{ "info": { "_postman_id": "7d511277-9b9c-8a1c-2ad7-58618b778f72", "name": "Hc2vpp RESTCONF calls for acl plugin", "description": "Provides examples of RESTCONF calls for vpp's acl plugin, exposed\nin hc2vpp.", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "item": [ { "_postman_id": "76a3c744-d3c9-4326-9e53-6896c0220ea6", "name": "Write mac_ip list", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \"acl\": [\r\n {\r\n \"acl-name\": \"macip-acl\",\r\n \"acl-type\": \"vpp-acl:vpp-macip-acl\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"macip-rule\",\r\n \"matches\": {\r\n \"vpp-macip-ace-nodes\": {\r\n \"source-ipv4-network\": \"192.168.2.2/32\",\r\n \"source-mac-address\": \"aa:aa:aa:aa:aa:aa\",\r\n \"source-mac-address-mask\": \"ff:00:00:00:00:00\"\r\n }\r\n },\r\n \"actions\": {\r\n \"permit\": [null]\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:vpp-macip-acl/macip-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "acl", "vpp-acl:vpp-macip-acl", "macip-acl" ] } }, "response": [] }, { "_postman_id": "69d626eb-ef32-4b62-beef-8f91da807382", "name": "Write icmp acl list", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \"acl\": [\r\n {\r\n \"acl-name\": \"icmp-acl\",\r\n \"acl-type\": \"vpp-acl:vpp-acl\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"imcp-rule\",\r\n \"matches\": {\r\n \"vpp-ace-nodes\": {\r\n \"destination-ipv4-network\": \"192.168.2.1/24\",\r\n \"source-ipv4-network\": \"192.168.2.2/32\",\r\n \"icmp-nodes\": {\r\n \"icmp-type-range\": {\r\n \"first\": \"5\",\r\n \"last\": \"8\"\r\n },\r\n \"icmp-code-range\": {\r\n \"first\": \"1\",\r\n \"last\": \"3\"\r\n }\r\n }\r\n }\r\n },\r\n \"actions\": {\r\n \"permit\": [null]\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:vpp-acl/icmp-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "acl", "vpp-acl:vpp-acl", "icmp-acl" ] } }, "response": [] }, { "_postman_id": "39f40bc8-b30b-40e2-ae2d-b357a824f611", "name": "Write tcp acl list", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \"acl\": [\r\n {\r\n \"acl-name\": \"tcp-acl\",\r\n \"acl-type\": \"vpp-acl:vpp-acl\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"tcp-rule\",\r\n \"matches\": {\r\n \"vpp-ace-nodes\": {\r\n \"destination-ipv4-network\": \"192.168.2.1/24\",\r\n \"source-ipv4-network\": \"192.168.2.2/32\",\r\n \"tcp-nodes\": {\r\n \"source-port-range\": {\r\n \"lower-port\": \"1\",\r\n \"upper-port\": \"5487\"\r\n },\r\n \"destination-port-range\": {\r\n \"lower-port\": \"87\",\r\n \"upper-port\": \"6745\"\r\n },\r\n \"tcp-flags-mask\": \"1\",\r\n \"tcp-flags-value\": \"7\"\r\n }\r\n }\r\n },\r\n \"actions\": {\r\n \"permit\": [null]\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:vpp-acl/tcp-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "acl", "vpp-acl:vpp-acl", "tcp-acl" ] } }, "response": [] }, { "_postman_id": "0b24a6ea-b894-427b-91af-74ae075e3dff", "name": "Write icmp-v6 acl list", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \"acl\": [\r\n {\r\n \"acl-name\": \"icmp-v6-acl\",\r\n \"acl-type\": \"vpp-acl:vpp-acl\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"imcp-v6-rule\",\r\n \"matches\": {\r\n \"vpp-ace-nodes\": {\r\n \"destination-ipv6-network\": \"2001:0db8:0a0b:12f0:0000:0000:0000:0001/64\",\r\n \"source-ipv6-network\": \"2001:0db8:0a0b:12f0:0000:0000:0000:0002/48\",\r\n \"icmp-v6-nodes\": {\r\n \"icmp-type-range\": {\r\n \"first\": \"5\",\r\n \"last\": \"8\"\r\n },\r\n \"icmp-code-range\": {\r\n \"first\": \"1\",\r\n \"last\": \"3\"\r\n }\r\n }\r\n }\r\n },\r\n \"actions\": {\r\n \"permit\": [null]\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:vpp-acl/icmp-v6-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "acl", "vpp-acl:vpp-acl", "icmp-v6-acl" ] } }, "response": [] }, { "_postman_id": "4614b547-11f8-42d8-be28-fcac6af5f6f4", "name": "Write udp acl list", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \"acl\": [\r\n {\r\n \"acl-name\": \"udp-acl\",\r\n \"acl-type\": \"vpp-acl:vpp-acl\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"udp-rule\",\r\n \"matches\": {\r\n \"vpp-ace-nodes\": {\r\n \"destination-ipv4-network\": \"192.168.2.1/24\",\r\n \"source-ipv4-network\": \"192.168.2.2/32\",\r\n \"udp-nodes\": {\r\n \"source-port-range\": {\r\n \"lower-port\": \"1\",\r\n \"upper-port\": \"5487\"\r\n },\r\n \"destination-port-range\": {\r\n \"lower-port\": \"87\",\r\n \"upper-port\": \"6745\"\r\n }\r\n }\r\n }\r\n },\r\n \"actions\": {\r\n \"permit\": [null]\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:vpp-acl/udp-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "acl", "vpp-acl:vpp-acl", "udp-acl" ] } }, "response": [] }, { "_postman_id": "c33624c1-ff25-4227-bf86-4fbdb5d143c5", "name": "Assign ACLs as ingress to local0", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"ingress\": {\n \"vpp-acls\": [\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"tcp-acl\"\n },\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"udp-acl\"\n }\n ]\n }\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-interfaces:interfaces/interface/local0/interface-acl:acl/ingress", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-interfaces:interfaces", "interface", "local0", "interface-acl:acl", "ingress" ] } }, "response": [] }, { "_postman_id": "bdf2b03d-d373-4511-95fd-6be666390db3", "name": "Assign macip ACL to local0", "request": { "method": "PUT", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n\t\"vpp-macip-acl\": {\n\t\t\"type\" : \"vpp-acl:vpp-macip-acl\",\n\t\t\"name\" : \"macip-acl\"\n }\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-interfaces:interfaces/interface/local0/interface-acl:acl/ingress/vpp-macip-acl", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-interfaces:interfaces", "interface", "local0", "interface-acl:acl", "ingress", "vpp-macip-acl" ] } }, "response": [] }, { "_postman_id": "388656cf-05de-4649-82fe-41b132501936", "name": "Read ACLs (cfg)", "request": { "method": "GET", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\r\n \r\n \"interface\": [\r\n {\r\n \"name\": \"testInterface\",\r\n \"description\": \"for testing purposes\",\r\n \"type\": \"iana-if-type:ethernetCsmacd\",\r\n \"enabled\": \"true\",\r\n \"link-up-down-trap-enable\": \"enabled\",\r\n \"ietf-ip:ipv4\": {\r\n \"enabled\": \"true\",\r\n \"mtu\": \"1500\",\r\n \"address\": [\r\n {\r\n \"ip\": \"1.2.3.0\",\r\n \"netmask\": \"255.255.255.0\"\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n \r\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-access-control-list:access-lists", "" ] } }, "response": [] }, { "_postman_id": "4d76b60a-61fd-4213-862e-08a69eb73b9d", "name": "Read ingress ACLs assigned to local0", "request": { "method": "GET", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"ingress\": {\n \"vpp-acls\": [\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"tcp-acl\"\n },\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"udp-acl\"\n }\n ]\n }\n}" }, "url": { "raw": "http://localhost:8183/restconf/operational/ietf-interfaces:interfaces-state/interface/local0/interface-acl:acl/ingress", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "operational", "ietf-interfaces:interfaces-state", "interface", "local0", "interface-acl:acl", "ingress" ] } }, "response": [] }, { "_postman_id": "986a53c8-7a95-449b-93f4-8bb7ee5112b6", "name": "Read ACLs assigned to local0 (cfg)", "request": { "method": "GET", "header": [ { "key": "Authorization", "value": "Basic YWRtaW46YWRtaW4=" }, { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"ingress\": {\n \"vpp-acls\": [\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"tcp-acl\"\n },\n {\n \"type\" : \"vpp-acl:vpp-acl\",\n \"name\" : \"udp-acl\"\n }\n ]\n }\n}" }, "url": { "raw": "http://localhost:8183/restconf/config/ietf-interfaces:interfaces/interface/local0/interface-acl:acl/ingress", "protocol": "http", "host": [ "localhost" ], "port": "8183", "path": [ "restconf", "config", "ietf-interfaces:interfaces", "interface", "local0", "interface-acl:acl", "ingress" ] } }, "response": [] } ] }