You are here:

MonitorTools.com > Technical documentation > SNMP > MIB > Cisco > CISCO-IETF-NAT-MIB
ActiveXperts Network Monitor 2019##AdminFavorites

CISCO-IETF-NAT-MIB by vendor Cisco

CISCO-IETF-NAT-MIB file content

The SNMP protocol is used to for conveying information and commands between agents and managing entities. SNMP uses the User Datagram Protocol (UDP) as the transport protocol for passing data between managers and agents. The reasons for using UDP for SNMP are, firstly it has low overheads in comparison to TCP, which uses a 3-way hand shake for connection. Secondly, in congested networks, SNMP over TCP is a bad idea because TCP in order to maintain reliability will flood the network with retransmissions.

Management information (MIB) is represented as a collection of managed objects. These objects together form a virtual information base called MIB. An agent may implement many MIBs, but all agents must implement a particular MIB called MIB-II [16]. This standard defines variables for things such as interface statistics (interface speeds, MTU, octets sent, octets received, etc.) as well as various other things pertaining to the system itself (system location, system contact, etc.). The main goal of MIB-II is to provide general TCP/IP management information.

Use ActiveXperts Network Monitor 2019 to import vendor-specific MIB files, inclusing CISCO-IETF-NAT-MIB.


Vendor: Cisco
Mib: CISCO-IETF-NAT-MIB  [download]  [view objects]
Tool: ActiveXperts Network Monitor 2019 [download]    (ships with advanced SNMP/MIB tools)
-- *****************************************************************
-- CISCO-IETF-NAT-MIB.my:  Ciscoized version of a IETF 
-- Network Address Translation MIB file
--
-- July 2001, Sudhindra Barve 
--
-- Copyright (c) 1999-2001 by cisco Systems, Inc.
-- All rights reserved.
--
-- *****************************************************************
-- This MIB is based on the NAT-MIB module
-- defined in Internet Draft:
-- http://search.ietf.org/internet-drafts/draft-ietf-nat-natmib-00.txt
-- 
-- The NAT-MIB is on track for becoming a
-- standard NAT MIB with RFC status. Once the RFC MIB is
-- available, this CISCO MIB module MAY be deprecated.
-- 

CISCO-IETF-NAT-MIB DEFINITIONS ::= BEGIN

IMPORTS
     MODULE-IDENTITY,
     OBJECT-TYPE,
     Integer32,
     Unsigned32,
     Gauge32,
     Counter32,
     TimeTicks,
     IpAddress,
     mib-2
             FROM SNMPv2-SMI
     MODULE-COMPLIANCE,
     OBJECT-GROUP
             FROM SNMPv2-CONF
     TEXTUAL-CONVENTION,
     StorageType,
     RowStatus
             FROM SNMPv2-TC
     InterfaceIndex
             FROM IF-MIB
     SnmpAdminString
             FROM SNMP-FRAMEWORK-MIB

     ciscoExperiment
        FROM CISCO-SMI;



ciscoIetfNatMIB MODULE-IDENTITY
     LAST-UPDATED "200103010000Z"
     ORGANIZATION "Cisco Systems, Inc"
     CONTACT-INFO
        "       Cisco Systems
                Customer Service

        Postal:  170 West Tasman Drive
                     San Jose, CA  95134
                     USA

            Tel:    +1 800 553-NETS

            E-mail: cs-nat@cisco.com"

     DESCRIPTION
             "This MIB module defines the generic managed objects
              for NAT."
     REVISION     "200103010000Z"
     DESCRIPTION
             "Initial version of this MIB module."
     ::= { ciscoExperiment 77 }

ciscoNatMIBObjects OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 1 }


-- The Groups
-- o cnatConfig - Pertaining to NAT configuration information
-- o cnatBind - Pertaining to the NAT BINDs/sessions.
-- o cnatStatistics - NAT statistics, other than those maintained
--                   by the Bind and Session tables.

cnatConfig OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 1 }
cnatBind OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 2 }
cnatStatistics OBJECT IDENTIFIER ::= { ciscoNatMIBObjects 3 }



-- Textual Conventions

NATProtocolType ::= TEXTUAL-CONVENTION
       STATUS       current
       DESCRIPTION
               "A list of protocols that are affected by NAT.
                Inclusion of values is not intended to imply that
                those protocols need be supported."
       SYNTAX       INTEGER {
                        other (1), -- not specified
                        icmp (2),
                        udp (3),
                        tcp (4)
                    }


-- The Configuration Group
-- The NAT Generic Configuration Table

cnatConfTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF CnatConfEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "This table specifies the configuration attributes for a
             device supporting NAT function."
    ::= { cnatConfig 1 }

cnatConfEntry OBJECT-TYPE
    SYNTAX      CnatConfEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "Each entry in the cnatConfTable holds a set of
             configuration parameters associated with an instance
             of NAT.
             Entries in the cnatConfTable are created and deleted
             using the cnatConfStatus object."
    INDEX   { IMPLIED cnatConfName }
    ::= { cnatConfTable 1 }

CnatConfEntry ::= SEQUENCE {
    cnatConfName                 SnmpAdminString,
    cnatConfServiceType          INTEGER,
    cnatConfTimeoutIcmpIdle      Integer32,
    cnatConfTimeoutUdpIdle       Integer32,
    cnatConfTimeoutTcpIdle       Integer32,
    cnatConfTimeoutTcpNeg        Integer32,
    cnatConfTimeoutOther         Integer32,
    cnatConfMaxBindLeaseTime     Integer32,
    cnatConfMaxBindIdleTime      Integer32,
    cnatConfStorageType          StorageType,
    cnatConfStatus               RowStatus
}

cnatConfName OBJECT-TYPE
    SYNTAX      SnmpAdminString (SIZE(1..32))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "The locally arbitrary, but unique identifier
             associated with this cnatConfEntry."
    ::= { cnatConfEntry 1 }

cnatConfServiceType OBJECT-TYPE
    SYNTAX  INTEGER {
                basicNat (1),
                napt (2),
                bidirectionalNat (3),
                twiceNat (4),
                multihomedNat (5)
            }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "An indication of the direction in which new sessions
             are permitted and the extent of translation done within
             the IP and transport headers."
    ::= { cnatConfEntry 2 }

cnatConfTimeoutIcmpIdle OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The interval of time for which an ICMP protocol session,
             associated with this configuration, is allowed to remain
             valid without any activity."
    -- 1 minute
    DEFVAL { 60 }
    ::= { cnatConfEntry 3 }


cnatConfTimeoutUdpIdle OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The interval of time for which a UDP protocol session,
             associated with this configuration, is allowed to remain
             valid without any activity."
    -- 5 minutes
    DEFVAL { 300 }
    ::= { cnatConfEntry 4 }

cnatConfTimeoutTcpIdle OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The interval of time for which a TCP protocol session,
             associated with this configuration, is allowed to remain
             valid without any activity. This timeout value applies
             to a TCP session during its data transfer phase."
    -- 24 hours
    DEFVAL { 86400 }
    ::= { cnatConfEntry 5 }

cnatConfTimeoutTcpNeg OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The interval of time for which a TCP protocol session,
             associated with this configuration, is allowed to remain
             valid without any activity. This timeout value applies
             to a TCP session during its establishment and termination
             phases."
    -- 1 minute
    DEFVAL { 60 }
    ::= { cnatConfEntry 6 }

cnatConfTimeoutOther OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The interval of time for which a protocol session
             other than ICMP, UDP and TCP, associated with this
             configuration, is allowed to remain valid, without
             any activity."
    ::= { cnatConfEntry 7 }

cnatConfMaxBindLeaseTime OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The maximum lease time for the BIND, associated with
             this configuration. Unless the lease time is renewed, a
             BIND will not be valid past the lease time. As a special
             case, a value of 0 may be assumed to indicate no lease
             time limit. Typically, this attribute is of relevance
             only in conjunction with Realm-Specific-IP (RSIP)
             operation."
    DEFVAL { 0 }
    ::= { cnatConfEntry 8 }

cnatConfMaxBindIdleTime OBJECT-TYPE
    SYNTAX      Integer32 (0..2147483647)
    UNITS       "seconds"
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The maximum time, associated with this configuration,
             to allow a dynamic BIND to remain valid with no NAT
             session hanging off this BIND. By default for NATIVE
             NAT maximum Idle time is 0. External agents could
             control this parameter differently. Static Binds and
             lease time limited BINDs are not affected by this
             parameter."
    DEFVAL { 0 }
    ::= { cnatConfEntry 9 }

cnatConfStorageType OBJECT-TYPE
    SYNTAX      StorageType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The storage type for this conceptual row."
    REFERENCE
            "Textual Conventions for SMIv2, Section 2."
    DEFVAL { nonVolatile }
    ::= { cnatConfEntry 10 }

cnatConfStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The status of this conceptual row."
    ::= { cnatConfEntry 11 }


-- The Static Address Map Table

cnatConfStaticAddrMapTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF CnatConfStaticAddrMapEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "This table lists configuration for static NAT
             entries. This table has an expansion dependent
             relationship on the cnatConfTable. When an SNMP entity
             deletes a conceptual row from the cnatConfTable, then
             the corresponding entries are deleted from
             cnatConfStaticAddrMapTable."
    ::= { cnatConfig 2 }

cnatConfStaticAddrMapEntry OBJECT-TYPE
    SYNTAX      CnatConfStaticAddrMapEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "A description of a static NAT entry. This entry
             contributes to the static NAT table of the device."
    INDEX   { cnatConfName, cnatConfStaticAddrMapName }
    ::= { cnatConfStaticAddrMapTable 1 }

CnatConfStaticAddrMapEntry ::= SEQUENCE {
    cnatConfStaticAddrMapName         SnmpAdminString,
    cnatConfStaticAddrMapType         INTEGER,
    cnatConfStaticLocalAddrFrom       IpAddress,
    cnatConfStaticLocalAddrTo         IpAddress,
    cnatConfStaticLocalPortFrom       Integer32,
    cnatConfStaticLocalPortTo         Integer32,
    cnatConfStaticGlobalAddrFrom      IpAddress,
    cnatConfStaticGlobalAddrTo        IpAddress,
    cnatConfStaticGlobalPortFrom      Integer32,
    cnatConfStaticGlobalPortTo        Integer32,
    cnatConfStaticProtocol            BITS,
    cnatConfStaticAddrMapStorageType  StorageType,
    cnatConfStaticAddrMapStatus       RowStatus
}

cnatConfStaticAddrMapName OBJECT-TYPE
    SYNTAX      SnmpAdminString (SIZE(1..32))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "An arbitrary, but unique identifier associated with this
             cnatConfStaticAddrMapEntry. The value of this object is
             unique across both the static address map and the dynamic
             address map tables."
    ::= { cnatConfStaticAddrMapEntry 1 }



cnatConfStaticAddrMapType OBJECT-TYPE
    SYNTAX  INTEGER {
                inbound (1),
                outbound (2),
                both (3)
            }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "Address (and Transport-ID) maps may be defined for both
             inbound and outbound direction. Outbound address map
             refers to mapping a selected set of addresses from
             private realm to a selected set of addresses in external
             realm; whereas inbound address map refers to mapping a
             set of addresses from the external realm to private
             realm."
    ::= { cnatConfStaticAddrMapEntry 2 }

cnatConfStaticLocalAddrFrom OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the first IP address of the range
             of IP addresses mapped by this translation entry."
    ::= { cnatConfStaticAddrMapEntry 3 }

cnatConfStaticLocalAddrTo OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the last IP address of the range of
             IP addresses mapped by this translation entry. If only
             a single address being mapped, the value of this object
             is equal to the value of cnatConfStaticLocalAddrFrom. The
             number addresses in the range defined by
             cnatConfStaticLocalAddrFrom and cnatConfStaticLocalAddrTo
             should be equal to the number of addresses in the range
             defined by cnatConfStaticGlobalAddrFrom and
             cnatConfStaticGlobalAddrTo."
    ::= { cnatConfStaticAddrMapEntry 4 }



cnatConfStaticLocalPortFrom OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the first port number in the range of ports being
             mapped. If the translation specifies a single port, then
             the value of this object is equal to the value of
             cnatConfStaticLocalPortTo."
    ::= { cnatConfStaticAddrMapEntry 5 }

cnatConfStaticLocalPortTo OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the last port number in the range of ports being mapped.
             If the translation specifies a single port, then the
             value of this object is equal to the value of
             cnatConfStaticLocalPortFrom."
    ::= { cnatConfStaticAddrMapEntry 6 }

cnatConfStaticGlobalAddrFrom OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the first IP address of the range of
             IP addresses being mapped to."
    ::= { cnatConfStaticAddrMapEntry 7 }

cnatConfStaticGlobalAddrTo OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the last IP address of the range of
             IP addresses being mapped to. If only a single address is
             being mapped to, the value of this object is equal to the
             value of cnatConfStaticGlobalAddrFrom.The number addresses
             in the range defined by cnatConfStaticGlobalAddrFrom and
             cnatConfStaticGlobalAddrTo should be equal to the number
             of addresses in the range defined by
             cnatConfStaticLocalAddrFrom and
             cnatConfStaticLocalAddrTo. "
    ::= { cnatConfStaticAddrMapEntry 8 }

cnatConfStaticGlobalPortFrom OBJECT-TYPE
    SYNTAX      Integer32  (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic  NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the first port number in the range of ports being mapped
             to. If the translation specifies a single port, then the
             value of this object is equal to the value
             cnatConfStaticGlobalPortTo."
    ::= { cnatConfStaticAddrMapEntry 9 }

cnatConfStaticGlobalPortTo OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual describes
             NAPT, then the value of this object specifies the last
             port number in the range of ports being to. If the
             translation specifies a single port, then the value of
             this object is equal to the value of
             cnatConfStaticGlobalPortFrom."
    ::= { cnatConfStaticAddrMapEntry 10 }

cnatConfStaticProtocol OBJECT-TYPE
    SYNTAX      BITS {
                  all (0),
                  other (1),
                  icmp (2),
                  udp (3),
                  tcp (4)
                }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies a protocol identifier. If the
             value of this object is '0', then this basic NAT entry
             applies to all IP traffic. If the value of this object
             is non-zero, then this NAT entry only applies to IP
             traffic with the specified protocol."
    ::= { cnatConfStaticAddrMapEntry 11 }

cnatConfStaticAddrMapStorageType OBJECT-TYPE
    SYNTAX      StorageType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The storage type for this conceptual row."
    REFERENCE
            "Textual Conventions for SMIv2, Section 2."
    DEFVAL { nonVolatile }
    ::= { cnatConfStaticAddrMapEntry 12 }

cnatConfStaticAddrMapStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The status of this conceptual row.

             To create a row in this table, a manager must set this
             object to either createAndGo(4) or createAndWait(5)."
    ::= { cnatConfStaticAddrMapEntry 13 }


-- The Dynamic Address Map Table

cnatConfDynAddrMapTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF CnatConfDynAddrMapEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "This table lists dynamic NAT entries. This table has an
             expansion dependent relationship on the cnatConfTable.
             When an SNMP entity deletes a conceptual row from the
             cnatConfTable, then the corresponding entries are deleted
             from cnatConfDynAddrMapTable."
    ::= { cnatConfig 3 }

cnatConfDynAddrMapEntry OBJECT-TYPE
    SYNTAX      CnatConfDynAddrMapEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "A description of a dynamic NAT entry. This entry
             contributes to the dynamic NAT table of the device."
    INDEX   { cnatConfName, cnatConfDynAddrMapName }
    ::= { cnatConfDynAddrMapTable 1 }

CnatConfDynAddrMapEntry ::= SEQUENCE {
     cnatConfDynAddrMapName         SnmpAdminString,
     cnatConfDynAddressMapType      INTEGER,
     cnatConfDynLocalAddrFrom       IpAddress,
     cnatConfDynLocalAddrTo         IpAddress,
     cnatConfDynLocalPortFrom       Integer32,
     cnatConfDynLocalPortTo         Integer32,
     cnatConfDynGlobalAddrFrom      IpAddress,
     cnatConfDynGlobalAddrTo        IpAddress,
     cnatConfDynGlobalPortFrom      Integer32,
     cnatConfDynGlobalPortTo        Integer32,
     cnatConfDynProtocol            BITS,
     cnatConfDynAddrMapStorageType  StorageType,
     cnatConfDynAddrMapStatus       RowStatus
}

cnatConfDynAddrMapName OBJECT-TYPE
    SYNTAX      SnmpAdminString (SIZE(1..32))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "An arbitrary, but unique identifier associated with this
             cnatConfDynAddrMapEntry. The value of this object is
             unique across both the static address map and the dynamic
             address map tables."
    ::= { cnatConfDynAddrMapEntry 1 }

cnatConfDynAddressMapType OBJECT-TYPE
    SYNTAX  INTEGER {
                inbound (1),
                outbound (2),
                both (3)
            }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "Address (and Transport-ID) maps may be defined for both
             inbound and outbound direction. Outbound address map
             refers to mapping a selected set of addresses from
             private realm to a selected set of addresses in external
             realm; whereas inbound address map refers to mapping a
             set of addresses from the external realm to private
             realm."
    ::= { cnatConfDynAddrMapEntry 2 }

cnatConfDynLocalAddrFrom OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the first IP address of the range
             of IP addresses mapped by this translation entry."
    ::= { cnatConfDynAddrMapEntry 3 }

cnatConfDynLocalAddrTo OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the last IP address of the range of
             IP addresses mapped by this translation entry."
    ::= { cnatConfDynAddrMapEntry 4 }

cnatConfDynLocalPortFrom OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the first port number in the range of ports being mapped.
             If the translation specifies a single port, then the
             value of this object is equal to the value of
             cnatConfDynLocalPortTo."
    ::= { cnatConfDynAddrMapEntry 5 }

cnatConfDynLocalPortTo OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the last port number in the range of ports being mapped.
             If the translation specifies a single port, then the
             value of this object is equal to the value of
             cnatConfDynLocalPortFrom."
    ::= { cnatConfDynAddrMapEntry 6 }

cnatConfDynGlobalAddrFrom OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the first IP address of the range
             of IP addresses being mapped to."
    ::= { cnatConfDynAddrMapEntry 7 }

cnatConfDynGlobalAddrTo OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies the last IP address of the range of
             IP addresses being mapped to."
    ::= { cnatConfDynAddrMapEntry 8 }

cnatConfDynGlobalPortFrom OBJECT-TYPE
    SYNTAX      Integer32  (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic  NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the first port number in the range of ports being mapped
             to. If the translation specifies a single port, then the
             value of this object is equal to the value of
             cnatConfDynGlobalPortTo."
    ::= { cnatConfDynAddrMapEntry 9 }


cnatConfDynGlobalPortTo OBJECT-TYPE
    SYNTAX      Integer32 (0..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "If this conceptual row describes a basic NAT, then the
             value of this object is '0'. If this conceptual row
             describes NAPT, then the value of this object specifies
             the last port number in the range of ports being mapped
             to. If the translation specifies a single port, then the
             value of this object is equal to the value of
             cnatConfDynGlobalPortFrom."
    ::= { cnatConfDynAddrMapEntry 10 }

cnatConfDynProtocol OBJECT-TYPE
    SYNTAX      BITS {
                  all (0),
                  other (1),
                  icmp (2),
                  udp (3),
                  tcp (4)
                }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object specifies a protocol identifier. If the
             value of this object is '0', then this basic NAT entry
             applies to all IP traffic. If the value of this object is
             non-zero, then this NAT entry only applies to IP traffic
             with the specified protocol."
    ::= { cnatConfDynAddrMapEntry 11 }

cnatConfDynAddrMapStorageType OBJECT-TYPE
    SYNTAX      StorageType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The storage type for this conceptual row."
    REFERENCE
            "Textual Conventions for SMIv2, Section 2."
    DEFVAL { nonVolatile }
    ::= { cnatConfDynAddrMapEntry 12 }

cnatConfDynAddrMapStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The status of this conceptual row.

             To create a row in this table, a manager must set this
             object to either createAndGo(4) or createAndWait(5)."
    ::= { cnatConfDynAddrMapEntry 13 }

-- NAT Interface Table

cnatInterfaceTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatInterfaceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This table holds information regarding the interface
             on which NAT is enabled."
    ::= { cnatConfig 4 }

cnatInterfaceEntry OBJECT-TYPE
    SYNTAX     CnatInterfaceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "Each entry in the NAT Interface Table holds
             information regarding an interface on which NAT is
             enabled."
    INDEX   { cnatInterfaceIndex }
    ::= { cnatInterfaceTable 1 }

CnatInterfaceEntry ::= SEQUENCE {
    cnatInterfaceIndex         InterfaceIndex,
    cnatInterfaceRealm         INTEGER,
    cnatInterfaceStorageType   StorageType,
    cnatInterfaceStatus        RowStatus
}

cnatInterfaceIndex OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The ifIndex of the interface on which NAT is enabled."
    ::= { cnatInterfaceEntry 1 }

cnatInterfaceRealm OBJECT-TYPE
    SYNTAX     INTEGER {
                   private (1),
                   public (2)
               }
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
            "This object identifies whether this interface is
             connected to the private or the public realm."
    DEFVAL     { public }
    ::= { cnatInterfaceEntry 2 }

cnatInterfaceStorageType OBJECT-TYPE
    SYNTAX      StorageType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "The storage type for this conceptual row."
    REFERENCE
            "Textual Conventions for SMIv2, Section 2."
    DEFVAL { nonVolatile }
    ::= { cnatInterfaceEntry 3 }

cnatInterfaceStatus OBJECT-TYPE
    SYNTAX     RowStatus
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
            "Status of NAT on this interface. An active status
             indicates that NAT is enabled on this interface."
    ::= { cnatInterfaceEntry 4 }


-- The BIND Group

-- Address Bind section

cnatAddrBindNumberOfEntries OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object maintains a count of the number of entries
             that currently exist in the cnatAddrBindTable."
    ::= { cnatBind 1 }

-- The NAT Address BIND Table

cnatAddrBindTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatAddrBindEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This table holds information about the currently
             active NAT BINDs."
    ::= { cnatBind 2 }

cnatAddrBindEntry OBJECT-TYPE
    SYNTAX     CnatAddrBindEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "Each entry in the NAT BIND table holds information
             about a NAT BIND that is currently active."
    INDEX   { cnatAddrBindLocalAddr }
    ::= { cnatAddrBindTable 1 }

CnatAddrBindEntry ::= SEQUENCE {
    cnatAddrBindLocalAddr            IpAddress,
    cnatAddrBindGlobalAddr           IpAddress,
    cnatAddrBindId                   Unsigned32,
    cnatAddrBindDirection            INTEGER,
    cnatAddrBindType                 INTEGER,
    cnatAddrBindConfName             SnmpAdminString,
    cnatAddrBindSessionCount         Gauge32,
    cnatAddrBindCurrentIdleTime      TimeTicks,
    cnatAddrBindInTranslate          Counter32,
    cnatAddrBindOutTranslate         Counter32
}

cnatAddrBindLocalAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This object represents the private-realm specific network
             layer address, which maps to the public-realm address
             represented by cnatAddrBindGlobalAddr."
    ::= { cnatAddrBindEntry 1 }

cnatAddrBindGlobalAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents the public-realm network layer
             address that maps to the private-realm network layer
             address represented by cnatAddrBindLocalAddr."
    ::= { cnatAddrBindEntry 2 }

cnatAddrBindId OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents a BIND id that is dynamically
             assigned to each BIND by a NAT enabled device. Each
             BIND is represented by a unique BIND id across both,
             the Address bind and Address-Port bind tables."
    ::= { cnatAddrBindEntry 3 }

cnatAddrBindDirection OBJECT-TYPE
    SYNTAX     INTEGER {
                   uniDirectional (1),
                   biDirectional (2)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents the direction of the BIND. A
             BIND may be either uni-directional or bi-directional,
             same as the orientation of the address map, based on
             which this bind is formed. The direction of this bind
             is with reference to the private realm."
    ::= { cnatAddrBindEntry 4 }

cnatAddrBindType OBJECT-TYPE
    SYNTAX     INTEGER {
                   static (1),
                   dynamic (2)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object indicates whether the BIND is static or
             dynamic."
    ::= { cnatAddrBindEntry 5 }

cnatAddrBindConfName OBJECT-TYPE
    SYNTAX     SnmpAdminString (SIZE(1..32))
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object is a pointer to the cnatConfTable entry (and
             the parameters of that entry) which was used in creating
             this BIND."
    ::= { cnatAddrBindEntry 6 }

cnatAddrBindSessionCount OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "Number of sessions currently using this BIND."
    ::= { cnatAddrBindEntry 7 }

cnatAddrBindCurrentIdleTime OBJECT-TYPE
    SYNTAX     TimeTicks
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "At any given instance of time, this object indicates the
             time that this BIND has been idle with no sessions
             attached to it. The value represented by this object is
             of relevance only when the value of Maximum Idle time
             (cnatConfMaxBindIdleTime) is non-zero."
    ::= { cnatAddrBindEntry 8 }

cnatAddrBindInTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of inbound packets that were translated as per
             this BIND entry."
    ::= { cnatAddrBindEntry 9 }

cnatAddrBindOutTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of outbound packets that were translated as
             per this BIND entry."
    ::= { cnatAddrBindEntry 10 }

-- Address-Port Bind section

cnatAddrPortBindNumberOfEntries OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object maintains a count of the number of entries
             that currently exist in the cnatAddrPortBindTable."
    ::= { cnatBind 3 }

-- The NAT Address-Port BIND Table

cnatAddrPortBindTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatAddrPortBindEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This table holds information about the currently
             active NAPT BINDs."
    ::= { cnatBind 4 }

cnatAddrPortBindEntry OBJECT-TYPE
    SYNTAX     CnatAddrPortBindEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "Each entry in the this table holds information
             a NAPT BIND that is currently active."
    INDEX   { cnatAddrPortBindLocalAddr, cnatAddrPortBindLocalPort,
              cnatAddrPortBindProtocol }
    ::= { cnatAddrPortBindTable 1 }

CnatAddrPortBindEntry ::= SEQUENCE {
    cnatAddrPortBindLocalAddr            IpAddress,
    cnatAddrPortBindLocalPort            Integer32,
    cnatAddrPortBindProtocol             BITS,
    cnatAddrPortBindGlobalAddr           IpAddress,
    cnatAddrPortBindGlobalPort           Integer32,
    cnatAddrPortBindId                   Unsigned32,
    cnatAddrPortBindDirection            INTEGER,
    cnatAddrPortBindType                 INTEGER,
    cnatAddrPortBindConfName             SnmpAdminString,
    cnatAddrPortBindSessionCount         Gauge32,
    cnatAddrPortBindCurrentIdleTime      TimeTicks,
    cnatAddrPortBindInTranslate          Counter32,
    cnatAddrPortBindOutTranslate         Counter32
}

cnatAddrPortBindLocalAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This object represents the private-realm specific network
             layer address which, in conjunction with
             cnatAddrPortBindLocalPort, maps to the public-realm
             network layer address and transport id represented by
             cnatAddrPortBindGlobalAddr and cnatAddrPortBindGlobalPort
             respectively."
    ::= { cnatAddrPortBindEntry 1 }

cnatAddrPortBindLocalPort OBJECT-TYPE
    SYNTAX     Integer32(0..65535)
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This object represents the private-realm specific port
             number (or query ID in case of ICMP messages) which, in
             conjunction with cnatAddrPortBindLocalAddr, maps to the
             public-realm network layer address and transport id
             represented by cnatAddrPortBindGlobalAddr and
             cnatAddrPortBindGlobalPort respectively."
    ::= { cnatAddrPortBindEntry 2 }

cnatAddrPortBindProtocol OBJECT-TYPE
    SYNTAX     BITS {
                 all (0),
                 other (1),
                 icmp (2),
                 udp (3),
                 tcp (4)
                }
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "This object specifies a protocol identifier. If the
             value of this object is '0', then this BIND entry
             applies to all IP traffic. If the value of this object is
             non-zero, then this NAT entry only applies to IP traffic
             with the specified protocol."
    ::= { cnatAddrPortBindEntry 3 }

cnatAddrPortBindGlobalAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents the public-realm specific network
             layer address that, in conjunction with
             cnatAddrPortBindGlobalPort, maps to the private-realm
             network layer address and transport id represented by
             cnatAddrPortBindLocalAddr and cnatAddrPortBindLocalPort
             respectively."
    ::= { cnatAddrPortBindEntry 4 }

cnatAddrPortBindGlobalPort OBJECT-TYPE
    SYNTAX     Integer32(0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents the port number (or query id in
             case of ICMP) that, in conjunction with
             cnatAddrPortBindGlobalAddr, maps to the private-realm
             network layer address and transport id represented by
             cnatAddrPortBindLocalAddr and cnatAddrPortBindLocalPort
             respectively."
    ::= { cnatAddrPortBindEntry 5 }

cnatAddrPortBindId OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents a BIND id that is dynamically
             assigned to each BIND by a NAT enabled device. Each
             BIND is represented by a unique BIND id across both,
             the Address Bind and Address-Port Bind tables."
    ::= { cnatAddrPortBindEntry 6 }

cnatAddrPortBindDirection OBJECT-TYPE
    SYNTAX     INTEGER {
                   uniDirectional (1),
                   biDirectional (2)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object represents the direction of the BIND. A
             BIND may be either uni-directional or bi-directional,
             same as the orientation of the address map, based on
             which this bind is formed. The direction of this bind
             is with reference to the private realm."
    ::= { cnatAddrPortBindEntry 7 }

cnatAddrPortBindType OBJECT-TYPE
    SYNTAX     INTEGER {
                   static (1),
                   dynamic (2)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object indicates whether the BIND is static or
             dynamic."
    ::= { cnatAddrPortBindEntry 8 }

cnatAddrPortBindConfName OBJECT-TYPE
    SYNTAX     SnmpAdminString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object is a pointer to the cnatConfTable entry (and
             the parameters of that entry) which was used in creating
             this BIND."
    ::= { cnatAddrPortBindEntry 9 }

cnatAddrPortBindSessionCount OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "Number of sessions currently using this BIND."
    ::= { cnatAddrPortBindEntry 10 }

cnatAddrPortBindCurrentIdleTime OBJECT-TYPE
    SYNTAX     TimeTicks
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "At any given instance of time, this object indicates the
             time that this BIND has been idle with no sessions
             attached to it. The value represented by this object is
             of relevance only when the value of Maximum Idle time
             (cnatConfMaxBindIdleTime) is non-zero."
    ::= { cnatAddrPortBindEntry 11 }

cnatAddrPortBindInTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of inbound packets that were translated as per
             this BIND entry."
    ::= { cnatAddrPortBindEntry 12 }

cnatAddrPortBindOutTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of outbound packets that were translated as per
             this BIND entry."
    ::= { cnatAddrPortBindEntry 13 }


-- The Session Table

cnatSessionTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatSessionEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The (conceptual) table containing one entry for each
             NAT session currently active on this NAT device."
    ::= { cnatBind 5 }

cnatSessionEntry OBJECT-TYPE
    SYNTAX     CnatSessionEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "An entry (conceptual row) containing information
             about an active NAT session on this NAT device."
    INDEX   { cnatSessionBindId, cnatSessionId }
    ::= { cnatSessionTable 1 }

CnatSessionEntry ::= SEQUENCE {
    cnatSessionBindId               Unsigned32,
    cnatSessionId                   Unsigned32,
    cnatSessionDirection            INTEGER,
    cnatSessionUpTime               TimeTicks,
    cnatSessionProtocolType         NATProtocolType,
    cnatSessionOrigPrivateAddr      IpAddress,
    cnatSessionTransPrivateAddr     IpAddress,
    cnatSessionOrigPrivatePort      Integer32,
    cnatSessionTransPrivatePort     Integer32,
    cnatSessionOrigPublicAddr       IpAddress,
    cnatSessionTransPublicAddr      IpAddress,
    cnatSessionOrigPublicPort       Integer32,
    cnatSessionTransPublicPort      Integer32,
    cnatSessionCurrentIdletime      TimeTicks,
    cnatSessionSecondBindId         Unsigned32,
    cnatSessionInTranslate          Counter32,
    cnatSessionOutTranslate         Counter32
}

cnatSessionBindId OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This object represents a BIND id that is dynamically
             assigned to each BIND by a NAT enabled device. This
             bind id is that same as represented by the BindId
             objects in the Address bind and Address-Port bind
             tables."
    ::= { cnatSessionEntry 1 }

cnatSessionId OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The session ID for this NAT session."
    ::= { cnatSessionEntry 2 }

cnatSessionDirection OBJECT-TYPE
    SYNTAX     INTEGER {
                   inbound (1),
                   outbound (2)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The direction of this session with respect to the
             local network. 'inbound' indicates that this session
             was initiated from the public network into the private
             network. 'outbound' indicates that this session was
             initiated from the private network into the public
             network."
    ::= { cnatSessionEntry 3 }

cnatSessionUpTime OBJECT-TYPE
    SYNTAX     TimeTicks
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The up time of this session in one-hundredths of a
             second."
    ::= { cnatSessionEntry 4 }

cnatSessionProtocolType OBJECT-TYPE
    SYNTAX     NATProtocolType
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The protocol type of this session.

             TCP and UDP sessions are uniquely identified by the
             tuple of (source IP address, source UDP/TCP port,
             destination IP address, destination TCP/UCP port).
             ICMP query sessions are identified by the tuple of
             (source IP address, ICMP query ID, destination IP
             address)."
    ::= { cnatSessionEntry 5 }

cnatSessionOrigPrivateAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The original IP address of the session endpoint that
             lies in the private network."
    ::= { cnatSessionEntry 6 }

cnatSessionTransPrivateAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The translated IP address of the session endpoint that
             lies in the private network. The value of this object
             is equal to that of the original public IP Address
             (cnatSessionOrigPrivateAddr) when there is no
             translation."
    ::= { cnatSessionEntry 7 }

cnatSessionOrigPrivatePort OBJECT-TYPE
    SYNTAX     Integer32 (0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The original transport port of the session endpoint that
             belongs to the private network. If this is an ICMP session
             then the value is the ICMP request ID."
    ::= { cnatSessionEntry 8 }

cnatSessionTransPrivatePort OBJECT-TYPE
    SYNTAX     Integer32 (0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The translated transport port of the session that lies in
             the private network. The value of this object is equal to
             that of the original transport port
             (cnatSessionOrigPrivatePort) when there is no translation."

    ::= { cnatSessionEntry 9 }

cnatSessionOrigPublicAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The original IP address of the session endpoint that lies
             in the public network."
    ::= { cnatSessionEntry 10 }

cnatSessionTransPublicAddr OBJECT-TYPE
    SYNTAX     IpAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The translated IP address of the session endpoint that
             belongs to the public network. The value of this object
             is equal to that of the original public IP Address
             (cnatSessionOrigPublicAddr) when there is no
             translation."
    ::= { cnatSessionEntry 11 }

cnatSessionOrigPublicPort OBJECT-TYPE
    SYNTAX     Integer32 (0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The original transport port of the session endpoint that
             belongs to the public network. If this is an ICMP
             session then the value contains the ICMP request ID."
    ::= { cnatSessionEntry 12 }

cnatSessionTransPublicPort OBJECT-TYPE
    SYNTAX     Integer32 (0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The translated transport port of the session endpoint
             that belongs to the public network. The value of this
             object is equal to that of the original transport port
             (cnatSessionOrigPublicPort) when there is no
             translation."
    ::= { cnatSessionEntry 13 }

cnatSessionCurrentIdletime OBJECT-TYPE
    SYNTAX     TimeTicks
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The time in one-hundredths of a second since a packet
             belonging to this session was last detected."
    ::= { cnatSessionEntry 14 }

cnatSessionSecondBindId OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The natBindId of the 'other' NAT binding incase of Twice
             NAT. An instance of this object contains a valid value
             only if the binding type for this session is TwiceNAT."
    ::= { cnatSessionEntry 15 }

cnatSessionInTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of inbound packets that were translated by
             this session."
    ::= { cnatSessionEntry 16 }

cnatSessionOutTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of outbound packets that were translated by
             this session."
    ::= { cnatSessionEntry 17 }

-- The Statistics Group

-- The Protocol Stats table

cnatProtocolStatsTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatProtocolStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The (conceptual) table containing per protocol NAT
             statistics."
    ::= { cnatStatistics 1 }

cnatProtocolStatsEntry OBJECT-TYPE
    SYNTAX     CnatProtocolStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "An entry (conceptual row) containing NAT statistics
             pertaining to a particular protocol."
    INDEX   { cnatProtocolStatsName }
    ::= { cnatProtocolStatsTable 1 }

CnatProtocolStatsEntry ::= SEQUENCE {
    cnatProtocolStatsName          NATProtocolType,
    cnatProtocolStatsInTranslate   Counter32,
    cnatProtocolStatsOutTranslate  Counter32,
    cnatProtocolStatsRejectCount   Counter32
}

cnatProtocolStatsName OBJECT-TYPE
    SYNTAX     NATProtocolType
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This object represents the protocol pertaining to which
             statistics are reported."
    ::= { cnatProtocolStatsEntry 1 }

cnatProtocolStatsInTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of inbound packets, pertaining to the protocol
             identified by cnatProtocolStatsName, that underwent NAT."
    ::= { cnatProtocolStatsEntry 2 }

cnatProtocolStatsOutTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of outbound packets, pertaining to the protocol
             identified by cnatProtocolStatsName, that underwent NAT."
    ::= { cnatProtocolStatsEntry 3 }

cnatProtocolStatsRejectCount OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of packets, pertaining to the protocol
             identified by cnatProtocolStatsName, that had to be
             rejected/dropped due to lack of resources. These
             rejections could be due to session timeout, resource
             unavailability etc."
     ::= { cnatProtocolStatsEntry 4 }

-- The Address Map Stats table

cnatAddrMapStatsTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatAddrMapStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The (conceptual) table containing per address map NAT
             statistics."
    ::= { cnatStatistics 2 }

cnatAddrMapStatsEntry OBJECT-TYPE
    SYNTAX     CnatAddrMapStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "An entry (conceptual row) containing NAT statistics per
             address map."
    INDEX   { cnatAddrMapStatsConfName, cnatAddrMapStatsMapName }
    ::= { cnatAddrMapStatsTable 1 }

CnatAddrMapStatsEntry ::= SEQUENCE {
    cnatAddrMapStatsConfName      SnmpAdminString,
    cnatAddrMapStatsMapName       SnmpAdminString,
    cnatAddrMapStatsInTranslate   Counter32,
    cnatAddrMapStatsOutTranslate  Counter32,
    cnatAddrMapStatsNoResource    Counter32,
    cnatAddrMapStatsAddrUsed      Gauge32
}

cnatAddrMapStatsConfName OBJECT-TYPE
    SYNTAX     SnmpAdminString (SIZE(1..32))
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The name of the configuration (from the cnatConfTable),
             regarding which statistics are being reported. The
             configuration name along with Map name uniquely
             identifies an entry across both (static and dynamic)
             Address Map tables."
    ::= { cnatAddrMapStatsEntry 1 }

cnatAddrMapStatsMapName OBJECT-TYPE
    SYNTAX     SnmpAdminString (SIZE(1..32))
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "The name of the Address Map (from the
             cnatConfStaticAddrMapTable/cnatConfDynAddrMapTable),
             regarding which statistics are being reported. The
             configuration name along with Map name uniquely
             identifies an entry across both (static and dynamic)
             Address Map tables."
    ::= { cnatAddrMapStatsEntry 2 }

cnatAddrMapStatsInTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of inbound packets, pertaining to this address
             map entry, that were translated."
    ::= { cnatAddrMapStatsEntry 3 }

cnatAddrMapStatsOutTranslate OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of outbound packets, pertaining to this
             address map entry, that were translated."
    ::= { cnatAddrMapStatsEntry 4 }

cnatAddrMapStatsNoResource OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of packets, pertaining to this address map
             entry, that were dropped due to lack of addresses in the
             address pool identified by this address map. The value of
             this object should always be zero in case of static
             address map."
    ::= { cnatAddrMapStatsEntry 5 }

cnatAddrMapStatsAddrUsed OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of addresses, pertaining to this address map,
             that are currently being used from the nat pool. The
             value of this object is irrelevant if the address map in
             question is a static address map."
    ::= { cnatAddrMapStatsEntry 6 }

-- The Interface Stats table

cnatInterfaceStatsTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF CnatInterfaceStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "This table augments the cnatInterfaceTable and provides
             statistics information pertaining to the specified
             interface."
    ::= { cnatStatistics 3 }

cnatInterfaceStatsEntry OBJECT-TYPE
    SYNTAX     CnatInterfaceStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
            "Each entry of the cnatInterfaceStatsTable represents stats
             pertaining to one interface, which is identified by its
             ifIndex."
    AUGMENTS { cnatInterfaceEntry }
    ::= { cnatInterfaceStatsTable 1 }

CnatInterfaceStatsEntry ::= SEQUENCE {
    cnatInterfacePktsIn   Counter32,
    cnatInterfacePktsOut  Counter32
}

cnatInterfacePktsIn OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "Number of packets received on this interface that
             were translated."
    ::= { cnatInterfaceStatsEntry 1 }

cnatInterfacePktsOut OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "Number of translated packets that were sent out this
             interface."
    ::= { cnatInterfaceStatsEntry 2 }


-- Notifications

ciscoNatMIBNotificationPrefix  OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 2 }
ciscoNatMIBNotifications       OBJECT IDENTIFIER ::=
                       { ciscoNatMIBNotificationPrefix 0 }


-- Conformance information

ciscoNatMIBConformance OBJECT IDENTIFIER ::= { ciscoIetfNatMIB 3 }
ciscoNatMIBCompliances OBJECT IDENTIFIER ::= { ciscoNatMIBConformance 1
}
ciscoNatMIBGroups      OBJECT IDENTIFIER ::= { ciscoNatMIBConformance 2
}

-- Compliance statements

ciscoNatMIBCompliance MODULE-COMPLIANCE
    STATUS  current
    DESCRIPTION
            "The compliance statement for devices running NAT."
    MODULE  -- this module
      MANDATORY-GROUPS { cnatConfigGroup, cnatBindGroup }
    ::= { ciscoNatMIBCompliances 1 }

-- Units of conformance

cnatConfigGroup OBJECT-GROUP
    OBJECTS { cnatConfServiceType,
              cnatConfTimeoutIcmpIdle,
              cnatConfTimeoutUdpIdle,
              cnatConfTimeoutTcpIdle,
              cnatConfTimeoutTcpNeg,
              cnatConfTimeoutOther,
              cnatConfMaxBindLeaseTime,
              cnatConfMaxBindIdleTime,
              cnatConfStorageType,
              cnatConfStatus,
              cnatConfStaticAddrMapType,
              cnatConfStaticLocalAddrFrom,
              cnatConfStaticLocalAddrTo,
              cnatConfStaticLocalPortFrom,
              cnatConfStaticLocalPortTo,
              cnatConfStaticGlobalAddrFrom,
              cnatConfStaticGlobalAddrTo,
              cnatConfStaticGlobalPortFrom,
              cnatConfStaticGlobalPortTo,
              cnatConfStaticProtocol,
              cnatConfStaticAddrMapStorageType,
              cnatConfStaticAddrMapStatus,
              cnatConfDynAddressMapType,
              cnatConfDynLocalAddrFrom,
              cnatConfDynLocalAddrTo,
              cnatConfDynLocalPortFrom,
              cnatConfDynLocalPortTo,
              cnatConfDynGlobalAddrFrom,
              cnatConfDynGlobalAddrTo,
              cnatConfDynGlobalPortFrom,
              cnatConfDynGlobalPortTo,
              cnatConfDynProtocol,
              cnatConfDynAddrMapStorageType,
              cnatConfDynAddrMapStatus,
              cnatInterfaceRealm,
              cnatInterfaceStorageType,
              cnatInterfaceStatus }
    STATUS  current
    DESCRIPTION
            "A collection of configuration-related information
             required to support management of devices supporting
             NAT."
    ::= { ciscoNatMIBGroups 1 }


cnatBindGroup OBJECT-GROUP
    OBJECTS { cnatAddrBindNumberOfEntries,
              cnatAddrBindGlobalAddr,
              cnatAddrBindId,
              cnatAddrBindDirection,
              cnatAddrBindType,
              cnatAddrBindConfName,
              cnatAddrBindSessionCount,
              cnatAddrBindCurrentIdleTime,
              cnatAddrBindInTranslate,
              cnatAddrBindOutTranslate,
              cnatAddrPortBindNumberOfEntries,
              cnatAddrPortBindGlobalAddr,
              cnatAddrPortBindGlobalPort,
              cnatAddrPortBindId,
              cnatAddrPortBindDirection,
              cnatAddrPortBindType,
              cnatAddrPortBindConfName,
              cnatAddrPortBindSessionCount,
              cnatAddrPortBindCurrentIdleTime,
              cnatAddrPortBindInTranslate,
              cnatAddrPortBindOutTranslate,
              cnatSessionDirection,
              cnatSessionUpTime,
              cnatSessionProtocolType,
              cnatSessionOrigPrivateAddr,
              cnatSessionTransPrivateAddr,
              cnatSessionOrigPrivatePort,
              cnatSessionTransPrivatePort,
              cnatSessionOrigPublicAddr,
              cnatSessionTransPublicAddr,
              cnatSessionOrigPublicPort,
              cnatSessionTransPublicPort,
              cnatSessionCurrentIdletime,
              cnatSessionSecondBindId,
              cnatSessionInTranslate,
              cnatSessionOutTranslate }
    STATUS  current
    DESCRIPTION
            "A collection of BIND-related objects required to support
             management of devices supporting NAT."
    ::= { ciscoNatMIBGroups 2 }


cnatStatsGroup OBJECT-GROUP
    OBJECTS { cnatProtocolStatsInTranslate,
              cnatProtocolStatsOutTranslate,
              cnatProtocolStatsRejectCount,
              cnatAddrMapStatsInTranslate,
              cnatAddrMapStatsOutTranslate,
              cnatAddrMapStatsNoResource,
              cnatAddrMapStatsAddrUsed,
              cnatInterfacePktsIn,
              cnatInterfacePktsOut }
    STATUS  current
    DESCRIPTION
            "A collection of NAT statistics related objects required
             to support troubleshooting/monitoring NAT operation."
    ::= { ciscoNatMIBGroups 3 }

END