diff options
| author |   Marek Gradzki <mgradzki@cisco.com> | 2018-08-21 15:19:11 +0200 |
|---|---|---|
| committer | Marek Gradzki <mgradzki@cisco.com> | 2018-08-21 15:28:57 +0200 |
| commit | 579bc2fc74a764a149afa30291d734f6ebe18b94 (patch) | |
| tree | a848a0febc977a9673f555b4d3ceb8a3c6b18dab /examples/ncclient/acl/config_acl.xml | |
| parent | 160ba2a4f7586e48ff1e53caed871b0010660c73 (diff) | |
examples/ncclient: update readme with <validate> example
Change-Id: Id5aa173292d00aee0dd37d0853d46cb98e2cce05
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'examples/ncclient/acl/config_acl.xml')
| -rw-r--r-- | examples/ncclient/acl/config_acl.xml | 185 |
1 files changed, 185 insertions, 0 deletions
diff --git a/examples/ncclient/acl/config_acl.xml b/examples/ncclient/acl/config_acl.xml new file mode 100644 index 000000000..164fd5aaa --- /dev/null +++ b/examples/ncclient/acl/config_acl.xml @@ -0,0 +1,185 @@ +<!-- + ~ Copyright (c) 2018 Cisco Systems, Inc. and others. All rights reserved. + ~ + ~ This program and the accompanying materials are made available under the + ~ terms of the Eclipse Public License v1.0 which accompanies this distribution, + ~ and is available at http://www.eclipse.org/legal/epl-v10.html + --> +<config> + <nat xmlns="urn:ietf:params:xml:ns:yang:ietf-nat"> + <instances> + <instance> + <id>0</id> + <policy> + <id>0</id> + </policy> + </instance> + </instances> + </nat> + <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> + <interface> + <name>local0</name> + <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> + <enabled>false</enabled> + </interface> + <interface> + <name>loop1</name> + <description>for testing purposes</description> + <type xmlns:x="urn:opendaylight:params:xml:ns:yang:v3po">x:loopback</type> + <loopback xmlns="urn:opendaylight:params:xml:ns:yang:v3po"> + <mac>00:ff:ff:ff:ff:ff</mac> + </loopback> + <acl xmlns="urn:opendaylight:params:xml:ns:yang:interface:acl"> + <ingress> + <vpp-acls> + <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</type> + <name>tcp-acl</name> + </vpp-acls> + <vpp-acls> + <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</type> + <name>udp-acl</name> + </vpp-acls> + <vpp-macip-acl> + <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-macip-acl</type> + <name>macip-acl</name> + </vpp-macip-acl> + </ingress> + </acl> + </interface> + </interfaces> + <access-lists xmlns="urn:ietf:params:xml:ns:yang:ietf-access-control-list"> + <acl> + <acl-name>macip-acl</acl-name> + <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-macip-acl</acl-type> + <access-list-entries> + <ace> + <rule-name>macip-rule</rule-name> + <matches> + <vpp-macip-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl"> + <source-ipv4-network>192.168.2.2/32</source-ipv4-network> + <source-mac-address>aa:aa:aa:aa:aa:aa</source-mac-address> + <source-mac-address-mask>ff:00:00:00:00:00</source-mac-address-mask> + </vpp-macip-ace-nodes> + </matches> + <actions> + <permit/> + </actions> + </ace> + </access-list-entries> + </acl> + <acl> + <acl-name>icmp-v6-acl</acl-name> + <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type> + <access-list-entries> + <ace> + <rule-name>imcp-v6-rule</rule-name> + <matches> + <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl"> + <destination-ipv6-network>2001:0db8:0a0b:12f0:0000:0000:0000:0001/64</destination-ipv6-network> + <source-ipv6-network>2001:0db8:0a0b:12f0:0000:0000:0000:0002/48</source-ipv6-network> + <icmp-v6-nodes> + <icmp-type-range> + <last>8</last> + <first>5</first> + </icmp-type-range> + <icmp-code-range> + <last>3</last> + <first>1</first> + </icmp-code-range> + </icmp-v6-nodes> + </vpp-ace-nodes> + </matches> + <actions> + <permit/> + </actions> + </ace> + </access-list-entries> + </acl> + <acl> + <acl-name>udp-acl</acl-name> + <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type> + <access-list-entries> + <ace> + <rule-name>udp-rule</rule-name> + <matches> + <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl"> + <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network> + <source-ipv4-network>192.168.2.2/32</source-ipv4-network> + <udp-nodes> + <source-port-range> + <upper-port>5487</upper-port> + <lower-port>1</lower-port> + </source-port-range> + <destination-port-range> + <upper-port>6745</upper-port> + <lower-port>87</lower-port> + </destination-port-range> + </udp-nodes> + </vpp-ace-nodes> + </matches> + <actions> + <permit/> + </actions> + </ace> + </access-list-entries> + </acl> + <acl> + <acl-name>tcp-acl</acl-name> + <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type> + <access-list-entries> + <ace> + <rule-name>tcp-rule</rule-name> + <matches> + <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl"> + <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network> + <source-ipv4-network>192.168.2.2/32</source-ipv4-network> + <tcp-nodes> + <source-port-range> + <upper-port>5487</upper-port> + <lower-port>1</lower-port> + </source-port-range> + <destination-port-range> + <upper-port>6745</upper-port> + <lower-port>87</lower-port> + </destination-port-range> + <tcp-flags-mask>1</tcp-flags-mask> + <tcp-flags-value>7</tcp-flags-value> + </tcp-nodes> + </vpp-ace-nodes> + </matches> + <actions> + <permit/> + </actions> + </ace> + </access-list-entries> + </acl> + <acl> + <acl-name>icmp-acl</acl-name> + <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type> + <access-list-entries> + <ace> + <rule-name>imcp-rule</rule-name> + <matches> + <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl"> + <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network> + <source-ipv4-network>192.168.2.2/32</source-ipv4-network> + <icmp-nodes> + <icmp-type-range> + <last>8</last> + <first>5</first> + </icmp-type-range> + <icmp-code-range> + <last>3</last> + <first>1</first> + </icmp-code-range> + </icmp-nodes> + </vpp-ace-nodes> + </matches> + <actions> + <permit/> + </actions> + </ace> + </access-list-entries> + </acl> + </access-lists> +</config> |