blob: f051830fe063eda7da9fd293838cd3ef2e6b159f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
module interface-acl {
yang-version 1;
namespace "urn:opendaylight:params:xml:ns:yang:interface:acl";
prefix "ifc-acl";
import ietf-interfaces {
prefix "if";
}
import yang-ext {
prefix "ext";
}
import ietf-access-control-list {
prefix "acl";
}
organization
"FD.io - The Fast Data Project";
contact
"Hc2vpp Wiki <https://wiki.fd.io/view/Hc2vpp>
Mailing List <hc2vpp@lists.fd.io>";
description
"This module contains a collection of YANG definitions for
applying ACLs on VPP interfaces.
Uses ACL implementation provided by ACL plugin of VPP.
Copyright (c) 2016 Cisco and/or its affiliates.
Licensed under the Apache License, Version 2.0 (the 'License');
you may not use this file except in compliance with the License.
You may obtain a copy of the License at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an 'AS IS' BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.";
revision "2016-12-14" {
description "Initial revision of interface-acl model";
}
grouping vpp-acls-base-attributes {
description
"List of ACLs of vpp-acl type"; // TODO(HC2VPP-201): express constraint in the model if possible
list vpp-acls {
key "type name";
ordered-by user;
leaf type {
type acl:acl-type;
}
// FIXME(HC2VPP-290): define leafref in interface-acl or bump ietf-access-control-list
leaf name {
type acl:access-control-list-ref;
}
}
}
grouping vpp-macip-acls-base-attributes {
container vpp-macip-acl {
description
"ACL of vpp-macip-acl type"; // TODO(HC2VPP-201): express constraint in the model if possible
leaf type {
type acl:acl-type;
}
leaf name {
type acl:access-control-list-ref;
}
}
}
grouping interface-acl-attributes {
container acl {
container ingress {
uses vpp-acls-base-attributes;
uses vpp-macip-acls-base-attributes;
}
container egress {
uses vpp-acls-base-attributes;
}
}
}
augment /if:interfaces/if:interface {
ext:augment-identifier "vpp-acl-interface-augmentation";
uses interface-acl-attributes;
}
augment /if:interfaces-state/if:interface {
ext:augment-identifier "vpp-acl-interface-state-augmentation";
uses interface-acl-attributes;
}
}
|
