<version>1.2.7-SNAPSHOT</version>
</dependency>
+ <!-- RFC8519 -->
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-ethertypes</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-packet-fields</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ </dependency>
+
<!-- RFC8528 -->
<dependency>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<classifier>features</classifier>
<type>xml</type>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8519</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.model</groupId>
<artifactId>odl-mdsal-model-rfc8528</artifactId>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<artifactId>rfc8349-ietf-ipv6-unicast-routing</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-ethertypes</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-packet-fields</artifactId>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
<artifactId>rfc8528</artifactId>
<classifier>features</classifier>
<type>xml</type>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8519</artifactId>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
<dependency>
<groupId>org.opendaylight.mdsal.model</groupId>
<artifactId>odl-mdsal-model-rfc8528</artifactId>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright © 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>feature-parent</artifactId>
+ <version>3.0.7-SNAPSHOT</version>
+ <relativePath>../feature-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8519</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <packaging>feature</packaging>
+ <name>OpenDaylight :: MD-SAL :: Model :: RFC8519</name>
+ <description>Models from RFC8519</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>odl-mdsal-model-rfc8343</artifactId>
+ <classifier>features</classifier>
+ <type>xml</type>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519</artifactId>
+ </dependency>
+ </dependencies>
+</project>
<module>odl-mdsal-model-rfc8348</module>
<module>odl-mdsal-model-rfc8348-non-nmda</module>
<module>odl-mdsal-model-rfc8349</module>
+ <module>odl-mdsal-model-rfc8519</module>
<module>odl-mdsal-model-rfc8528</module>
<module>odl-mdsal-model-rfc8529</module>
<module>odl-mdsal-model-rfc8530</module>
<module>rfc8349-ietf-ipv4-unicast-routing</module>
<module>rfc8349-ietf-ipv6-unicast-routing</module>
+ <!-- RFC8519 Network Access Control Lists -->
+ <module>rfc8519</module>
+ <module>rfc8519-ietf-access-control-list</module>
+ <module>rfc8519-ietf-ethertypes</module>
+ <module>rfc8519-ietf-packet-fields</module>
+
<!-- RFC8528 YANG Schema Mount -->
<module>rfc8528</module>
<!-- RFC8530 Logical Network Elements -->
<module>rfc8530</module>
+ <!-- Legacy Network Access Control Lists -->
<module>ietf-packet-fields</module>
<module>ietf-access-control-list</module>
+
<module>ietf-lisp-address-types</module>
<!-- Legacy IETF topology models -->
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>3.0.7-SNAPSHOT</version>
+ <relativePath>../../../binding/binding-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8519 ietf-access-control-list</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8343</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-packet-fields</artifactId>
+ </dependency>
+ </dependencies>
+</project>
--- /dev/null
+module ietf-access-control-list {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-access-control-list";
+ prefix acl;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991 - Common YANG Data Types.";
+ }
+
+ import ietf-packet-fields {
+ prefix pf;
+ reference
+ "RFC 8519 - YANG Data Model for Network Access Control
+ Lists (ACLs).";
+ }
+
+ import ietf-interfaces {
+ prefix if;
+ reference
+ "RFC 8343 - A YANG Data Model for Interface Management.";
+ }
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group.";
+
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/netmod/>
+ WG List: netmod@ietf.org
+
+ Editor: Mahesh Jethanandani
+ mjethanandani@gmail.com
+ Editor: Lisa Huang
+ huangyi_99@yahoo.com
+ Editor: Sonal Agarwal
+ sagarwal12@gmail.com
+ Editor: Dana Blair
+ dana@blairhome.com";
+
+ description
+ "This YANG module defines a component that describes the
+ configuration and monitoring of Access Control Lists (ACLs).
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8519; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-03-04 {
+ description
+ "Initial version.";
+ reference
+ "RFC 8519: YANG Data Model for Network Access Control
+ Lists (ACLs).";
+ }
+
+ /*
+ * Identities
+ */
+ /*
+ * Forwarding actions for a packet
+ */
+
+ identity forwarding-action {
+ description
+ "Base identity for actions in the forwarding category.";
+ }
+
+ identity accept {
+ base forwarding-action;
+ description
+ "Accept the packet.";
+ }
+
+ identity drop {
+ base forwarding-action;
+ description
+ "Drop packet without sending any ICMP error message.";
+ }
+
+ identity reject {
+ base forwarding-action;
+ description
+ "Drop the packet and send an ICMP error message to the source.";
+ }
+
+ /*
+ * Logging actions for a packet
+ */
+
+ identity log-action {
+ description
+ "Base identity for defining the destination for logging
+ actions.";
+ }
+
+ identity log-syslog {
+ base log-action;
+ description
+ "System log (syslog) the information for the packet.";
+ }
+ identity log-none {
+ base log-action;
+ description
+ "No logging for the packet.";
+ }
+
+ /*
+ * ACL type identities
+ */
+
+ identity acl-base {
+ description
+ "Base Access Control List type for all Access Control List type
+ identifiers.";
+ }
+
+ identity ipv4-acl-type {
+ base acl:acl-base;
+ if-feature "ipv4";
+ description
+ "An ACL that matches on fields from the IPv4 header
+ (e.g., IPv4 destination address) and Layer 4 headers (e.g., TCP
+ destination port). An ACL of type ipv4 does not contain
+ matches on fields in the Ethernet header or the IPv6 header.";
+ }
+
+ identity ipv6-acl-type {
+ base acl:acl-base;
+ if-feature "ipv6";
+ description
+ "An ACL that matches on fields from the IPv6 header
+ (e.g., IPv6 destination address) and Layer 4 headers (e.g., TCP
+ destination port). An ACL of type ipv6 does not contain
+ matches on fields in the Ethernet header or the IPv4 header.";
+ }
+
+ identity eth-acl-type {
+ base acl:acl-base;
+ if-feature "eth";
+ description
+ "An ACL that matches on fields in the Ethernet header,
+ like 10/100/1000baseT or a Wi-Fi Access Control List. An ACL
+ of type ethernet does not contain matches on fields in the
+ IPv4 header, the IPv6 header, or Layer 4 headers.";
+ }
+
+ identity mixed-eth-ipv4-acl-type {
+ base acl:eth-acl-type;
+ base acl:ipv4-acl-type;
+ if-feature "mixed-eth-ipv4";
+ description
+ "An ACL that contains a mix of entries that match
+ on fields in Ethernet headers and in IPv4 headers.
+ Matching on Layer 4 header fields may also exist in the
+ list.";
+ }
+
+ identity mixed-eth-ipv6-acl-type {
+ base acl:eth-acl-type;
+ base acl:ipv6-acl-type;
+ if-feature "mixed-eth-ipv6";
+ description
+ "An ACL that contains a mix of entries that match on fields
+ in Ethernet headers and in IPv6 headers. Matching
+ on Layer 4 header fields may also exist in the list.";
+ }
+
+ identity mixed-eth-ipv4-ipv6-acl-type {
+ base acl:eth-acl-type;
+ base acl:ipv4-acl-type;
+ base acl:ipv6-acl-type;
+ if-feature "mixed-eth-ipv4-ipv6";
+ description
+ "An ACL that contains a mix of entries that
+ match on fields in Ethernet headers, IPv4 headers, and IPv6
+ headers. Matching on Layer 4 header fields may also exist
+ in the list.";
+ }
+
+ /*
+ * Features
+ */
+
+ /*
+ * Features supported by device
+ */
+ feature match-on-eth {
+ description
+ "The device can support matching on Ethernet headers.";
+ }
+
+ feature match-on-ipv4 {
+ description
+ "The device can support matching on IPv4 headers.";
+ }
+
+ feature match-on-ipv6 {
+ description
+ "The device can support matching on IPv6 headers.";
+ }
+
+ feature match-on-tcp {
+ description
+ "The device can support matching on TCP headers.";
+ }
+
+ feature match-on-udp {
+ description
+ "The device can support matching on UDP headers.";
+ }
+
+ feature match-on-icmp {
+ description
+ "The device can support matching on ICMP (v4 and v6) headers.";
+ }
+
+ /*
+ * Header classifications combinations supported by
+ * device
+ */
+
+ feature eth {
+ if-feature "match-on-eth";
+ description
+ "Plain Ethernet ACL supported.";
+ }
+
+ feature ipv4 {
+ if-feature "match-on-ipv4";
+ description
+ "Plain IPv4 ACL supported.";
+ }
+
+ feature ipv6 {
+ if-feature "match-on-ipv6";
+ description
+ "Plain IPv6 ACL supported.";
+ }
+
+ feature mixed-eth-ipv4 {
+ if-feature "match-on-eth and match-on-ipv4";
+ description
+ "Ethernet and IPv4 ACL combinations supported.";
+ }
+ feature mixed-eth-ipv6 {
+ if-feature "match-on-eth and match-on-ipv6";
+ description
+ "Ethernet and IPv6 ACL combinations supported.";
+ }
+
+ feature mixed-eth-ipv4-ipv6 {
+ if-feature
+ "match-on-eth and match-on-ipv4
+ and match-on-ipv6";
+ description
+ "Ethernet, IPv4, and IPv6 ACL combinations supported.";
+ }
+
+ /*
+ * Stats Features
+ */
+ feature interface-stats {
+ description
+ "ACL counters are available and reported only per interface.";
+ }
+
+ feature acl-aggregate-stats {
+ description
+ "ACL counters are aggregated over all interfaces and reported
+ only per ACL entry.";
+ }
+
+ /*
+ * Attachment point features
+ */
+ feature interface-attachment {
+ description
+ "ACLs are set on interfaces.";
+ }
+
+ /*
+ * Typedefs
+ */
+ typedef acl-type {
+ type identityref {
+ base acl-base;
+ }
+ description
+ "This type is used to refer to an ACL type.";
+ }
+
+ /*
+ * Groupings
+ */
+ grouping acl-counters {
+ description
+ "Common grouping for ACL counters.";
+ leaf matched-packets {
+ type yang:counter64;
+ config false;
+ description
+ "Count of the number of packets matching the current ACL
+ entry.
+
+ An implementation should provide this counter on a
+ per-interface, per-ACL-entry basis if possible.
+
+ If an implementation only supports ACL counters on a per-
+ entry basis (i.e., not broken out per interface), then the
+ value should be equal to the aggregate count across all
+ interfaces.
+
+ An implementation that provides counters on a per-entry, per-
+ interface basis is not required to also provide an aggregate
+ count, e.g., per entry -- the user is expected to be able to
+ implement the required aggregation if such a count is
+ needed.";
+ }
+
+ leaf matched-octets {
+ type yang:counter64;
+ config false;
+ description
+ "Count of the number of octets (bytes) matching the current
+ ACL entry.
+
+ An implementation should provide this counter on a
+ per-interface, per-ACL-entry basis if possible.
+
+ If an implementation only supports ACL counters per entry
+ (i.e., not broken out per interface), then the value
+ should be equal to the aggregate count across all interfaces.
+
+ An implementation that provides counters per entry per
+ interface is not required to also provide an aggregate count,
+ e.g., per entry -- the user is expected to be able to
+ implement the required aggregation if such a count is needed.";
+ }
+ }
+
+ /*
+ * Configuration and monitoring data nodes
+ */
+
+ container acls {
+ description
+ "This is a top-level container for Access Control Lists.
+ It can have one or more acl nodes.";
+ list acl {
+ key "name";
+ description
+ "An ACL is an ordered list of ACEs. Each ACE has a
+ list of match criteria and a list of actions.
+ Since there are several kinds of ACLs implemented
+ with different attributes for different vendors,
+ this model accommodates customizing ACLs for
+ each kind and for each vendor.";
+ leaf name {
+ type string {
+ length "1..64";
+ }
+ description
+ "The name of the access list. A device MAY further
+ restrict the length of this name; space and special
+ characters are not allowed.";
+ }
+ leaf type {
+ type acl-type;
+ description
+ "Type of ACL. Indicates the primary intended
+ type of match criteria (e.g., Ethernet, IPv4, IPv6, mixed,
+ etc.) used in the list instance.";
+ }
+ container aces {
+ description
+ "The aces container contains one or more ACE nodes.";
+ list ace {
+ key "name";
+ ordered-by user;
+ description
+ "List of ACEs.";
+ leaf name {
+ type string {
+ length "1..64";
+ }
+ description
+ "A unique name identifying this ACE.";
+ }
+ container matches {
+ description
+ "The rules in this set determine what fields will be
+ matched upon before any action is taken on them.
+ The rules are selected based on the feature set
+ defined by the server and the acl-type defined.
+ If no matches are defined in a particular container,
+ then any packet will match that container. If no
+ matches are specified at all in an ACE, then any
+ packet will match the ACE.";
+
+ choice l2 {
+ container eth {
+ when "derived-from-or-self(/acls/acl/type, "
+ + "'acl:eth-acl-type')";
+ if-feature "match-on-eth";
+ uses pf:acl-eth-header-fields;
+ description
+ "Rule set that matches Ethernet headers.";
+ }
+ description
+ "Match Layer 2 headers, for example, Ethernet
+ header fields.";
+ }
+
+ choice l3 {
+ container ipv4 {
+ when "derived-from-or-self(/acls/acl/type, "
+ + "'acl:ipv4-acl-type')";
+ if-feature "match-on-ipv4";
+ uses pf:acl-ip-header-fields;
+ uses pf:acl-ipv4-header-fields;
+ description
+ "Rule set that matches IPv4 headers.";
+ }
+
+ container ipv6 {
+ when "derived-from-or-self(/acls/acl/type, "
+ + "'acl:ipv6-acl-type')";
+ if-feature "match-on-ipv6";
+ uses pf:acl-ip-header-fields;
+ uses pf:acl-ipv6-header-fields;
+ description
+ "Rule set that matches IPv6 headers.";
+ }
+ description
+ "Choice of either IPv4 or IPv6 headers";
+ }
+ choice l4 {
+ container tcp {
+ if-feature "match-on-tcp";
+ uses pf:acl-tcp-header-fields;
+ container source-port {
+ choice source-port {
+ case range-or-operator {
+ uses pf:port-range-or-operator;
+ description
+ "Source port definition from range or
+ operator.";
+ }
+ description
+ "Choice of source port definition using
+ range/operator or a choice to support future
+ 'case' statements, such as one enabling a
+ group of source ports to be referenced.";
+ }
+ description
+ "Source port definition.";
+ }
+ container destination-port {
+ choice destination-port {
+ case range-or-operator {
+ uses pf:port-range-or-operator;
+ description
+ "Destination port definition from range or
+ operator.";
+ }
+ description
+ "Choice of destination port definition using
+ range/operator or a choice to support future
+ 'case' statements, such as one enabling a
+ group of destination ports to be referenced.";
+ }
+ description
+ "Destination port definition.";
+ }
+ description
+ "Rule set that matches TCP headers.";
+ }
+
+ container udp {
+ if-feature "match-on-udp";
+ uses pf:acl-udp-header-fields;
+ container source-port {
+ choice source-port {
+ case range-or-operator {
+ uses pf:port-range-or-operator;
+ description
+ "Source port definition from range or
+ operator.";
+ }
+ description
+ "Choice of source port definition using
+ range/operator or a choice to support future
+ 'case' statements, such as one enabling a
+ group of source ports to be referenced.";
+ }
+ description
+ "Source port definition.";
+ }
+ container destination-port {
+ choice destination-port {
+ case range-or-operator {
+ uses pf:port-range-or-operator;
+ description
+ "Destination port definition from range or
+ operator.";
+ }
+ description
+ "Choice of destination port definition using
+ range/operator or a choice to support future
+ 'case' statements, such as one enabling a
+ group of destination ports to be referenced.";
+ }
+ description
+ "Destination port definition.";
+ }
+ description
+ "Rule set that matches UDP headers.";
+ }
+
+ container icmp {
+ if-feature "match-on-icmp";
+ uses pf:acl-icmp-header-fields;
+ description
+ "Rule set that matches ICMP headers.";
+ }
+ description
+ "Choice of TCP, UDP, or ICMP headers.";
+ }
+
+ leaf egress-interface {
+ type if:interface-ref;
+ description
+ "Egress interface. This should not be used if this ACL
+ is attached as an egress ACL (or the value should
+ equal the interface to which the ACL is attached).";
+ }
+
+ leaf ingress-interface {
+ type if:interface-ref;
+ description
+ "Ingress interface. This should not be used if this ACL
+ is attached as an ingress ACL (or the value should
+ equal the interface to which the ACL is attached).";
+ }
+ }
+
+ container actions {
+ description
+ "Definition of actions for this ace entry.";
+ leaf forwarding {
+ type identityref {
+ base forwarding-action;
+ }
+ mandatory true;
+ description
+ "Specifies the forwarding action per ace entry.";
+ }
+
+ leaf logging {
+ type identityref {
+ base log-action;
+ }
+ default "log-none";
+ description
+ "Specifies the log action and destination for
+ matched packets. Default value is not to log the
+ packet.";
+ }
+ }
+ container statistics {
+ if-feature "acl-aggregate-stats";
+ config false;
+ description
+ "Statistics gathered across all attachment points for the
+ given ACL.";
+ uses acl-counters;
+ }
+ }
+ }
+ }
+ container attachment-points {
+ description
+ "Enclosing container for the list of
+ attachment points on which ACLs are set.";
+ /*
+ * Groupings
+ */
+ grouping interface-acl {
+ description
+ "Grouping for per-interface ingress ACL data.";
+ container acl-sets {
+ description
+ "Enclosing container for the list of ingress ACLs on the
+ interface.";
+ list acl-set {
+ key "name";
+ ordered-by user;
+ description
+ "List of ingress ACLs on the interface.";
+ leaf name {
+ type leafref {
+ path "/acls/acl/name";
+ }
+ description
+ "Reference to the ACL name applied on the ingress.";
+ }
+ list ace-statistics {
+ if-feature "interface-stats";
+ key "name";
+ config false;
+ description
+ "List of ACEs.";
+ leaf name {
+ type leafref {
+ path "/acls/acl/aces/ace/name";
+ }
+ description
+ "Name of the ace entry.";
+ }
+ uses acl-counters;
+ }
+ }
+ }
+ }
+
+ list interface {
+ if-feature "interface-attachment";
+ key "interface-id";
+ description
+ "List of interfaces on which ACLs are set.";
+
+ leaf interface-id {
+ type if:interface-ref;
+ description
+ "Reference to the interface id list key.";
+ }
+
+ container ingress {
+ uses interface-acl;
+ description
+ "The ACLs applied to the ingress interface.";
+ }
+ container egress {
+ uses interface-acl;
+ description
+ "The ACLs applied to the egress interface.";
+ }
+ }
+ }
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>3.0.7-SNAPSHOT</version>
+ <relativePath>../../../binding/binding-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-ethertypes</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8519 ietf-ethertypes</description>
+</project>
--- /dev/null
+module ietf-ethertypes {
+ namespace "urn:ietf:params:xml:ns:yang:ietf-ethertypes";
+ prefix ethertypes;
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group.";
+
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/netmod/>
+ WG List: <mailto:netmod@ietf.org>
+
+ Editor: Mahesh Jethanandani
+ <mjethanandani@gmail.com>";
+
+ description
+ "This module contains common definitions for the
+ Ethertype used by different modules. It is a
+ placeholder module, till such time that IEEE
+ starts a project to define these Ethertypes
+ and publishes a standard.
+
+ At that time, this module can be deprecated.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8519; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-03-04 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8519: YANG Data Model for Network Access Control
+ Lists (ACLs).";
+ }
+
+ typedef ethertype {
+ type union {
+ type uint16;
+ type enumeration {
+ enum ipv4 {
+ value 2048;
+ description
+ "Internet Protocol version 4 (IPv4) with a
+ hex value of 0x0800.";
+ reference
+ "RFC 791: Internet Protocol.";
+ }
+ enum arp {
+ value 2054;
+ description
+ "Address Resolution Protocol (ARP) with a
+ hex value of 0x0806.";
+ reference
+ "RFC 826: An Ethernet Address Resolution Protocol: Or
+ Converting Network Protocol Addresses to 48.bit
+ Ethernet Address for Transmission on Ethernet
+ Hardware.";
+ }
+ enum wlan {
+ value 2114;
+ description
+ "Wake-on-LAN. Hex value of 0x0842.";
+ }
+ enum trill {
+ value 8947;
+ description
+ "Transparent Interconnection of Lots of Links.
+ Hex value of 0x22F3.";
+ reference
+ "RFC 6325: Routing Bridges (RBridges): Base Protocol
+ Specification.";
+ }
+ enum srp {
+ value 8938;
+ description
+ "Stream Reservation Protocol. Hex value of
+ 0x22EA.";
+ reference
+ "IEEE 801.1Q-2011.";
+ }
+ enum decnet {
+ value 24579;
+ description
+ "DECnet Phase IV. Hex value of 0x6003.";
+ }
+ enum rarp {
+ value 32821;
+ description
+ "Reverse Address Resolution Protocol.
+ Hex value 0x8035.";
+ reference
+ "RFC 903: A Reverse Address Resolution Protocol.";
+ }
+ enum appletalk {
+ value 32923;
+ description
+ "Appletalk (Ethertalk). Hex value of 0x809B.";
+ }
+ enum aarp {
+ value 33011;
+ description
+ "Appletalk Address Resolution Protocol. Hex value
+ of 0x80F3.";
+ }
+ enum vlan {
+ value 33024;
+ description
+ "VLAN-tagged frame (IEEE 802.1Q) and Shortest Path
+ Bridging IEEE 802.1aq with Network-Network
+ Interface (NNI) compatibility. Hex value of
+ 0x8100.";
+ reference
+ "IEEE 802.1Q.";
+ }
+ enum ipx {
+ value 33079;
+ description
+ "Internetwork Packet Exchange (IPX). Hex value
+ of 0x8137.";
+ }
+ enum qnx {
+ value 33284;
+ description
+ "QNX Qnet. Hex value of 0x8204.";
+ }
+ enum ipv6 {
+ value 34525;
+ description
+ "Internet Protocol Version 6 (IPv6). Hex value
+ of 0x86DD.";
+ reference
+ "RFC 8200: Internet Protocol, Version 6 (IPv6)
+ Specification
+ RFC 8201: Path MTU Discovery for IP version 6.";
+ }
+ enum efc {
+ value 34824;
+ description
+ "Ethernet flow control using pause frames.
+ Hex value of 0x8808.";
+ reference
+ "IEEE 802.1Qbb.";
+ }
+ enum esp {
+ value 34825;
+ description
+ "Ethernet Slow Protocol. Hex value of 0x8809.";
+ reference
+ "IEEE 802.3-2015.";
+ }
+ enum cobranet {
+ value 34841;
+ description
+ "CobraNet. Hex value of 0x8819.";
+ }
+ enum mpls-unicast {
+ value 34887;
+ description
+ "Multiprotocol Label Switching (MPLS) unicast traffic.
+ Hex value of 0x8847.";
+ reference
+ "RFC 3031: Multiprotocol Label Switching Architecture.";
+ }
+ enum mpls-multicast {
+ value 34888;
+ description
+ "MPLS multicast traffic. Hex value of 0x8848.";
+ reference
+ "RFC 3031: Multiprotocol Label Switching Architecture.";
+ }
+ enum pppoe-discovery {
+ value 34915;
+ description
+ "Point-to-Point Protocol over Ethernet. Used during
+ the discovery process. Hex value of 0x8863.";
+ reference
+ "RFC 2516: A Method for Transmitting PPP Over Ethernet
+ (PPPoE).";
+ }
+ enum pppoe-session {
+ value 34916;
+ description
+ "Point-to-Point Protocol over Ethernet. Used during
+ session stage. Hex value of 0x8864.";
+ reference
+ "RFC 2516: A Method for Transmitting PPP Over Ethernet
+ (PPPoE).";
+ }
+ enum intel-ans {
+ value 34925;
+ description
+ "Intel Advanced Networking Services. Hex value of
+ 0x886D.";
+ }
+ enum jumbo-frames {
+ value 34928;
+ description
+ "Jumbo frames or Ethernet frames with more than
+ 1500 bytes of payload, up to 9000 bytes.";
+ }
+ enum homeplug {
+ value 34939;
+ description
+ "Family name for the various power line
+ communications. Hex value of 0x887B.";
+ }
+ enum eap {
+ value 34958;
+ description
+ "Ethernet Access Protocol (EAP) over LAN. Hex value
+ of 0x888E.";
+ reference
+ "IEEE 802.1X.";
+ }
+ enum profinet {
+ value 34962;
+ description
+ "PROcess FIeld Net (PROFINET). Hex value of 0x8892.";
+ }
+ enum hyperscsi {
+ value 34970;
+ description
+ "Small Computer System Interface (SCSI) over Ethernet.
+ Hex value of 0x889A.";
+ }
+ enum aoe {
+ value 34978;
+ description
+ "Advanced Technology Advancement (ATA) over Ethernet.
+ Hex value of 0x88A2.";
+ }
+ enum ethercat {
+ value 34980;
+ description
+ "Ethernet for Control Automation Technology (EtherCAT).
+ Hex value of 0x88A4.";
+ }
+ enum provider-bridging {
+ value 34984;
+ description
+ "Provider Bridging (802.1ad) and Shortest Path Bridging
+ (801.1aq). Hex value of 0x88A8.";
+ reference
+ "IEEE 802.1ad and IEEE 802.1aq).";
+ }
+ enum ethernet-powerlink {
+ value 34987;
+ description
+ "Ethernet Powerlink. Hex value of 0x88AB.";
+ }
+ enum goose {
+ value 35000;
+ description
+ "Generic Object Oriented Substation Event (GOOSE).
+ Hex value of 0x88B8.";
+ reference
+ "IEC/ISO 8802-2 and 8802-3.";
+ }
+ enum gse {
+ value 35001;
+ description
+ "Generic Substation Events. Hex value of 88B9.";
+ reference
+ "IEC 61850.";
+ }
+ enum sv {
+ value 35002;
+ description
+ "Sampled Value Transmission. Hex value of 0x88BA.";
+ reference
+ "IEC 61850.";
+ }
+ enum lldp {
+ value 35020;
+ description
+ "Link Layer Discovery Protocol (LLDP). Hex value of
+ 0x88CC.";
+ reference
+ "IEEE 802.1AB.";
+ }
+ enum sercos {
+ value 35021;
+ description
+ "Sercos Interface. Hex value of 0x88CD.";
+ }
+ enum wsmp {
+ value 35036;
+ description
+ "WAVE Short Message Protocol (WSMP). Hex value of
+ 0x88DC.";
+ }
+ enum homeplug-av-mme {
+ value 35041;
+ description
+ "HomePlug AV Mobile Management Entity (MME). Hex value
+ of 88E1.";
+ }
+ enum mrp {
+ value 35043;
+ description
+ "Media Redundancy Protocol (MRP). Hex value of
+ 0x88E3.";
+ reference
+ "IEC 62439-2.";
+ }
+ enum macsec {
+ value 35045;
+ description
+ "MAC Security. Hex value of 0x88E5.";
+ reference
+ "IEEE 802.1AE.";
+ }
+ enum pbb {
+ value 35047;
+ description
+ "Provider Backbone Bridges (PBB). Hex value of
+ 0x88E7.";
+ reference
+ "IEEE 802.1ah.";
+ }
+ enum cfm {
+ value 35074;
+ description
+ "Connectivity Fault Management (CFM). Hex value of
+ 0x8902.";
+ reference
+ "IEEE 802.1ag.";
+ }
+ enum fcoe {
+ value 35078;
+ description
+ "Fiber Channel over Ethernet (FCoE). Hex value of
+ 0x8906.";
+ reference
+ "T11 FC-BB-5.";
+ }
+ enum fcoe-ip {
+ value 35092;
+ description
+ "FCoE Initialization Protocol. Hex value of 0x8914.";
+ }
+ enum roce {
+ value 35093;
+ description
+ "RDMA over Converged Ethernet (RoCE). Hex value of
+ 0x8915.";
+ }
+ enum tte {
+ value 35101;
+ description
+ "TTEthernet Protocol Control Frame (TTE). Hex value
+ of 0x891D.";
+ reference
+ "SAE AS6802.";
+ }
+ enum hsr {
+ value 35119;
+ description
+ "High-availability Seamless Redundancy (HSR). Hex
+ value of 0x892F.";
+ reference
+ "IEC 62439-3:2016.";
+ }
+ }
+ }
+ description
+ "The uint16 type placeholder is defined to enable
+ users to manage their own ethertypes not
+ covered by the module. Otherwise, the module contains
+ enum definitions for the more commonly used ethertypes.";
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.ro. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>3.0.7-SNAPSHOT</version>
+ <relativePath>../../../binding/binding-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-packet-fields</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8519 ietf-packet-fields</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc6991</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-ethertypes</artifactId>
+ </dependency>
+ </dependencies>
+</project>
--- /dev/null
+module ietf-packet-fields {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-packet-fields";
+ prefix packet-fields;
+
+ import ietf-inet-types {
+ prefix inet;
+ reference
+ "RFC 6991 - Common YANG Data Types.";
+ }
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991 - Common YANG Data Types.";
+ }
+
+ import ietf-ethertypes {
+ prefix eth;
+ reference
+ "RFC 8519 - YANG Data Model for Network Access Control
+ Lists (ACLs).";
+ }
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group.";
+
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/netmod/>
+ WG List: netmod@ietf.org
+
+ Editor: Mahesh Jethanandani
+ mjethanandani@gmail.com
+ Editor: Lisa Huang
+ huangyi_99@yahoo.com
+ Editor: Sonal Agarwal
+ sagarwal12@gmail.com
+ Editor: Dana Blair
+ dana@blairhome.com";
+
+
+ description
+ "This YANG module defines groupings that are used by
+ the ietf-access-control-list YANG module. Their usage
+ is not limited to ietf-access-control-list and can be
+ used anywhere as applicable.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8519; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-03-04 {
+ description
+ "Initial version.";
+ reference
+ "RFC 8519: YANG Data Model for Network Access Control
+ Lists (ACLs).";
+ }
+
+ /*
+ * Typedefs
+ */
+ typedef operator {
+ type enumeration {
+ enum lte {
+ description
+ "Less than or equal to.";
+ }
+ enum gte {
+ description
+ "Greater than or equal to.";
+ }
+ enum eq {
+ description
+ "Equal to.";
+ }
+ enum neq {
+ description
+ "Not equal to.";
+ }
+ }
+ description
+ "The source and destination port range definitions
+ can be further qualified using an operator. An
+ operator is needed only if the lower-port is specified
+ and the upper-port is not specified. The operator
+ therefore further qualifies the lower-port only.";
+ }
+
+ /*
+ * Groupings
+ */
+ grouping port-range-or-operator {
+ choice port-range-or-operator {
+ case range {
+ leaf lower-port {
+ type inet:port-number;
+ must '. <= ../upper-port' {
+ error-message
+ "The lower-port must be less than or equal to
+ the upper-port.";
+ }
+ mandatory true;
+ description
+ "Lower boundary for a port.";
+ }
+ leaf upper-port {
+ type inet:port-number;
+ mandatory true;
+ description
+ "Upper boundary for a port.";
+ }
+ }
+ case operator {
+ leaf operator {
+ type operator;
+ default "eq";
+ description
+ "Operator to be applied on the port below.";
+ }
+ leaf port {
+ type inet:port-number;
+ mandatory true;
+ description
+ "Port number along with the operator on which to
+ match.";
+ }
+ }
+ description
+ "Choice of specifying a port range or a single
+ port along with an operator.";
+ }
+ description
+ "Grouping for port definitions in the form of a
+ choice statement.";
+ }
+
+ grouping acl-ip-header-fields {
+ description
+ "IP header fields common to IPv4 and IPv6";
+ reference
+ "RFC 791: Internet Protocol.";
+
+ leaf dscp {
+ type inet:dscp;
+ description
+ "Differentiated Services Code Point.";
+ reference
+ "RFC 2474: Definition of the Differentiated Services
+ Field (DS Field) in the IPv4 and IPv6
+ Headers.";
+ }
+
+ leaf ecn {
+ type uint8 {
+ range "0..3";
+ }
+ description
+ "Explicit Congestion Notification.";
+ reference
+ "RFC 3168: The Addition of Explicit Congestion
+ Notification (ECN) to IP.";
+ }
+
+ leaf length {
+ type uint16;
+ description
+ "In the IPv4 header field, this field is known as the Total
+ Length. Total Length is the length of the datagram, measured
+ in octets, including internet header and data.
+
+ In the IPv6 header field, this field is known as the Payload
+ Length, which is the length of the IPv6 payload, i.e., the rest
+ of the packet following the IPv6 header, in octets.";
+ reference
+ "RFC 791: Internet Protocol
+ RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
+ }
+ leaf ttl {
+ type uint8;
+ description
+ "This field indicates the maximum time the datagram is allowed
+ to remain in the internet system. If this field contains the
+ value zero, then the datagram must be dropped.
+
+ In IPv6, this field is known as the Hop Limit.";
+ reference
+ "RFC 791: Internet Protocol
+ RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
+ }
+ leaf protocol {
+ type uint8;
+ description
+ "Internet Protocol number. Refers to the protocol of the
+ payload. In IPv6, this field is known as 'next-header',
+ and if extension headers are present, the protocol is
+ present in the 'upper-layer' header.";
+ reference
+ "RFC 791: Internet Protocol
+ RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
+ }
+ }
+
+ grouping acl-ipv4-header-fields {
+ description
+ "Fields in the IPv4 header.";
+ leaf ihl {
+ type uint8 {
+ range "5..60";
+ }
+ description
+ "In an IPv4 header field, the Internet Header Length (IHL) is
+ the length of the internet header in 32-bit words and
+ thus points to the beginning of the data. Note that the
+ minimum value for a correct header is 5.";
+ }
+ leaf flags {
+ type bits {
+ bit reserved {
+ position 0;
+ description
+ "Reserved. Must be zero.";
+ }
+ bit fragment {
+ position 1;
+ description
+ "Setting the value to 0 indicates may fragment, while
+ setting the value to 1 indicates do not fragment.";
+ }
+ bit more {
+ position 2;
+ description
+ "Setting the value to 0 indicates this is the last fragment,
+ and setting the value to 1 indicates more fragments are
+ coming.";
+ }
+ }
+ description
+ "Bit definitions for the Flags field in the IPv4 header.";
+ }
+ leaf offset {
+ type uint16 {
+ range "20..65535";
+ }
+ description
+ "The fragment offset is measured in units of 8 octets (64 bits).
+ The first fragment has offset zero. The length is 13 bits";
+ }
+ leaf identification {
+ type uint16;
+ description
+ "An identifying value assigned by the sender to aid in
+ assembling the fragments of a datagram.";
+ }
+
+ choice destination-network {
+ case destination-ipv4-network {
+ leaf destination-ipv4-network {
+ type inet:ipv4-prefix;
+ description
+ "Destination IPv4 address prefix.";
+ }
+ }
+ description
+ "Choice of specifying a destination IPv4 address or
+ referring to a group of IPv4 destination addresses.";
+ }
+
+ choice source-network {
+ case source-ipv4-network {
+ leaf source-ipv4-network {
+ type inet:ipv4-prefix;
+ description
+ "Source IPv4 address prefix.";
+ }
+ }
+ description
+ "Choice of specifying a source IPv4 address or
+ referring to a group of IPv4 source addresses.";
+ }
+ }
+
+ grouping acl-ipv6-header-fields {
+ description
+ "Fields in the IPv6 header.";
+
+ choice destination-network {
+ case destination-ipv6-network {
+ leaf destination-ipv6-network {
+ type inet:ipv6-prefix;
+ description
+ "Destination IPv6 address prefix.";
+ }
+ }
+ description
+ "Choice of specifying a destination IPv6 address
+ or referring to a group of IPv6 destination
+ addresses.";
+ }
+
+ choice source-network {
+ case source-ipv6-network {
+ leaf source-ipv6-network {
+ type inet:ipv6-prefix;
+ description
+ "Source IPv6 address prefix.";
+ }
+ }
+ description
+ "Choice of specifying a source IPv6 address or
+ referring to a group of IPv6 source addresses.";
+ }
+
+ leaf flow-label {
+ type inet:ipv6-flow-label;
+ description
+ "IPv6 Flow label.";
+ }
+ reference
+ "RFC 4291: IP Version 6 Addressing Architecture
+ RFC 4007: IPv6 Scoped Address Architecture
+ RFC 5952: A Recommendation for IPv6 Address Text
+ Representation.";
+ }
+
+ grouping acl-eth-header-fields {
+ description
+ "Fields in the Ethernet header.";
+ leaf destination-mac-address {
+ type yang:mac-address;
+ description
+ "Destination IEEE 802 Media Access Control (MAC)
+ address.";
+ }
+ leaf destination-mac-address-mask {
+ type yang:mac-address;
+ description
+ "Destination IEEE 802 MAC address mask.";
+ }
+ leaf source-mac-address {
+ type yang:mac-address;
+ description
+ "Source IEEE 802 MAC address.";
+ }
+ leaf source-mac-address-mask {
+ type yang:mac-address;
+ description
+ "Source IEEE 802 MAC address mask.";
+ }
+ leaf ethertype {
+ type eth:ethertype;
+ description
+ "The Ethernet Type (or Length) value represented
+ in the canonical order defined by IEEE 802.
+ The canonical representation uses lowercase
+ characters.";
+ reference
+ "IEEE 802-2014, Clause 9.2.";
+ }
+ reference
+ "IEEE 802: IEEE Standard for Local and Metropolitan
+ Area Networks: Overview and Architecture.";
+ }
+
+ grouping acl-tcp-header-fields {
+ description
+ "Collection of TCP header fields that can be used to
+ set up a match filter.";
+ leaf sequence-number {
+ type uint32;
+ description
+ "Sequence number that appears in the packet.";
+ }
+ leaf acknowledgement-number {
+ type uint32;
+ description
+ "The acknowledgement number that appears in the
+ packet.";
+ }
+ leaf data-offset {
+ type uint8 {
+ range "5..15";
+ }
+ description
+ "Specifies the size of the TCP header in 32-bit
+ words. The minimum size header is 5 words and
+ the maximum is 15 words; thus, this gives a
+ minimum size of 20 bytes and a maximum of 60
+ bytes, allowing for up to 40 bytes of options
+ in the header.";
+ }
+ leaf reserved {
+ type uint8;
+ description
+ "Reserved for future use.";
+ }
+ leaf flags {
+ type bits {
+ bit cwr {
+ position 1;
+ description
+ "The Congestion Window Reduced (CWR) flag is set
+ by the sending host to indicate that it received
+ a TCP segment with the ECN-Echo (ECE) flag set
+ and had responded in the congestion control
+ mechanism.";
+ reference
+ "RFC 3168: The Addition of Explicit Congestion
+ Notification (ECN) to IP.";
+ }
+ bit ece {
+ position 2;
+ description
+ "ECN-Echo has a dual role, depending on the value
+ of the SYN flag. It indicates the following: if
+ the SYN flag is set (1), the TCP peer is ECN
+ capable, and if the SYN flag is clear (0), a packet
+ with the Congestion Experienced flag set (ECN=11)
+ in the IP header was received during normal
+ transmission (added to the header by RFC 3168).
+ This serves as an indication of network congestion
+ (or impending congestion) to the TCP sender.";
+ reference
+ "RFC 3168: The Addition of Explicit Congestion
+ Notification (ECN) to IP.";
+ }
+ bit urg {
+ position 3;
+ description
+ "Indicates that the Urgent Pointer field is significant.";
+ }
+ bit ack {
+ position 4;
+ description
+ "Indicates that the Acknowledgement field is significant.
+ All packets after the initial SYN packet sent by the
+ client should have this flag set.";
+ }
+ bit psh {
+ position 5;
+ description
+ "Push function. Asks to push the buffered data to the
+ receiving application.";
+ }
+ bit rst {
+ position 6;
+ description
+ "Reset the connection.";
+ }
+ bit syn {
+ position 7;
+ description
+ "Synchronize sequence numbers. Only the first packet
+ sent from each end should have this flag set. Some
+ other flags and fields change meaning based on this
+ flag, and some are only valid for when it is set,
+ and others when it is clear.";
+ }
+ bit fin {
+ position 8;
+ description
+ "Last package from the sender.";
+ }
+ }
+ description
+ "Also known as Control Bits. Contains nine 1-bit flags.";
+ reference
+ "RFC 793: Transmission Control Protocol.";
+ }
+ leaf window-size {
+ type uint16;
+ units "bytes";
+ description
+ "The size of the receive window, which specifies
+ the number of window size units beyond the segment
+ identified by the sequence number in the Acknowledgement
+ field that the sender of this segment is currently
+ willing to receive.";
+ }
+ leaf urgent-pointer {
+ type uint16;
+ description
+ "This field is an offset from the sequence number
+ indicating the last urgent data byte.";
+ }
+ leaf options {
+ type binary {
+ length "1..40";
+ }
+ description
+ "The length of this field is determined by the
+ Data Offset field. Options have up to three
+ fields: Option-Kind (1 byte), Option-Length
+ (1 byte), and Option-Data (variable). The Option-Kind
+ field indicates the type of option and is the
+ only field that is not optional. Depending on
+ what kind of option we are dealing with,
+ the next two fields may be set: the Option-Length
+ field indicates the total length of the option,
+ and the Option-Data field contains the value of
+ the option, if applicable.";
+ }
+ }
+
+ grouping acl-udp-header-fields {
+ description
+ "Collection of UDP header fields that can be used
+ to set up a match filter.";
+ leaf length {
+ type uint16;
+ description
+ "A field that specifies the length in bytes of
+ the UDP header and UDP data. The minimum
+ length is 8 bytes because that is the length of
+ the header. The field size sets a theoretical
+ limit of 65,535 bytes (8-byte header plus 65,527
+ bytes of data) for a UDP datagram. However, the
+ actual limit for the data length, which is
+ imposed by the underlying IPv4 protocol, is
+ 65,507 bytes (65,535 minus 8-byte UDP header
+ minus 20-byte IP header).
+
+ In IPv6 jumbograms, it is possible to have
+ UDP packets of a size greater than 65,535 bytes.
+ RFC 2675 specifies that the Length field is set
+ to zero if the length of the UDP header plus
+ UDP data is greater than 65,535.";
+ }
+ }
+
+ grouping acl-icmp-header-fields {
+ description
+ "Collection of ICMP header fields that can be
+ used to set up a match filter.";
+ leaf type {
+ type uint8;
+ description
+ "Also known as control messages.";
+ reference
+ "RFC 792: Internet Control Message Protocol
+ RFC 4443: Internet Control Message Protocol (ICMPv6)
+ for Internet Protocol Version 6 (IPv6)
+ Specification.";
+ }
+ leaf code {
+ type uint8;
+ description
+ "ICMP subtype. Also known as control messages.";
+ reference
+ "RFC 792: Internet Control Message Protocol
+ RFC 4443: Internet Control Message Protocol (ICMPv6)
+ for Internet Protocol Version 6 (IPv6)
+ Specification.";
+ }
+ leaf rest-of-header {
+ type binary;
+ description
+ "Unbounded in length, the contents vary based on the
+ ICMP type and code. Also referred to as 'Message Body'
+ in ICMPv6.";
+ reference
+ "RFC 792: Internet Control Message Protocol
+ RFC 4443: Internet Control Message Protocol (ICMPv6)
+ for Internet Protocol Version 6 (IPv6)
+ Specification.";
+ }
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.mdsal</groupId>
+ <artifactId>dom-parent</artifactId>
+ <version>3.0.7-SNAPSHOT</version>
+ <relativePath>../../../dom/dom-parent</relativePath>
+ </parent>
+
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519</artifactId>
+ <version>1.0.7-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>${project.artifactId}</name>
+ <description>RFC8519 Network Access Control Lists</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-access-control-list</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-ethertypes</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc8519-ietf-packet-fields</artifactId>
+ </dependency>
+ </dependencies>
+</project>