summaryrefslogtreecommitdiffstats
path: root/vpp-classifier/api/src/main/yang/ietf-access-control-list.yang
diff options
context:
space:
mode:
Diffstat (limited to 'vpp-classifier/api/src/main/yang/ietf-access-control-list.yang')
-rw-r--r--vpp-classifier/api/src/main/yang/ietf-access-control-list.yang208
1 files changed, 0 insertions, 208 deletions
diff --git a/vpp-classifier/api/src/main/yang/ietf-access-control-list.yang b/vpp-classifier/api/src/main/yang/ietf-access-control-list.yang
deleted file mode 100644
index 3083ee2a0..000000000
--- a/vpp-classifier/api/src/main/yang/ietf-access-control-list.yang
+++ /dev/null
@@ -1,208 +0,0 @@
-module ietf-access-control-list {
- yang-version 1.1;
- namespace "urn:ietf:params:xml:ns:yang:ietf-access-control-list";
- prefix acl;
- import ietf-yang-types {
- prefix yang;
- }
- import ietf-packet-fields {
- prefix packet-fields;
- }
- organization "IETF NETMOD (NETCONF Data Modeling Language)
- Working Group";
- contact
- "WG Web: http://tools.ietf.org/wg/netmod/
- WG List: netmod@ietf.org
- WG Chair: Juergen Schoenwaelder
- j.schoenwaelder@jacobs-university.de
- WG Chair: Tom Nadeau
- tnadeau@lucidvision.com
- Editor: Dean Bogdanovic
- ivandean@gmail.com
- Editor: Kiran Agrahara Sreenivasa
- kkoushik@cisco.com
- Editor: Lisa Huang
- lyihuang16@gmail.com
- Editor: Dana Blair
- dblair@cisco.com";
- description
- "This YANG module defines a component that describing the
- configuration of Access Control Lists (ACLs).
- Copyright (c) 2015 IETF Trust and the persons identified as
- the document authors. All rights reserved.
- Redistribution and use in source and binary forms, with or
- without modification, is permitted pursuant to, and subject
- to the license terms contained in, the Simplified BSD
- License set forth in Section 4.c of the IETF Trust's Legal
- Provisions Relating to IETF Documents
- (http://trustee.ietf.org/license-info).
- This version of this YANG module is part of RFC XXXX; see
- the RFC itself for full legal notices.";
- revision 2016-07-08 {
- description
- "Base model for Network Access Control List (ACL).";
- reference
- "RFC XXXX: Network Access Control List (ACL)
- YANG Data Model";
- }
- identity acl-base {
- description
- "Base Access Control List type for all Access Control List type
- identifiers.";
- }
- identity ipv4-acl {
- base acl:acl-base;
- description
- "ACL that primarily matches on fields from the IPv4 header
- (e.g. IPv4 destination address) and layer 4 headers (e.g. TCP
- destination port). An acl of type ipv4-acl does not contain
- matches on fields in the ethernet header or the IPv6 header.";
- }
- identity ipv6-acl {
- base acl:acl-base;
- description
- "ACL that primarily matches on fields from the IPv6 header
- (e.g. IPv6 destination address) and layer 4 headers (e.g. TCP
- destination port). An acl of type ipv6-acl does not contain
- matches on fields in the ethernet header or the IPv4 header.";
- }
- identity eth-acl {
- base acl:acl-base;
- description
- "ACL that primarily matches on fields in the ethernet header,
- like 10/100/1000baseT or WiFi Access Control List. An acl of
- type eth-acl does not contain matches on fields in the IPv4
- header, IPv6 header or layer 4 headers.";
- }
- typedef acl-type {
- type identityref {
- base acl:acl-base;
- }
- description
- "This type is used to refer to an Access Control List
- (ACL) type";
- }
- typedef access-control-list-ref {
- type leafref {
- path "/access-lists/acl/acl-name";
- }
- description
- "This type is used by data models that need to reference an
- Access Control List";
- }
- container access-lists {
- description
- "This is a top level container for Access Control Lists.
- It can have one or more Access Control Lists.";
- list acl {
- key "acl-type acl-name";
- description
- "An Access Control List(ACL) is an ordered list of
- Access List Entries (ACE). Each Access Control Entry has a
- list of match criteria and a list of actions.
- Since there are several kinds of Access Control Lists
- implemented with different attributes for
- different vendors, this
- model accommodates customizing Access Control Lists for
- each kind and for each vendor.";
- leaf acl-name {
- type string;
- description
- "The name of access-list. A device MAY restrict the length
- and value of this name, possibly space and special
- characters are not allowed.";
- }
- leaf acl-type {
- type acl-type;
- description
- "Type of access control list. Indicates the primary intended
- type of match criteria (e.g. ethernet, IPv4, IPv6, mixed, etc)
- used in the list instance.";
- }
- container acl-oper-data {
- config false;
- description
- "Overall Access Control List operational data";
- }
- container access-list-entries {
- description
- "The access-list-entries container contains
- a list of access-list-entries(ACE).";
- list ace {
- key "rule-name";
- ordered-by user;
- description
- "List of access list entries(ACE)";
- leaf rule-name {
- type string;
- description
- "A unique name identifying this Access List
- Entry(ACE).";
- }
- container matches {
- description
- "Definitions for match criteria for this Access List
- Entry.";
- choice ace-type {
- description
- "Type of access list entry.";
- case ace-ip {
- description "IP Access List Entry.";
- choice ace-ip-version {
- description
- "IP version used in this Access List Entry.";
- case ace-ipv4 {
- uses packet-fields:acl-ipv4-header-fields;
- }
- case ace-ipv6 {
- uses packet-fields:acl-ipv6-header-fields;
- }
- }
- uses packet-fields:acl-ip-header-fields;
- }
- case ace-eth {
- description
- "Ethernet Access List entry.";
- uses packet-fields:acl-eth-header-fields;
- }
- }
- }
- container actions {
- description
- "Definitions of action criteria for this Access List
- Entry.";
- choice packet-handling {
- default "deny";
- description
- "Packet handling action.";
- case deny {
- leaf deny {
- type empty;
- description
- "Deny action.";
- }
- }
- case permit {
- leaf permit {
- type empty;
- description
- "Permit action.";
- }
- }
- }
- }
- container ace-oper-data {
- config false;
- description
- "Operational data for this Access List Entry.";
- leaf match-counter {
- type yang:counter64;
- description
- "Number of matches for this Access List Entry";
- }
- }
- }
- }
- }
- }
-}