<artifactId>ietf-type-util</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-packet-fields</artifactId>
+ <version>0.7.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-access-control-list</artifactId>
+ <version>0.7.0-SNAPSHOT</version>
+ </dependency>
<!-- TODO: Sort dependencies alphabetically? -->
</dependencies>
</dependencyManagement>
<groupId>org.opendaylight.mdsal.model</groupId>
<artifactId>ietf-type-util</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-packet-fields</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-access-control-list</artifactId>
+ </dependency>
</dependencies>
<!--
<bundle>mvn:org.opendaylight.mdsal.model/ietf-network-2015-06-08/{{VERSION}}</bundle>
<bundle>mvn:org.opendaylight.mdsal.model/ietf-inet-types-2013-07-15/{{VERSION}}</bundle>
<bundle>mvn:org.opendaylight.mdsal.model/ietf-type-util/{{VERSION}}</bundle>
+ <bundle>mvn:org.opendaylight.mdsal.model/ietf-packet-fields/{{VERSION}}</bundle>
+ <bundle>mvn:org.opendaylight.mdsal.model/ietf-access-control-list/{{VERSION}}</bundle>
</feature>
</features>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright © 2016 Red Hat, Inc. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <artifactId>model-ietf</artifactId>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <version>0.9.0-SNAPSHOT</version>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>ietf-access-control-list</artifactId>
+ <version>0.7.0-SNAPSHOT</version>
+ <name>${project.artifactId}</name>
+ <description>${project.artifactId}</description>
+ <packaging>bundle</packaging>
+
+
+
+ <!--
+ Maven Site Configuration
+
+ The following configuration is necessary for maven-site-plugin to
+ correctly identify the correct deployment path for OpenDaylight Maven
+ sites.
+ -->
+ <url>${odl.site.url}/${project.groupId}/${stream}/${project.artifactId}/</url>
+
+ <distributionManagement>
+ <site>
+ <id>opendaylight-site</id>
+ <url>${nexus.site.url}/${project.artifactId}/</url>
+ </site>
+ </distributionManagement>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-packet-fields</artifactId>
+ <version>0.7.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+</project>
--- /dev/null
+module ietf-access-control-list {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-access-control-list";
+ prefix acl;
+ import ietf-yang-types {
+ prefix yang; revision-date 2013-07-15;
+ }
+ import ietf-packet-fields {
+ prefix packet-fields; revision-date 2016-02-18;
+ }
+ organization "IETF NETMOD (NETCONF Data Modeling Language)
+ Working Group";
+ contact
+ "WG Web: http://tools.ietf.org/wg/netmod/
+ WG List: netmod@ietf.org
+ WG Chair: Juergen Schoenwaelder
+ j.schoenwaelder@jacobs-university.de
+ WG Chair: Tom Nadeau
+ tnadeau@lucidvision.com
+ Editor: Dean Bogdanovic
+ ivandean@gmail.com
+ Editor: Kiran Agrahara Sreenivasa
+ kkoushik@cisco.com
+ Editor: Lisa Huang
+ lyihuang@juniper.net
+ Editor: Dana Blair
+ dblair@cisco.com";
+ description
+ "This YANG module defines a component that describing the
+ configuration of Access Control Lists (ACLs).
+ Copyright (c) 2016 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+ This version of this YANG module is part of RFC XXXX; see
+ the RFC itself for full legal notices.";
+ revision 2016-02-18 {
+ description
+ "Base model for Network Access Control List (ACL).";
+ reference
+ "RFC XXXX: Network Access Control List (ACL)
+ YANG Data Model";
+ }
+ identity acl-base {
+ description
+ "Base Access Control List type for all Access Control List type
+ identifiers.";
+ }
+ identity ipv4-acl {
+ base acl:acl-base;
+ description
+ "ACL that primarily matches on fields from the IPv4 header
+ (e.g. IPv4 destination address) and layer 4 headers (e.g. TCP
+ destination port). An acl of type ipv4-acl does not contain
+ matches on fields in the ethernet header or the IPv6 header.";
+ }
+ identity ipv6-acl {
+ base acl:acl-base;
+ description
+ "ACL that primarily matches on fields from the IPv6 header
+ (e.g. IPv6 destination address) and layer 4 headers (e.g. TCP
+ destination port). An acl of type ipv6-acl does not contain
+ matches on fields in the ethernet header or the IPv4 header.";
+ }
+ identity eth-acl {
+ base acl:acl-base;
+ description
+ "ACL that primarily matches on fields in the ethernet header,
+ like 10/100/1000baseT or WiFi Access Control List. An acl of
+ type eth-acl does not contain matches on fields in the IPv4
+ header, IPv6 header or layer 4 headers.";
+ }
+ typedef acl-type {
+ type identityref {
+ base acl:acl-base;
+ }
+ description
+ "This type is used to refer to an Access Control List
+ (ACL) type";
+ }
+ typedef access-control-list-ref {
+ type leafref {
+ path "/access-lists/acl/acl-name";
+ }
+ description
+ "This type is used by data models that need to reference an
+ Access Control List";
+ }
+ container access-lists {
+ description
+ "This is a top level container for Access Control Lists.
+ It can have one or more Access Control Lists.";
+ list acl {
+ key "acl-type acl-name";
+ description
+ "An Access Control List(ACL) is an ordered list of
+ Access List Entries (ACE). Each Access Control Entry has a
+ list of match criteria and a list of actions.
+ Since there are several kinds of Access Control Lists
+ implemented with different attributes for
+ different vendors, this
+ model accommodates customizing Access Control Lists for
+ each kind and for each vendor.";
+ leaf acl-name {
+ type string;
+ description
+ "The name of access-list. A device MAY restrict the length
+ and value of this name, possibly space and special
+ characters are not allowed.";
+ }
+ leaf acl-type {
+ type acl-type;
+ description
+ "Type of access control list. Indicates the primary intended
+ type of match criteria (e.g. ethernet, IPv4, IPv6, mixed, etc)
+ used in the list instance.";
+ }
+ container acl-oper-data {
+ config false;
+ description
+ "Overall Access Control List operational data";
+ }
+ container access-list-entries {
+ description
+ "The access-list-entries container contains
+ a list of access-list-entries(ACE).";
+ list ace {
+ key "rule-name";
+ ordered-by user;
+ description
+ "List of access list entries(ACE)";
+ leaf rule-name {
+ type string;
+ description
+ "A unique name identifying this Access List
+ Entry(ACE).";
+ }
+ container matches {
+ description
+ "Definitions for match criteria for this Access List
+ Entry.";
+ choice ace-type {
+ description
+ "Type of access list entry.";
+ case ace-ip {
+ description "IP Access List Entry.";
+ choice ace-ip-version {
+ description
+ "IP version used in this Access List Entry.";
+ case ace-ipv4 {
+ uses packet-fields:acl-ipv4-header-fields;
+ }
+ case ace-ipv6 {
+ uses packet-fields:acl-ipv6-header-fields;
+ }
+ }
+ uses packet-fields:acl-ip-header-fields;
+ }
+ case ace-eth {
+ description
+ "Ethernet Access List entry.";
+ uses packet-fields:acl-eth-header-fields;
+ }
+ }
+ uses packet-fields:metadata;
+ }
+ container actions {
+ description
+ "Definitions of action criteria for this Access List
+ Entry.";
+ choice packet-handling {
+ default "deny";
+ description
+ "Packet handling action.";
+ case deny {
+ leaf deny {
+ type empty;
+ description
+ "Deny action.";
+ }
+ }
+ case permit {
+ leaf permit {
+ type empty;
+ description
+ "Permit action.";
+ }
+ }
+ }
+ }
+ container ace-oper-data {
+ config false;
+ description
+ "Operational data for this Access List Entry.";
+ leaf match-counter {
+ type yang:counter64;
+ description
+ "Number of matches for this Access List Entry";
+ }
+ }
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- vi: set et smarttab sw=4 tabstop=4: -->
+<!--
+ Copyright © 2016 Red Hat, Inc. and others. All rights reserved.
+
+ This program and the accompanying materials are made available under the
+ terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ and is available at http://www.eclipse.org/legal/epl-v10.html
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <artifactId>model-ietf</artifactId>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <version>0.9.0-SNAPSHOT</version>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>ietf-packet-fields</artifactId>
+ <version>0.7.0-SNAPSHOT</version>
+ <name>${project.artifactId}</name>
+ <description>${project.artifactId}</description>
+ <packaging>bundle</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-interfaces</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-yang-types-20130715</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.model</groupId>
+ <artifactId>ietf-inet-types-2013-07-15</artifactId>
+ </dependency>
+ </dependencies>
+
+
+ <!--
+ Maven Site Configuration
+
+ The following configuration is necessary for maven-site-plugin to
+ correctly identify the correct deployment path for OpenDaylight Maven
+ sites.
+ -->
+ <url>${odl.site.url}/${project.groupId}/${stream}/${project.artifactId}/</url>
+
+ <distributionManagement>
+ <site>
+ <id>opendaylight-site</id>
+ <url>${nexus.site.url}/${project.artifactId}/</url>
+ </site>
+ </distributionManagement>
+
+</project>
--- /dev/null
+module ietf-packet-fields {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-packet-fields";
+ prefix packet-fields;
+ import ietf-inet-types {
+ prefix inet; revision-date 2013-07-15;
+ }
+ import ietf-yang-types {
+ prefix yang; revision-date 2013-07-15;
+ }
+ import ietf-interfaces {
+ prefix if; revision-date 2014-05-08;
+ }
+ organization "IETF NETMOD (NETCONF Data Modeling Language) Working
+ Group";
+ contact
+ "WG Web: http://tools.ietf.org/wg/netmod/
+ WG List: netmod@ietf.org
+ WG Chair: Juergen Schoenwaelder
+ j.schoenwaelder@jacobs-university.de
+ WG Chair: Tom Nadeau
+ tnadeau@lucidvision.com
+ Editor: Dean Bogdanovic
+ deanb@juniper.net
+ Editor: Kiran Agrahara Sreenivasa
+ kkoushik@cisco.com
+ Editor: Lisa Huang
+ lyihuang@juniper.net
+ Editor: Dana Blair
+ dblair@cisco.com";
+ description
+ "This YANG module defines groupings that are used by
+ ietf-access-control-list YANG module. Their usage is not
+ limited to ietf-access-control-list and can be
+ used anywhere as applicable.
+ Copyright (c) 2016 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+ This version of this YANG module is part of RFC XXXX; see
+ the RFC itself for full legal notices.";
+ revision 2016-02-18 {
+ description
+ "Initial version of packet fields used by
+ ietf-access-control-list";
+ reference
+ "RFC XXXX: Network Access Control List (ACL)
+ YANG Data Model";
+ }
+ grouping acl-transport-header-fields {
+ description
+ "Transport header fields";
+ container source-port-range {
+ presence "Enables setting source port range";
+ description
+ "Inclusive range representing source ports to be used.
+ When only lower-port is present, it represents a single port.";
+ leaf lower-port {
+ type inet:port-number;
+ mandatory true;
+ description
+ "Lower boundary for port.";
+ }
+ leaf upper-port {
+ type inet:port-number;
+ must ". >= ../lower-port" {
+ error-message
+ "The upper-port must be greater than or equal to lower-port";
+ }
+ description
+ "Upper boundary for port . If existing, the upper port
+ must be greater or equal to lower-port.";
+ }
+ }
+ container destination-port-range {
+ presence "Enables setting destination port range";
+ description
+ "Inclusive range representing destination ports to be used. When
+ only lower-port is present, it represents a single port.";
+ leaf lower-port {
+ type inet:port-number;
+ mandatory true;
+ description
+ "Lower boundary for port.";
+ }
+ leaf upper-port {
+ type inet:port-number;
+ must ". >= ../lower-port" {
+ error-message
+ "The upper-port must be greater than or equal to lower-port";
+ }
+
+ description
+ "Upper boundary for port. If existing, the upper port must
+ be greater or equal to lower-port";
+ }
+ }
+ }
+ grouping acl-ip-header-fields {
+ description
+ "IP header fields common to ipv4 and ipv6";
+ leaf dscp {
+ type inet:dscp;
+ description
+ "Value of dscp.";
+ }
+ leaf protocol {
+ type uint8;
+ description
+ "Internet Protocol number.";
+ }
+ uses acl-transport-header-fields;
+ }
+ grouping acl-ipv4-header-fields {
+ description
+ "Fields in IPv4 header.";
+ leaf destination-ipv4-network {
+ type inet:ipv4-prefix;
+ description
+ "Destination IPv4 address prefix.";
+ }
+ leaf source-ipv4-network {
+ type inet:ipv4-prefix;
+ description
+ "Source IPv4 address prefix.";
+ }
+ }
+ grouping acl-ipv6-header-fields {
+ description
+ "Fields in IPv6 header";
+ leaf destination-ipv6-network {
+ type inet:ipv6-prefix;
+ description
+ "Destination IPv6 address prefix.";
+ }
+ leaf source-ipv6-network {
+ type inet:ipv6-prefix;
+ description
+ "Source IPv6 address prefix.";
+ }
+ leaf flow-label {
+ type inet:ipv6-flow-label;
+ description
+ "IPv6 Flow label.";
+ }
+ reference
+ "RFC 4291: IP Version 6 Addressing Architecture
+ RFC 4007: IPv6 Scoped Address Architecture
+ RFC 5952: A Recommendation for IPv6 Address Text Representation";
+ }
+ grouping acl-eth-header-fields {
+ description
+ "Fields in Ethernet header.";
+ leaf destination-mac-address {
+ type yang:mac-address;
+ description
+ "Destination IEEE 802 MAC address.";
+ }
+ leaf destination-mac-address-mask {
+ type yang:mac-address;
+ description
+ "Destination IEEE 802 MAC address mask.";
+ }
+ leaf source-mac-address {
+ type yang:mac-address;
+ description
+ "Source IEEE 802 MAC address.";
+ }
+ leaf source-mac-address-mask {
+ type yang:mac-address;
+ description
+ "Source IEEE 802 MAC address mask.";
+ }
+ reference
+ "IEEE 802: IEEE Standard for Local and Metropolitan Area
+ Networks: Overview and Architecture.";
+ }
+
+ grouping metadata {
+ description
+ "Fields associated with a packet whick are not in
+ the header.";
+ leaf input-interface {
+ type if:interface-ref {
+ require-instance false;
+ }
+ description
+ "Packet was received on this interface.";
+ }
+ }
+}
\ No newline at end of file
<module>ietf-yang-types</module>
<module>ietf-yang-types-20130715</module>
<module>ietf-network</module>
+ <module>ietf-packet-fields</module>
+ <module>ietf-access-control-list</module>
<!-- Legacy IETF topology models -->
<module>ietf-ted</module>