlabel OBJECT-TYPE
        SYNTAX  INTEGER {
               enable(1),
               disable(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 flowlabel field and the mask options."
        ::= { swCpuAclIpv6MaskEntry 3 }     

    swCpuAclIpv6IpAddrMaskState OBJECT-TYPE
		SYNTAX  INTEGER {
               other(1),
               dst-ipv6-addr(2),
               src-ipv6-addr(3),
               dst-src-ipv6-addr(4)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of IPv6 address mask. 

            other(1) - Neither source IPv6 address nor destination IPv6 address are 
                masked.
            dst-ipv6-addr(2) - recieved frames's destination IPv6 address are 
                currently used to be filtered as it meets with the IPv6
                address entry of the table.
            src-ipv6-addr(3) - recieved frames's source IPv6 address are currently 
                used to be filtered as it meets with the IPv6 address entry of
                the table.
            dst-src-ipv6-addr(4) - recieved frames's destination IPv6 address or 
                source IPv6 address are currently used to be filtered as it meets
                with the IPv6 address entry of the table."
        ::= { swCpuAclIpv6MaskEntry 4 }    

    swCpuAclIpv6MaskSrcIpv6Mask OBJECT-TYPE
        SYNTAX  Ipv6Address
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the Source IPv6 address and the mask options.
            This should be 16 byte octet string."
        ::= { swCpuAclIpv6MaskEntry 5 } 

    swCpuAclIpv6MaskDstIpv6Mask OBJECT-TYPE
        SYNTAX  Ipv6Address 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the Destination IPv6 address and the mask options.
            This should be 16 byte octet string."
        ::= { swCpuAclIpv6MaskEntry 6 }       
        
    swCpuAclIpv6MaskRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclIpv6MaskEntry 7 }        


--***************************************************************************
--swCpuAclEtherRuleTable
--***************************************************************************  
    swCpuAclEtherRuleTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclEtherRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of ethernet information."
        ::= { swCpuAclRuleMgmt 1 }
        
    swCpuAclEtherRuleEntry OBJECT-TYPE
        SYNTAX  SwCpuAclEtherRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the layer 2 part of each packet."
        INDEX  { swCpuAclEtherRuleProfileID,swCpuAclEtherRuleAccessID }
        ::= { swCpuAclEtherRuleTable 1 }
      
    SwCpuAclEtherRuleEntry ::= 
        SEQUENCE {
            swCpuAclEtherRuleProfileID		
                INTEGER,
            swCpuAclEtherRuleAccessID
                INTEGER,
            swCpuAclEtherRuleVlan
                SnmpAdminString,
            swCpuAclEtherRuleSrcMacAddress
                MacAddress,
            swCpuAclEtherRuleDstMacAddress	
                MacAddress,             
            swCpuAclEtherRule8021P
                INTEGER,        
            swCpuAclEtherRuleEtherType
                OCTET STRING,   
            swCpuAclEtherRulePermit
                INTEGER,         
            swCpuAclEtherRuleRowStatus
                RowStatus                                                         
        }
    swCpuAclEtherRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclEtherRuleEntry 1 }
    
    swCpuAclEtherRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swCpuAclEtherRuleProfileID."
        ::= { swCpuAclEtherRuleEntry 2 }        
         
    swCpuAclEtherRuleVlan OBJECT-TYPE
        SYNTAX  SnmpAdminString (SIZE (1..32))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to this VLAN."
        ::= { swCpuAclEtherRuleEntry 3 }     
        
    swCpuAclEtherRuleSrcMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply to only packets with
             this source MAC address."
        ::= { swCpuAclEtherRuleEntry 4 }   
        
    swCpuAclEtherRuleDstMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply to only packets
              with this destination MAC address."
        ::= { swCpuAclEtherRuleEntry 5 }       
        
    swCpuAclEtherRule8021P OBJECT-TYPE
        SYNTAX  INTEGER(0..7)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with
              this 802.1p priority value."
        ::= { swCpuAclEtherRuleEntry 6 }      
        
    swCpuAclEtherRuleEtherType OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE (2))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access will apply only to packets with this
             hexidecimal 802.1Q Ethernet type value in the packet header."
        ::= { swCpuAclEtherRuleEntry 7 }                            

    swCpuAclEtherRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swCpuAclEtherRuleEntry 8 }        
               
    swCpuAclEtherRuleRowStatus OBJECT-TYPE	--swCpuAclEtherRuleState
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclEtherRuleEntry 9 }   

--***************************************************************************
--swCpuAclIpRuleTable
--***************************************************************************  
    swCpuAclIpRuleTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF SwCpuAclIpRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            ""
        ::= { swCpuAclRuleMgmt 2 }
        
    swCpuAclIpRuleEntry OBJECT-TYPE
        SYNTAX  SwCpuAclIpRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            ""
        INDEX  { swCpuAclIpRuleProfileID , swCpuAclIpRuleAccessID }
        ::= { swCpuAclIpRuleTable 1 }
      
    SwCpuAclIpRuleEntry ::= 
        SEQUENCE {
            swCpuAclIpRuleProfileID
                INTEGER,
            swCpuAclIpRuleAccessID
                INTEGER,
            swCpuAclIpRuleVlan
                SnmpAdminString,
            swCpuAclIpRuleSrcIpaddress  
            	IpAddress,
            swCpuAclIpRuleDstIpaddress
            	IpAddress,
            swCpuAclIpRuleDscp		 
            	INTEGER,
            swCpuAclIpRuleProtocol
                INTEGER,
            swCpuAclIpRuleType			
            	INTEGER,
            swCpuAclIpRuleCode			
            	INTEGER,
            swCpuAclIpRuleSrcPort		
            	INTEGER,
            swCpuAclIpRuleDstPort		
            	INTEGER,
            swCpuAclIpRuleFlagBits		
            	INTEGER,
            swCpuAclIpRuleProtoID		
            	INTEGER,
            swCpuAclIpRuleUserMask		
            	OCTET STRING,
            swCpuAclIpRulePermit
            	INTEGER,         
            swCpuAclIpRuleRowStatus	
                RowStatus                                                         
        }
    swCpuAclIpRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclIpRuleEntry 1 }
    
    swCpuAclIpRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	--read-create
        STATUS  current
        DESCRIPTION
            "The ID of CpuAcl IP rule entry ."
        ::= { swCpuAclIpRuleEntry 2 }        
        
    swCpuAclIpRuleVlan OBJECT-TYPE
        SYNTAX  SnmpAdminString (SIZE (1..32))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the access  will apply to only to this VLAN."
        ::= { swCpuAclIpRuleEntry 3 }     
        
    swCpuAclIpRuleSrcIpaddress OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific an IP source address."
        ::= { swCpuAclIpRuleEntry 4 }  

    swCpuAclIpRuleDstIpaddress OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific an IP destination address."
        ::= { swCpuAclIpRuleEntry 5 }  
        
    swCpuAclIpRuleDscp OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the value of dscp, the value can be configured 0 to 63"
        ::= { swCpuAclIpRuleEntry 6 }       

    swCpuAclIpRuleProtocol OBJECT-TYPE
        SYNTAX  INTEGER {
               none(1),
               icmp(2),
               igmp(3),
               tcp(4),
               udp(5),
               protocolId(6)
               }
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Specifies the IP protocol which has been configured in swCpuAclIpEntry  ."
        ::= { swCpuAclIpRuleEntry 7 }   

    swCpuAclIpRuleType OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of  icmp type traffic."
        ::= { swCpuAclIpRuleEntry 8 }    

    swCpuAclIpRuleCode OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of icmp code traffic."
        ::= { swCpuAclIpRuleEntry 9 }    

    swCpuAclIpRuleSrcPort OBJECT-TYPE
        SYNTAX  INTEGER(0..65535)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies the range of tcp/udp source port"
        ::= { swCpuAclIpRuleEntry 10 }    

    swCpuAclIpRuleDstPort OBJECT-TYPE
        SYNTAX  INTEGER(0..65535)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific the range of tcp/udp destination port range"
        ::= { swCpuAclIpRuleEntry 11 }    

    swCpuAclIpRuleFlagBits OBJECT-TYPE
        SYNTAX  INTEGER(0..63)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "A value which indicates the set of TCP flags that this
            entity may potentially offers.  The value is a sum.  This
            sum initially takes the value zero, Then, for each flag, L,
            in the range 1 through 6, that this node performs
            transactions for, 2 raised to (L - 1) is added to the sum.
            Note that values should be calculated accordingly:

                 Flag      functionality
                   6        urg bit
                   5        ack bit
                   4        psh bit
                   3        rst bit
                   2		syn bit
                   1 		fin bit                 
			For example,it you want to enable urg bit and ack bit,you
			should set vlaue 48(2^(5-1) + 2^(6-1))."
        ::= { swCpuAclIpRuleEntry 12 } 

    swCpuAclIpRuleProtoID OBJECT-TYPE
        SYNTAX  INTEGER(0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the value of  ip protocol id traffic"
        ::= { swCpuAclIpRuleEntry 13 }    

    swCpuAclIpRuleUserMask OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4))
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specific that the rule applies to the ip protocol id and the range of
             options behind the IP header."
        ::= { swCpuAclIpRuleEntry 14 }    

    swCpuAclIpRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swCpuAclIpRuleEntry 15 }       
        
    swCpuAclIpRuleRowStatus OBJECT-TYPE	
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclIpRuleEntry 16 }            

--***************************************************************************
--swCpuAclPktContRuleTable
--***************************************************************************  
    swCpuAclPktContRuleTable OBJECT-TYPE 
        SYNTAX  SEQUENCE OF SwCpuAclPktContRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of user-defined information."
        ::= { swCpuAclRuleMgmt 3 }
        
    swCpuAclPktContRuleEntry OBJECT-TYPE
        SYNTAX  SwCpuAclPktContRuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the user-defined part of each packet."
        INDEX  { swCpuAclPktContRuleProfileID,swCpuAclPktContRuleAccessID }
        ::= { swCpuAclPktContRuleTable 1 }
      
    SwCpuAclPktContRuleEntry ::= 
        SEQUENCE {
            swCpuAclPktContRuleProfileID		
                INTEGER,
            swCpuAclPktContRuleAccessID
                INTEGER,
            swCpuAclPktContRuleOffset0to15
                OCTET STRING,
            swCpuAclPktContRuleOffset16to31
                OCTET STRING,
            swCpuAclPktContRuleOffset32to47
                OCTET STRING,
            swCpuAclPktContRuleOffset48to63
                OCTET STRING,             
            swCpuAclPktContRuleOffset64to79
                OCTET STRING,
            swCpuAclPktContRulePermit
                INTEGER,         
            swCpuAclPktContRuleRowStatus
                RowStatus                                                         
        }
    swCpuAclPktContRuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclPktContRuleEntry 1 }
    
    swCpuAclPktContRuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swCpuAclPktContRuleProfileID."
        ::= { swCpuAclPktContRuleEntry 2 }        

    swCpuAclPktContRuleOffset0to15 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swCpuAclPktContRuleEntry 3 }      
         
    swCpuAclPktContRuleOffset16to31 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swCpuAclPktContRuleEntry 4 }      
        
    swCpuAclPktContRuleOffset32to47 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swCpuAclPktContRuleEntry 5 }      
        
    swCpuAclPktContRuleOffset48to63 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swCpuAclPktContRuleEntry 6 }           
        
    swCpuAclPktContRuleOffset64to79 OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the user-defined packet."
        ::= { swCpuAclPktContRuleEntry 7 }               

    swCpuAclPktContRulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swCpuAclPktContRuleEntry 8 } 
        
    swCpuAclPktContRuleRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclPktContRuleEntry 9 }   

--***************************************************************************
--swCpuAclIpv6RuleTable
--***************************************************************************  
    swCpuAclIpv6RuleTable OBJECT-TYPE 
        SYNTAX  SEQUENCE OF SwCpuAclIpv6RuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "This table contain ACL rule of user-defined information."
        ::= { swCpuAclRuleMgmt 4 }
        
    swCpuAclIpv6RuleEntry OBJECT-TYPE
        SYNTAX  SwCpuAclIpv6RuleEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "A list of information about ACL rule of the user-defined part of each packet."
        INDEX  { swCpuAclIpv6RuleProfileID,swCpuAclIpv6RuleAccessID }
        ::= { swCpuAclIpv6RuleTable 1 }
      
    SwCpuAclIpv6RuleEntry ::= 
        SEQUENCE {
            swCpuAclIpv6RuleProfileID		
                INTEGER,
            swCpuAclIpv6RuleAccessID
                INTEGER,
            swCpuAclIpv6RuleClass
                INTEGER,
            swCpuAclIpv6RuleFlowlabel
                OCTET STRING,
            swCpuAclIpv6RuleSrcIpv6Addr
                Ipv6Address,
            swCpuAclIpv6RuleDstIpv6Addr
                Ipv6Address,             
            swCpuAclIpv6RulePermit
                INTEGER,         
            swCpuAclIpv6RuleRowStatus
                RowStatus                                                         
        }
    swCpuAclIpv6RuleProfileID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The ID of ACL mask entry ,and is unique in the mask list."
        ::= { swCpuAclIpv6RuleEntry 1 }
    
    swCpuAclIpv6RuleAccessID OBJECT-TYPE
        SYNTAX  INTEGER (1..5)
        MAX-ACCESS  read-only	
        STATUS  current
        DESCRIPTION
            "The ID of ACL rule entry relate to swCpuAclIpv6RuleProfileID."
        ::= { swCpuAclIpv6RuleEntry 2 }        

    swCpuAclIpv6RuleClass OBJECT-TYPE
        SYNTAX  INTEGER (0..255)
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 class filed."
        ::= { swCpuAclIpv6RuleEntry 3 }      
         
    swCpuAclIpv6RuleFlowlabel OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(4)) 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the IPv6 flowlabel filed."
        ::= { swCpuAclIpv6RuleEntry 4 }      
        
    swCpuAclIpv6RuleSrcIpv6Addr OBJECT-TYPE
        SYNTAX  Ipv6Address
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the source IPv6 address.
            This should be 16 byte octet string."
        ::= { swCpuAclIpv6RuleEntry 5 }      
        
    swCpuAclIpv6RuleDstIpv6Addr OBJECT-TYPE
        SYNTAX  Ipv6Address 
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "Specifies that the rule applies to the destination IPv6 address.
            This should be 16 byte octet string."
        ::= { swCpuAclIpv6RuleEntry 6 }                   

    swCpuAclIpv6RulePermit OBJECT-TYPE
        SYNTAX  INTEGER {
               deny(1),
               permit(2)
               }
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates resoult of examination is permit or deny;default is permit(1)
             permit - Specifies that packets that match the access profile are 
                      permitted to be forwarded by the switch.
             deny - Specifies that packets that do not match the access profile
                    are not permitted to be forwarded by the switch and will be filtered."
        ::= { swCpuAclIpv6RuleEntry 7 }        
                        
    swCpuAclIpv6RuleRowStatus OBJECT-TYPE
        SYNTAX  RowStatus
        MAX-ACCESS  read-create
        STATUS  current
        DESCRIPTION
            "This object indicates the status of this entry."
        ::= { swCpuAclIpv6RuleEntry 8 }   

        
END
