blob: 29b85e860b89b38649aca934ff5c2d71daf1a6e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
module interface-acl {
yang-version 1;
namespace "urn:opendaylight:params:xml:ns:yang:interface:acl";
prefix "ifc-acl";
revision "2016-12-14" {
description "Initial revision of interface-acl model";
}
import ietf-interfaces {
prefix "if";
}
import yang-ext {
prefix "ext";
}
import ietf-yang-types {
prefix "yang";
}
import vpp-acl {
prefix "vpp-acl";
}
import ietf-access-control-list {
prefix "acl";
}
description "Augmentations to interfaces model to apply acls exposed by acl plugin of vpp";
grouping vpp-acl-base-attributes {
leaf tag {
type yang:hex-string {
length 64;
}
description
"Placeholder for ACL metadata. Value is stored in vpp, and returned in read requests. No processing involved.";
}
}
grouping vpp-acls-base-attributes {
description
"List of ACLs of vpp-acl type"; // TODO express constraint in the model if possible
list vpp-acls {
key "type name";
ordered-by user;
leaf type {
type acl:acl-type;
}
leaf name {
type acl:access-control-list-ref;
}
uses vpp-acl-base-attributes;
}
}
grouping vpp-macip-acls-base-attributes {
container vpp-macip-acl {
description
"ACL of vpp-macip-acl type"; // TODO express constraint in the model if possible
leaf type {
type acl:acl-type;
}
leaf name {
type acl:access-control-list-ref;
}
uses vpp-acl-base-attributes;
}
}
grouping interface-acl-attributes {
container acl {
container ingress {
uses vpp-acls-base-attributes;
uses vpp-macip-acls-base-attributes;
}
container egress {
uses vpp-acls-base-attributes;
}
}
}
augment /if:interfaces/if:interface {
ext:augment-identifier "vpp-acl-interface-augmentation";
uses interface-acl-attributes;
}
augment /if:interfaces-state/if:interface {
ext:augment-identifier "vpp-acl-interface-state-augmentation";
uses interface-acl-attributes;
}
}
|