Appendix D. 'firewall-1.schema' File for Use with OpenLDAP v2

Appendix D. firewall-1.schema File for Use with OpenLDAP v2

To use the firewall1.schema file, add the following lines to your slapd.conf file. These lines assume the core, cosine, and inetorgperson schemas are stored in /etc/openldap/schema.

include     /etc/openldap/schema/core.schema
include     /etc/openldap/schema/cosine.schema
include     /etc/openldap/schema/inetorgperson.schema
include     /etc/openldap/schema/firewall1.schema

The firewall1.schema file looks like this.

attributeType ( 1.3.114.7.4.2.0.1
   NAME 'fw1auth-method'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.2
   NAME 'fw1auth-server'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.3
   NAME 'fw1pwdlastmod'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.4
   NAME 'fw1skey-number'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.5
   NAME 'fw1skey-seed'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.6
   NAME 'fw1skey-passwd'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.7
   NAME 'fw1skey-mdm'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.8
   NAME 'fw1expiration-date'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.9
   NAME 'fw1hour-range-from'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.10
   NAME 'fw1hour-range-to'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.11
   NAME 'fw1day'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.12
   NAME 'fw1allowed-src'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.13
   NAME 'fw1allowed-dst'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.14
   NAME 'fw1allowed-vlan'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.15
   NAME 'fw1SR-keym'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.16
   NAME 'fw1SR-datam'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.17
   NAME 'fw1SR-mdm'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.18
   NAME 'fw1enc-fwz-expiration'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.19
   NAME 'fw1sr-auth-track'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.20
   NAME 'fw1grouptemplate'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.21
   NAME 'fw1ISAKMP-EncMethod'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.22
   NAME 'fw1ISAKMP-AuthMethods'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.23
   NAME 'fw1ISAKMP-HashMethods'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.24
   NAME 'fw1ISAKMP-Transform'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.25
   NAME 'fw1ISAKMP-DataIntegrityMethod'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.26
   NAME 'fw1ISAKMP-SharedSecret'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.27
   NAME 'fw1ISAKMP-DataEncMethod'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.114.7.4.2.0.28
   NAME 'fw1enc-methods'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
objectClass ( 1.3.114.7.3.2.0.1
   NAME 'fw1template'
   SUP top STRUCTURAL
   MUST ( objectclass $ cn )
   MAY ( member $ description $ fw1auth-method $ fw1auth-server $ 
fw1pwdlastmod $ fw1skey-number $ fw1skey-seed $ fw1skey-passwd $
fw1skey-mdm $ fw1expiration-date $ fw1hour-range-from $ fw1hour-
range-to $ fw1day $ fw1allowed-src $ fw1allowed-dst $ fw1allowed-
vlan $ fw1SR-keym $ fw1SR-datam $ fw1SR-mdm $ fw1enc-fwz-
expiration $ fw1sr-auth-track $ fw1grouptemplate $ fw1ISAKMP-
EncMethod $ fw1ISAKMP-AuthMethods $ fw1ISAKMP-HashMethods $ 
fw1ISAKMP-Transform $ fw1ISAKMP-DataIntegrityMethod $ fw1ISAKMP-
SharedSecret $ fw1ISAKMP-DataEncMethod $ fw1enc-methods )
   )
objectClass ( 1.3.114.7.3.2.0.2
   NAME 'fw1person'
   SUP top AUXILIARY
   MUST ( cn )
   MAY ( description $ fw1auth-method $ fw1auth-server $ 
fw1pwdlastmod $ fw1skey-number $ fw1skey-seed $ fw1skey-passwd $
fw1skey-mdm $ fw1expiration-date $ fw1hour-range-from $ fw1hour-
range-to $ fw1day $ fw1allowed-src $ fw1allowed-dst $ fw1allowed-
vlan $ fw1SR-keym $ fw1SR-datam $ fw1SR-mdm $ fw1enc-fwz-
expiration $ fw1sr-auth-track $ fw1grouptemplate $ fw1ISAKMP-
EncMethod $ fw1ISAKMP-AuthMethods $ fw1ISAKMP-HashMethods $ 
fw1ISAKMP-Transform $ fw1ISAKMP-DataIntegrityMethod $ fw1ISAKMP-
SharedSecret $ fw1ISAKMP-DataEncMethod $ fw1enc-methods )
   )