diff options
| -rw-r--r-- | acl/acl-api/src/main/yang/vpp-acl.yang | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/acl/acl-api/src/main/yang/vpp-acl.yang b/acl/acl-api/src/main/yang/vpp-acl.yang index ff30d5ec5..a81516a90 100644 --- a/acl/acl-api/src/main/yang/vpp-acl.yang +++ b/acl/acl-api/src/main/yang/vpp-acl.yang @@ -30,6 +30,7 @@ module vpp-acl { augment /acl:access-lists/acl:acl/acl:access-list-entries/acl:ace/acl:actions/acl:packet-handling { ext:augment-identifier "stateful-acl-action-augmentation"; + when "../acl:matches/acl:ace-type = 'vpp-acl:vpp-acl'"; case stateful { leaf permit { type empty; @@ -105,6 +106,15 @@ module vpp-acl { } } + grouping acl-other-protocol-fields { + description "Used for any other protocol than TCP/UDP/ICMP/ICMPv6"; + leaf protocol { + must "protocol != 1 and protocol != 6 and protocol != 17 and protocol != 58"; + type uint8; + description "Internet Protocol number."; + } + } + grouping acl-ip-protocol-header-fields { description "Defines header fields for TCP/UDP or ICMP protocols"; @@ -112,6 +122,9 @@ module vpp-acl { case icmp { uses acl-icmp-header-fields; } + case icmp-v6 { + uses acl-icmp-header-fields; + } case udp { uses packet-fields:acl-transport-header-fields; } @@ -119,6 +132,9 @@ module vpp-acl { uses packet-fields:acl-transport-header-fields; uses acl-tcp-header-fields; } + case other { + uses acl-other-protocol-fields; + } } } @@ -144,11 +160,6 @@ module vpp-acl { uses packet-fields:acl-ipv6-header-fields; } } - leaf protocol { - type uint8; - description - "Internet Protocol number."; - } uses acl-ip-protocol-header-fields; } } |