This adds the models defined in RFC8520.
JIRA: MDSAL-430
Change-Id: I5a0100d63ee8d69934748c508ab46f16f828809d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
<version>2.0.1-SNAPSHOT</version>
</dependency>
+ <!-- RFC8520 -->
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-acldns</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-mud</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ </dependency>
+
<!-- RFC8528 -->
<dependency>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<classifier>features</classifier>
<type>xml</type>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8520</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.model</groupId>
<artifactId>odl-mdsal-model-rfc8528</artifactId>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<artifactId>rfc8519-ietf-packet-fields</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-acldns</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-mud</artifactId>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<artifactId>rfc8528</artifactId>
<classifier>features</classifier>
<type>xml</type>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8520</artifactId>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.model</groupId>
<artifactId>odl-mdsal-model-rfc8528</artifactId>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright © 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>feature-parent</artifactId>
+ <version>4.0.1-SNAPSHOT</version>
+ <relativePath>../feature-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8520</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ <packaging>feature</packaging>
+ <name>OpenDaylight :: MD-SAL :: Model :: RFC8520</name>
+ <description>Models from RFC8520</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8519</artifactId>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520</artifactId>
+ </dependency>
+ </dependencies>
+</project>
<module>odl-mdsal-model-rfc8348-non-nmda</module>
<module>odl-mdsal-model-rfc8349</module>
<module>odl-mdsal-model-rfc8519</module>
+ <module>odl-mdsal-model-rfc8520</module>
<module>odl-mdsal-model-rfc8528</module>
<module>odl-mdsal-model-rfc8529</module>
<module>odl-mdsal-model-rfc8530</module>
<module>rfc8519-ietf-ethertypes</module>
<module>rfc8519-ietf-packet-fields</module>
+ <!-- RFC8520 Manufacturer Usage Description -->
+ <module>rfc8520</module>
+ <module>rfc8520-ietf-acldns</module>
+ <module>rfc8520-ietf-mud</module>
+
<!-- RFC8528 YANG Schema Mount -->
<module>rfc8528</module>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>4.0.1-SNAPSHOT</version>
+ <relativePath>../../../binding/binding-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-acldns</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8520 ietf-acldns</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ </dependency>
+ </dependencies>
+</project>
--- /dev/null
+module ietf-acldns {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-acldns";
+ prefix ietf-acldns;
+
+ import ietf-access-control-list {
+ prefix acl;
+ }
+ import ietf-inet-types {
+ prefix inet;
+ }
+
+ organization
+ "IETF OPSAWG (Operations and Management Area Working Group)";
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/opsawg/>
+ WG List: opsawg@ietf.org
+
+ Author: Eliot Lear
+ lear@cisco.com
+
+ Author: Ralph Droms
+ rdroms@gmail.com
+
+ Author: Dan Romascanu
+ dromasca@gmail.com
+ ";
+ description
+ "This YANG module defines a component that augments the
+ IETF description of an access list to allow DNS names
+ as matching criteria.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).";
+
+ revision 2019-01-28 {
+ description
+ "Base version of dnsname extension of the ACL model.";
+ reference
+ "RFC 8520: Manufacturer Usage Description
+ Specification";
+ }
+
+ grouping dns-matches {
+ description
+ "Domain names for matching.";
+ leaf src-dnsname {
+ type inet:host;
+ description
+ "domain name to be matched against.";
+ }
+ leaf dst-dnsname {
+ type inet:host;
+ description
+ "domain name to be matched against.";
+ }
+ }
+
+ augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches"
+ + "/acl:l3/acl:ipv4/acl:ipv4" {
+ description
+ "Adding domain names to matching.";
+ uses dns-matches;
+ }
+ augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches"
+ + "/acl:l3/acl:ipv6/acl:ipv6" {
+ description
+ "Adding domain names to matching.";
+ uses dns-matches;
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>4.0.1-SNAPSHOT</version>
+ <relativePath>../../../binding/binding-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-mud</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8520 ietf-mud</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ </dependency>
+ </dependencies>
+</project>
--- /dev/null
+module ietf-mud {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-mud";
+ prefix ietf-mud;
+
+ import ietf-access-control-list {
+ prefix acl;
+ }
+ import ietf-yang-types {
+ prefix yang;
+ }
+ import ietf-inet-types {
+ prefix inet;
+ }
+
+ organization
+ "IETF OPSAWG (Operations and Management Area Working Group)";
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/opsawg/>
+ WG List: opsawg@ietf.org
+
+ Author: Eliot Lear
+ lear@cisco.com
+
+ Author: Ralph Droms
+ rdroms@gmail.com
+
+ Author: Dan Romascanu
+ dromasca@gmail.com
+ ";
+ description
+ "This YANG module defines a component that augments the
+ IETF description of an access list. This specific module
+ focuses on additional filters that include local, model,
+ and same-manufacturer.
+
+ This module is intended to be serialized via JSON and stored
+ as a file, as described in RFC 8520.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8520; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-01-28 {
+ description
+ "Initial proposed standard.";
+ reference
+ "RFC 8520: Manufacturer Usage Description
+ Specification";
+ }
+
+ typedef direction {
+ type enumeration {
+ enum to-device {
+ description
+ "packets or flows destined to the target
+ Thing.";
+ }
+ enum from-device {
+ description
+ "packets or flows destined from
+ the target Thing.";
+ }
+ }
+ description
+ "Which way are we talking about?";
+ }
+
+ container mud {
+ presence "Enabled for this particular MUD URL";
+ description
+ "MUD-related information, as specified
+ by RFC 8520.";
+ uses mud-grouping;
+ }
+
+ grouping mud-grouping {
+ description
+ "Information about when support ends (or ended)
+ and when to refresh.";
+ leaf mud-version {
+ type uint8;
+ mandatory true;
+ description
+ "This is the version of the MUD
+ specification. This memo specifies version 1.";
+ }
+ leaf mud-url {
+ type inet:uri;
+ mandatory true;
+ description
+ "This is the MUD URL associated with the entry found
+ in a MUD file.";
+ }
+ leaf last-update {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "This is intended to be when the current MUD file
+ was generated. MUD managers SHOULD NOT check
+ for updates between this time plus cache validity.";
+ }
+ leaf mud-signature {
+ type inet:uri;
+ description
+ "A URI that resolves to a signature as
+ described in this specification.";
+ }
+ leaf cache-validity {
+ type uint8 {
+ range "1..168";
+ }
+ units "hours";
+ default "48";
+ description
+ "The information retrieved from the MUD server is
+ valid for these many hours, after which it should
+ be refreshed. N.B., MUD manager implementations
+ need not discard MUD files beyond this period.";
+ }
+ leaf is-supported {
+ type boolean;
+ mandatory true;
+ description
+ "This boolean indicates whether or not the Thing is
+ currently supported by the manufacturer.";
+ }
+ leaf systeminfo {
+ type string;
+ description
+ "A UTF-8 description of this Thing. This
+ should be a brief description that may be
+ displayed to the user to determine whether
+ to allow the Thing on the
+ network.";
+ }
+ leaf mfg-name {
+ type string;
+ description
+ "Manufacturer name, as described in
+ the ietf-hardware YANG module.";
+ }
+ leaf model-name {
+ type string;
+ description
+ "Model name, as described in the
+ ietf-hardware YANG module.";
+ }
+ leaf firmware-rev {
+ type string;
+ description
+ "firmware-rev, as described in the
+ ietf-hardware YANG module. Note that this field
+ MUST NOT be included when the device can be
+ updated but the MUD URL cannot.";
+ }
+ leaf software-rev {
+ type string;
+ description
+ "software-rev, as described in the
+ ietf-hardware YANG module. Note that this field
+ MUST NOT be included when the device can be
+ updated but the MUD URL cannot.";
+ }
+ leaf documentation {
+ type inet:uri;
+ description
+ "This URL points to documentation that
+ relates to this device and any classes that it uses
+ in its MUD file. A caution: MUD managers need
+ not resolve this URL on their own but rather simply
+ provide it to the administrator. Parsing HTML is
+ not an intended function of a MUD manager.";
+ }
+ leaf-list extensions {
+ type string {
+ length "1..40";
+ }
+ description
+ "A list of extension names that are used in this MUD
+ file. Each name is registered with the IANA and
+ described in an RFC.";
+ }
+ container from-device-policy {
+ description
+ "The policies that should be enforced on traffic
+ coming from the device. These policies are not
+ necessarily intended to be enforced at a single
+ point but may be rendered by the controller to any
+ relevant enforcement points in the network or
+ elsewhere.";
+ uses access-lists;
+ }
+ container to-device-policy {
+ description
+ "The policies that should be enforced on traffic
+ going to the device. These policies are not
+ necessarily intended to be enforced at a single
+ point but may be rendered by the controller to any
+ relevant enforcement points in the network or
+ elsewhere.";
+ uses access-lists;
+ }
+ }
+
+ grouping access-lists {
+ description
+ "A grouping for access lists in the context of device
+ policy.";
+ container access-lists {
+ description
+ "The access lists that should be applied to traffic
+ to or from the device.";
+ list access-list {
+ key "name";
+ description
+ "Each entry on this list refers to an ACL that
+ should be present in the overall access list
+ data model. Each ACL is identified by name and
+ type.";
+ leaf name {
+ type leafref {
+ path "/acl:acls/acl:acl/acl:name";
+ }
+ description
+ "The name of the ACL for this entry.";
+ }
+ }
+ }
+ }
+
+ augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches" {
+ description
+ "adding abstractions to avoid the need of IP addresses.";
+ container mud {
+ description
+ "MUD-specific matches.";
+ leaf manufacturer {
+ type inet:host;
+ description
+ "A domain that is intended to match the authority
+ section of the MUD URL. This node is used to specify
+ one or more manufacturers a device should
+ be authorized to access.";
+ }
+ leaf same-manufacturer {
+ type empty;
+ description
+ "This node matches the authority section of the MUD URL
+ of a Thing. It is intended to grant access to all
+ devices with the same authority section.";
+ }
+ leaf model {
+ type inet:uri;
+ description
+ "Devices of the specified model type will match if
+ they have an identical MUD URL.";
+ }
+ leaf local-networks {
+ type empty;
+ description
+ "IP addresses will match this node if they are
+ considered local addresses. A local address may be
+ a list of locally defined prefixes and masks
+ that indicate a particular administrative scope.";
+ }
+ leaf controller {
+ type inet:uri;
+ description
+ "This node names a class that has associated with it
+ zero or more IP addresses to match against. These
+ may be scoped to a manufacturer or via a standard
+ URN.";
+ }
+ leaf my-controller {
+ type empty;
+ description
+ "This node matches one or more network elements that
+ have been configured to be the controller for this
+ Thing, based on its MUD URL.";
+ }
+ }
+ }
+ augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches"
+ + "/acl:l4/acl:tcp/acl:tcp" {
+ description
+ "add direction-initiated";
+ leaf direction-initiated {
+ type direction;
+ description
+ "This node matches based on which direction a
+ connection was initiated. The means by which that
+ is determined is discussed in this document.";
+ }
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>dom-parent</artifactId>
+ <version>4.0.1-SNAPSHOT</version>
+ <relativePath>../../../dom/dom-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520</artifactId>
+ <version>1.0.1-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8520 Manufacturer Usage Description</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-acldns</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8520-ietf-mud</artifactId>
+ </dependency>
+ </dependencies>
+</project>
Code Review / mdsal.git / commitdiff