2 * Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 module neutron-secgroups {
12 namespace "urn:opendaylight:neutron-secgroups";
14 prefix neutron-secgroups;
16 import ietf-yang-types { prefix "yang"; }
17 import ietf-inet-types { prefix "inet"; revision-date 2013-07-15; }
18 import neutron-attrs { prefix "attrs"; }
19 import neutron-constants { prefix "constants"; }
21 organization "OpenDaylight Neutron Group";
23 contact "J. Gregory Hall <ghall@brocade.com>, Kiran Sreenivasa <kkoushik@brocade.com>";
25 description "This YANG module defines OpenStack Neutron security group model";
27 revision "2015-07-12" {
29 "OpenDaylight Beryllium release";
32 grouping security-group-attributes {
33 description "OpenStack Layer3 Security group information.";
35 grouping security-rule-attributes {
36 description "OpenStack Layer3 Security Group rules.";
39 description "Security Rule ID.";
43 description "UUID of the tenant.";
47 base "constants:direction-base";
49 description "The direction in which metering rule is applied.
50 For a compute instance, an ingress security group rule is
51 applied to incoming (ingress) traffic for that instance.
52 An egress rule is applied to traffic leaving the instance.";
54 leaf security-group-id {
56 description "The security group ID to associate with this security group rule.";
58 leaf remote-group-id {
59 description "The remote group ID to be associated with this security group rule.
60 You can specify either remote-ip-prefix or remote-group-id in the request body.";
63 leaf remote-ip-prefix {
64 description "The remote IP Prefix to be associated with this security group rule.
65 You can specify either remote-ip-prefix or remote-group-id in the request body.";
72 base "constants:protocol-base";
75 description "The protocol that is matched by the security group rule.";
78 description "Must be IPv4 or IPv6, and addresses represented in CIDR must
79 match the ingress or egress rules.";
81 base "constants:ethertype-base";
86 description "The minimum port number in the range that is matched by the
87 security group rule. If the protocol is TCP or UDP, this value must
88 be less than or equal to the value of the attribute. If the protocol
89 is ICMP, this value must be an ICMP type.";
93 description "The maximum port number in the range that is matched by the
94 security group rule. If the protocol is TCP or UDP, this value must
95 be less than or equal to the value of the attribute. If the protocol
96 is ICMP, this value must be an ICMP type.";
100 grouping security-groups-attributes {
101 container security-groups {
102 description "Container for security groups.";
103 list security-group {
105 uses attrs:base-attributes;
106 uses security-group-attributes;
107 description "List of Security Groups.";
112 grouping security-rules-attributes {
113 container security-rules {
114 description "Container for security group rules.";
117 uses security-rule-attributes;
118 description "List of Security Group Rules.";