	DEVFILTER-MIB DEFINITIONS ::= BEGIN

	IMPORTS
		IpAddress
			FROM RFC1155-SMI
		OBJECT-TYPE, MODULE-IDENTITY, Integer32
			FROM SNMPv2-SMI
		MacAddress, DisplayString, RowStatus
			FROM SNMPv2-TC
		device
			FROM ANIROOT-MIB;

aniDevFilter  MODULE-IDENTITY
	LAST-UPDATED "0105091130Z"      -- Wed May 9 11:30:00 PDT 2001
	ORGANIZATION "Aperto Networks"
	CONTACT-INFO
	  "       
	  Postal:  Aperto Networks Inc
		   1637 S Main Street 
		   Milpitas, California 95035
	  Tel:	   +1 408 719 9977
	  "       
	DESCRIPTION
	"This group provides Filter related information for BSU or SU.
	"
	::= { device 8 }


aniDevFilterTable OBJECT-TYPE
	SYNTAX      SEQUENCE OF AniDevFilterEntry
	MAX-ACCESS  not-accessible
	STATUS      current
	DESCRIPTION
	   "This table allows the user to view the configured IP 
	    Filters.
	   "
	::= { aniDevFilter 1 }

aniDevFilterEntry OBJECT-TYPE
	SYNTAX      AniDevFilterEntry
	MAX-ACCESS  not-accessible
	STATUS      current
	DESCRIPTION
	   "An entry containing objects for each IP Filter
	    configured.
	   "
	INDEX { aniDevFilterIfIndex, aniDevFilterIdentifier }
	::= { aniDevFilterTable 1 }

AniDevFilterEntry ::= SEQUENCE {
	aniDevFilterIfIndex		INTEGER,
	aniDevFilterIdentifier		Integer32,
	aniDevFilterName		DisplayString,
	aniDevFilterPriority		Integer32,
	aniDevFilterActivationState	INTEGER,
	aniDevFilterPermission		INTEGER,
	aniDevFilterIpProtocol		Integer32,    
	aniDevFilterIpSaddr		IpAddress,
	aniDevFilterIpSmask		IpAddress,
	aniDevFilterIpDaddr		IpAddress,
	aniDevFilterIpDmask		IpAddress,
	aniDevFilterIpSourceStart	INTEGER,
	aniDevFilterIpSourceEnd		INTEGER,
	aniDevFilterIpDestStart		INTEGER,
	aniDevFilterIpDestEnd		INTEGER,
	aniDevFilterIpOptions		Integer32,
	aniDevFilterIpSecOptions	INTEGER,
	aniDevFilterIcmpMsgType		INTEGER,
	aniDevFilterIcmpSubcode		INTEGER,
	aniDevFilterTcpFlags		Integer32,
	aniDevFilterDestMacMask		OCTET STRING,
	aniDevFilterSourceMac		MacAddress,
	aniDevFilterEnetType		DisplayString,
	aniDevFilterLlcDSAP		DisplayString,
	aniDevFilterLlcSSAP		DisplayString,
	aniDevFilterLlcControl		DisplayString,
	aniDevFilterLocalCode		DisplayString,
	aniDevFilterRowStatus		RowStatus,
	aniDevFilterUserPriorityHi     	INTEGER,
	aniDevFilterUserPriorityLo     	INTEGER,
	aniDevFilterVlanIdStart      	INTEGER,
	aniDevFilterVlanIdEnd      	INTEGER
        }

aniDevFilterIfIndex OBJECT-TYPE
	SYNTAX INTEGER {
			ethernet(1),
			wireless-port1(2),
			wireless-port2(3),
			wireless-port3(4),
			wireless-port4(5),
			wireless-port5(6),
			wireless-port6(7)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Interface Type.
	    On SU, only ethernet(1) and wireless-port1(2) are valid.

	    On BSU, ethernet(1) and all configured wireless interfaces  
	    -- wireless-port1(2), wireless-port2(3), wireless-port3(4), 
	    wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid, 
	    that is, filtering should be allowed on these wireless 
	    interfaces only if they are configured.
	   "
	DEFVAL { 1 }
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 1 }

aniDevFilterIdentifier OBJECT-TYPE
	SYNTAX      Integer32 (0..255)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "A unique number which identifies the filtering rule.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 2 }

aniDevFilterName OBJECT-TYPE
	SYNTAX      DisplayString (SIZE (0..31))
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "A name which identifies the filtering rule.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 3 }

aniDevFilterPriority OBJECT-TYPE
	SYNTAX      Integer32 (0..255)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The priority for the filtering rule. It should be unique. 
	    A higher number means higher priority.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 4 }

aniDevFilterActivationState OBJECT-TYPE
	SYNTAX INTEGER {
			inactive(1),
			active(2)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The state of the filtering rule.
	   "
	DEFVAL { 2 }
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 5 }

aniDevFilterPermission OBJECT-TYPE
	SYNTAX INTEGER {
			block(1),
			pass(2)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The permissions for the filtering rule.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 6 }

aniDevFilterIpProtocol OBJECT-TYPE
	SYNTAX		Integer32 (0..257)
	MAX-ACCESS  	read-write
	STATUS      	current
	DESCRIPTION
	   "The IP protocol value.

	    List of well known IP Protocols:
	
		Protocol	Value
		--------	-----
		ICMP		1
		IGMP		2
		TCP		6
		EGP		8
		UDP		17
		IPIP		94
		RSVP		46
		GRE		47
		TCP or UDP	257
	    
	    Apart from the above protocols, the user can also specify 
	    other values.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 7 }

aniDevFilterIpSaddr OBJECT-TYPE
	SYNTAX      IpAddress
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The source IP address for this Filter.
	    IP Source Address and Subnet Mask go in a pair.
	    So if aniDevFilterIpSaddr is configured, then 
	    aniDevFilterIpSmask should be configured as well and 
	    vice versa.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 8 }

aniDevFilterIpSmask OBJECT-TYPE
	SYNTAX      IpAddress
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Subnet mask for the source IP Address.
	    IP Source Address and Subnet Mask go in a pair.
	    So if aniDevFilterIpSaddr is configured, then 
	    aniDevFilterIpSmask should be configured as well and 
	    vice versa.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 9 }

aniDevFilterIpDaddr OBJECT-TYPE
	SYNTAX      IpAddress
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The destination IP address for this Filter.
	    IP Destination Address and Subnet Mask go in a pair.
	    So if aniDevFilterIpDaddr is configured, then 
	    aniDevFilterIpDmask should be configured as well and 
	    vice versa.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 10 }

aniDevFilterIpDmask OBJECT-TYPE
	SYNTAX      IpAddress
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Subnet mask for the destination IP Address.
	    IP Destination Address and Subnet Mask go in a pair.
	    So if aniDevFilterIpDaddr is configured, then 
	    aniDevFilterIpDmask should be configured as well and 
	    vice versa.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 11 }

aniDevFilterIpSourceStart OBJECT-TYPE
	SYNTAX      INTEGER (0..65535)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The lowest bound value for the source port number.

	    List of Some Well Known Ports:

		Application		Port
		-----------		----
		Ftp Data		20
		Ftp Control		21
		HTTP			80
		IMAP2			143
		SNMP			161
		POP3			110
		SMTP			25
		Telnet			23
		TFTP			69
		BootP Server		67
		BootP Client		68
		Gopher			70
		Finger			79
		BGP			179
	    
	    In addition to the list, the user can enter any other
	    value as well.

	    This field is valid only if the aniDevFilterIpProtocol
	    field is set to TCP, UDP, (TCP or UDP) or not specified by the user.

	    aniIpFilterIpSourceEnd should be >= 
	    aniIpFilterIpSourceStart. 
	    Whenever aniIpFilterIpSourceEnd is configured,
	    aniIpFilterIpSourceStart should be configured as well.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 12 }

aniDevFilterIpSourceEnd OBJECT-TYPE
	SYNTAX      INTEGER (0..65535)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The highest bound value for the source port number.

	    Refer to the Well known ports list under 
	    aniIpFilterIpSourceStart description.
	    In addition to the list, the user can enter any other
	    value as well.

	    This field is valid only if the aniDevFilterIpProtocol is 
	    set to TCP, UDP, (TCP or UDP) or not specified by the user.
	    aniDevFilterIpSourceEnd should be >= aniDevFilterIpSourceStart.
	    Whenever aniDevFilterIpSourceEnd is configured, 
	    aniDevFilterIpSourceStart should be configured as well.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 13 }

aniDevFilterIpDestStart OBJECT-TYPE
	SYNTAX      INTEGER (0..65535)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The lowest bound value for the destination port number.

	    Refer to the Well known ports list under 
	    aniIpFilterIpSourceStart description.
	    In addition to the list, the user can enter any other
	    value as well.

	    This field is valid only if the aniDevFilterIpProtocol 
	    is set to TCP, UDP, (TCP or UDP) or not specified by the user.
	    aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart.
	    Whenever aniDevFilterIpDestStart is configured, 
	    aniDevFilterIpDestEnd should be configured as well.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 14 }

aniDevFilterIpDestEnd OBJECT-TYPE
	SYNTAX      INTEGER (0..65535)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The highest bound value for the destination port number.

	    Refer to the Well known ports list under 
	    aniIpFilterIpSourceStart description.
	    In addition to the list, the user can enter any other
	    value as well.

	    This field is valid only if the aniDevFilterIpProtocol 
	    is set to TCP, UDP, (TCP or UDP) or not specified by the user.
	    aniDevFilterIpDestEnd should be >= aniDevFilterIpDestStart.
	    Whenever aniDevFilterIpDestStart is configured, 
	    aniDevFilterIpDestEnd should be configured as well.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 15 }

aniDevFilterIpOptions OBJECT-TYPE
	SYNTAX		Integer32
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Mask value for the IP Options.
	    No Operation	(0x000001)
	    Route Record 	(0x000002)
	    Time Stamp   	(0x000040)
	    MTU Probe 		(0x000008)
	    MTU Reply 		(0x000010)
	    Trace Route 	(0x000080)
	    Address Extension 	(0x004000)
	    Loose Source Route 	(0x000200)
	    Strict Source Route (0x002000)
	    Extended Security 	(0x000400)
	    Security 		(0x000100)
	    Commercial Security (0x000800)
	    Experimental Measurement 	(0x000004)
	    Experimental Flow Control 	(0x040000)
	    Experimental Access Control (0x008000)
	    Stream Id 		(0x001000)
	    IMI Traffic Descriptor	(0x010000)
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 16 }

aniDevFilterIpSecOptions OBJECT-TYPE
	SYNTAX INTEGER {
			top-secret(1),
			secret(2),
			confidential(3),
			unclassified(4)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The IP Security Value.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 17 }

aniDevFilterIcmpMsgType OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Message Type for ICMP Protocol.

	    This field is valid only if the aniDevFilterIpProtocol 
	    is set to ICMP or not specified by the user.

	    Valid Range:

		ICMP Message	Type	SubCode
		------------    ----    ----
		Echo reply	0	
		------------------------------------------------------------
		Destination 
		Unreachable	3	0 = net unreachable; 
					1 = host unreachable; 
					2 = protocol unreachable; 
					3 = port unreachable; 
					4 = fragmentation needed and DF set; 
					5 = source route failed. 
		------------------------------------------------------------
		Source Quench	4
		------------------------------------------------------------
		Redirect	5	0 = Redirect datagrams for the Network. 
					1 = Redirect datagrams for the Host. 
					2 = Redirect datagrams for the Type of 
						Service and Network. 
					3 = Redirect datagrams for the Type of 
						Service and Host. 
		------------------------------------------------------------
		Echo		8	
		------------------------------------------------------------
		Time Exceeded 
		Message		11	0 = time to live exceeded in transit; 
					1 = fragment reassembly time exceeded. 
		------------------------------------------------------------
		Parameter 
		Problem		12	0 = pointer indicates the error.
		------------------------------------------------------------
		Timestamp 
		message		13	
		------------------------------------------------------------
		Timestamp 
		reply message	14	
		------------------------------------------------------------
		Information 
		Request		15	
		------------------------------------------------------------
		Information 
		Reply		16	
		------------------------------------------------------------
		Address Mask 
		request 	17	
		------------------------------------------------------------
		Address Mask 
		reply		18	
		------------------------------------------------------------

	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 18 }

aniDevFilterIcmpSubcode OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Subcode for ICMP Protocol.

	    This field is valid only if the aniDevFilterIpProtocol is 
	    set to ICMP or not specified by the user. 
	    If this field is specified then aniDevFilterIcmpMsgType 
	    should already be specified. The values allowed for ICMP Code 
	    depend on aniDevFilterIcmpMsgType.
	    Refer to the description under aniDevFilterIcmpMsgType for a
	    detail list of values.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 19 }

aniDevFilterTcpFlags OBJECT-TYPE
	SYNTAX		Integer32
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The TCP Flags.

	    The valid range:
	    Urgent (0x20)
	    Acknowledgement (0x10)
	    Push (0x08)
	    Reset (0x04)
	    Sync (0x02)
	    Sync-Ack (0x12)
	    Finish (0x01)
	    Finish-Ack (0x11)

	    This field is valid only if the aniDevFilterIpProtocol 
	    is set to ICMP or not specified by the user.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 20 }

aniDevFilterDestMacMask OBJECT-TYPE
	SYNTAX      OCTET STRING (SIZE(0..12))
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The MAC address and mask value for destination.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 21 }

aniDevFilterSourceMac OBJECT-TYPE
	SYNTAX      MacAddress
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The MAC Address of the source.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 22 }

aniDevFilterEnetType OBJECT-TYPE
	SYNTAX      DisplayString
	MAX-ACCESS  read-write
	STATUS      current
 	DESCRIPTION
	   "The Ethernet type value in the ethernet header.
	    
	    The maximum length of the ethernet packet is 1500 (0x5DC).
	    The value of the ethernet type must be greater than 1500.
	    
	    Appicable for Ethernet Version II frame type. If this type 
	    is being used then, DSAP (LLC Header), SSAP (LLC Header), 
	    Control Byte (LLC Header) and Local Code (SNAP) cannot be 
	    used and vice-versa.

	    Valid Range: 0x5DD to 0xFFFF

	    List of Ethernet Types:

		-----------------------------------------------------------
		0x800	DOD Internet Protocol (IP)
		-----------------------------------------------------------
		0x806	Address Resolution Protocol (ARP) 
			(for IP and for CHAOS)


	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 23 }

aniDevFilterLlcDSAP OBJECT-TYPE
	SYNTAX      DisplayString
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The DSAP (Destination Service Access Point) value 
	    in LLC Header.
	    
	    Valid Range: 0 to 0xFF
	    Applicable for IEEE 802.3 Frame Format only.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 24 }

aniDevFilterLlcSSAP OBJECT-TYPE
	SYNTAX      DisplayString
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The SSAP (Source Service Access Point) value 
	    in LLC Header.
	    
	    Valid Range: 0 to 0xFF
	    Applicable for IEEE 802.3 Frame Format only.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 25 }

aniDevFilterLlcControl OBJECT-TYPE
	SYNTAX      DisplayString
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Control Byte of the LLC Header.

	    Valid Range: 0 to 0xFF
	    Applicable for IEEE 802.3 Frame Format only.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 26 }

aniDevFilterLocalCode OBJECT-TYPE
	SYNTAX      DisplayString
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Local Code for SNAP ethernet type.
	    Applicable for IEEE 802.3 Frame Format only.
	    DSAP should be set to 0xAA, SSAP should be set to 0xAA,
	    Control Byte should be set to 0x03.
			    
	    Valid range: 0 - 0xFFFF.

	    List of Ethernet Types:

		--------------------------------------------------------
		0x800	DOD Internet Protocol (IP)
		--------------------------------------------------------
		0x806	Address Resolution Protocol (ARP) 
			(for IP and for CHAOS)


	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 27 }

aniDevFilterRowStatus OBJECT-TYPE
	SYNTAX  RowStatus
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "This represents the state of an entry within the 
	    table.  It is used to manage creation and deletion of rows.
	    The values include:
	    active(1)
	    notInService(2)
	    notReady(3)
	    createAndGo(4)
	    createAndWait(5)
	    destroy(6)

	    When a Get request is sent, this object returns either 
	    active(1), notInService(2) or notReady(3) depending on
	    the state of this row.
	    A new row can be Created using either createAndGo(4) or
	    createAndWait(5).
	    For Deleting a row, this field should be set to destroy(6).
	   "
	::= { aniDevFilterEntry 28 }

aniDevFilterUserPriorityHi OBJECT-TYPE
	SYNTAX      INTEGER (0..7)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The high priority byte of the user priority.

	    The user priority specifies the matching 
	    parameters for the IEEE 802.1P user_priority
	    bits. An Ethernet packet with IEEE 802.1P 
	    user_priority value 'priority' matches these
	    parameters if pri-low <= priority <= pri_high.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 29 }

aniDevFilterUserPriorityLo OBJECT-TYPE
	SYNTAX      INTEGER (0..7)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The low priority byte of the user priority.

	    The user priority specifies the matching 
	    parameters for the IEEE 802.1P user_priority
	    bits. An Ethernet packet with IEEE 802.1P 
	    user_priority value 'priority' matches these
	    parameters if pri-low <= priority <= pri_high.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 30 }

aniDevFilterVlanIdStart OBJECT-TYPE
	SYNTAX      INTEGER (0..4095)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The lower limit for the VLAN ID.
	    This value is used to specify the lower limit in the 
	    range. Any IEEE 802.1P packet from a customer's VLAN
	    that falls into the range matches the rule.
	    aniDevFilterVlanIdStart and aniDevFilterVlanIdEnd 
	    must be defined in a pair.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 31 }

aniDevFilterVlanIdEnd OBJECT-TYPE
	SYNTAX      INTEGER (0..4095)
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The upper limit for the VLAN ID.
	    This value is used to specify the upper limit in the 
	    range. Any IEEE 802.1P packet from a customer's VLAN
	    that falls into the range matches the rule.
	    aniUSClassifierVlanIdStart and aniUSClassifierVlanIdEnd 
	    must be defined in a pair.
	   "
	--DEFAULT next-function-async     aniDevFilterEntry_next
	::= { aniDevFilterEntry 32 }


aniDevFilterIfTable OBJECT-TYPE
	SYNTAX      SEQUENCE OF AniDevFilterIfEntry
	MAX-ACCESS  not-accessible
	STATUS      current
	DESCRIPTION
	   "This table allows the user to enable/disable Filtering
	    per interface basis.
	   "
	::= { aniDevFilter 2 }

aniDevFilterIfEntry OBJECT-TYPE
	SYNTAX      AniDevFilterIfEntry
	MAX-ACCESS  not-accessible
	STATUS      current
	DESCRIPTION
	   "An entry containing objects for each IP Filter
	    interface configured.
	   "
	INDEX { aniDevFilterIfIdentifier }
	::= { aniDevFilterIfTable 1 }

AniDevFilterIfEntry ::= SEQUENCE {
	aniDevFilterIfIdentifier	INTEGER,
	aniDevFilterIfFlag		INTEGER
	}

aniDevFilterIfIdentifier OBJECT-TYPE
	SYNTAX INTEGER {
			ethernet(1),
			wireless-port1(2),
			wireless-port2(3),
			wireless-port3(4),
			wireless-port4(5),
			wireless-port5(6),
			wireless-port6(7)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The Interface Type.
	    On SU, only ethernet(1) and wireless-port1(2) are valid.

	    On BSU, ethernet(1) and all configured wireless interfaces  
	    -- wireless-port1(2), wireless-port2(3), wireless-port3(4), 
	    wireless-port4(5), wireless-port5(6), wireless-port6(7) are valid, 
	    that is, filtering should be allowed on these wireless 
	    interfaces only if they are configured.
	   "
	DEFVAL { 1 }
	--DEFAULT next-function-async     aniDevFilterIfEntry_next
	::= { aniDevFilterIfEntry 1 }

aniDevFilterIfFlag OBJECT-TYPE
	SYNTAX INTEGER {
			enable(1),
			disable(2)
		}
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
	   "The flag to enable or disable filtering on
	    a particular interface.

	    The default value depends on whether a rule is configured 
	    on the particular interface or not. When a rule is configured
	    on the interface, this flag will be set to enable(1)
	    automatically. If no rule is configured, this flag should
	    be disabled by default.
	   "
	--DEFAULT next-function-async     aniDevFilterIfEntry_next
	::= { aniDevFilterIfEntry 2 }

          END

