prefix neutron-fwaas;
import ietf-yang-types { prefix "yang"; }
- // It requires rfc6991 (revision 2013-07-15), but odl don't have it, so this patch verify build will fail.
- import ietf-inet-types { prefix "inet"; revision-date 2010-09-24; }
import neutron-attrs { prefix "attrs"; }
+ import neutron-constants { prefix "constants"; }
+ import neutron-types { prefix "types"; }
organization "OpenDaylight Neutron Group";
contact "R. Moats <rmoats@us.ibm.com>";
- description "This YANG module defines Openstack Juno House Neutron VPNaaS model";
-
- revision "2014-10-02" {
+ description "This YANG module defines Openstack Neutron VPNaaS model";
+
+ revision "2015-07-12" {
description
- "Initial version";
+ "OpenDaylight Beryllium release";
}
grouping firewall-attributes {
- leaf descr {
- type string;
- description "Detailed description of the firewall.";
- }
leaf shared {
description "whether the firewall is shared or not";
type boolean;
}
}
- grouping firewallpolicy-attributes {
- leaf descr {
- type string;
- description "Detailed description of the firewall policy.";
- }
+ grouping firewall-policy-attributes {
leaf shared {
description "whether the firewall policy is shared or not";
type boolean;
description "whether the firewall policy is audited or not";
type boolean;
}
- leaf-list firewall-rules {
- description "whether the firewall policy is audited or not";
- type yang:uuid;
- }
}
- grouping firewallrule-attributes {
- leaf descr {
- type string;
- description "Detailed description of the firewall rule.";
- }
- leaf status {
- type string;
- description "Status of the firewall rule.";
- }
+ identity action-base {
+ description "firewall rule action";
+ }
+
+ identity action-allow {
+ description "firewall rule allow";
+ base action-base;
+ }
+
+ identity action-deny {
+ description "firewall rule deny";
+ base action-base;
+ }
+
+ grouping firewall-rule-attributes {
leaf shared {
description "whether the firewall rule is shared or not";
type boolean;
}
leaf protocol {
description "the protocol this rule applies to";
- type string;
+ type union {
+ type uint8;
+ type identityref {
+ base "constants:fw-protocol-base";
+ }
+ }
}
leaf ip-version {
description "the ip version this rule applies to";
- type int16;
+ type identityref {
+ base "constants:ip-version-base";
+ }
}
leaf source-ip-addr {
- type inet:ip-address;
+ type types:ip-prefix-or-address;
description "the source ip address for this rule";
}
leaf destination-ip-addr {
- type inet:ip-address;
+ type types:ip-prefix-or-address;
description "the destination ip address for this rule";
}
- leaf source-port {
- description "the source port for this rule";
- type int16;
+ leaf source-port-range-min {
+ description "the source port range min for this rule";
+ type uint16;
}
- leaf destination-port {
- description "the destination port for this rule";
- type int16;
+ leaf source-port-range-max {
+ description "the source port range max for this rule";
+ type uint16;
+ }
+ leaf destination-port-range-min {
+ description "the destination port range min for this rule";
+ type uint16;
+ }
+ leaf destination-port-range-max {
+ description "the destination port range max for this rule";
+ type uint16;
}
leaf position {
description "the priority position this rule occupies";
}
leaf action {
description "the action fot this rule";
- type string;
+ type identityref {
+ base "action-base";
+ }
}
}
- grouping fwaas-attributes {
+ grouping firewalls-attributes {
container firewalls {
list firewall {
key "uuid";
uses firewall-attributes;
}
}
+ }
+ grouping policies-attributes {
container firewall-policies {
list firewall-policy {
key "uuid";
uses attrs:base-attributes;
- uses firewallpolicy-attributes;
+ uses firewall-policy-attributes;
}
}
+ }
+ grouping rules-attributes {
container firewall-rules {
list firewall-rule {
key "uuid";
uses attrs:base-attributes;
- uses firewallrule-attributes;
+ uses firewall-rule-attributes;
}
}
}