From 2332428d3c80ac3d3b4e1c0bdba830b098ef440f Mon Sep 17 00:00:00 2001
|
|
From: Rafael Zalamena <rzalamena@opensourcerouting.org>
|
|
Date: Fri, 5 Jul 2019 11:07:30 -0300
|
|
Subject: [PATCH] yang: initial filter YANG model import
|
|
|
|
This model contains the description of access-list, prefix-list and
|
|
other lists used by route map and other filtering interfaces.
|
|
|
|
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
|
|
---
|
|
yang/frr-filter.yang | 365 +++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 365 insertions(+)
|
|
create mode 100644 yang/frr-filter.yang
|
|
|
|
diff --git a/yang/frr-filter.yang b/yang/frr-filter.yang
|
|
new file mode 100644
|
|
index 0000000000..92af6aebfd
|
|
--- /dev/null
|
|
+++ b/yang/frr-filter.yang
|
|
@@ -0,0 +1,365 @@
|
|
+module frr-filter {
|
|
+ yang-version 1.1;
|
|
+ namespace "http://frrouting.org/yang/filter";
|
|
+ prefix frr-filter;
|
|
+
|
|
+ import ietf-inet-types {
|
|
+ prefix inet;
|
|
+ }
|
|
+ import ietf-yang-types {
|
|
+ prefix yang;
|
|
+ }
|
|
+
|
|
+ organization "Free Range Routing";
|
|
+ contact
|
|
+ "FRR Users List: <mailto:frog@lists.frrouting.org>
|
|
+ FRR Development List: <mailto:dev@lists.frrouting.org>";
|
|
+ description "This module defines filter settings";
|
|
+
|
|
+ revision 2019-07-04 {
|
|
+ description "Initial revision";
|
|
+ }
|
|
+
|
|
+ /*
|
|
+ * Types.
|
|
+ */
|
|
+ typedef access-list-standard {
|
|
+ description "Standard IPv4 access list (any, host or a prefix)";
|
|
+ type uint16 {
|
|
+ range "1..99 | 1300..1999";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ typedef access-list-extended {
|
|
+ description
|
|
+ "Extended IPv4 access list (source / destination any, hosts or prefixes)";
|
|
+ type uint16 {
|
|
+ range "100..199 | 2000..2699";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ typedef access-list-legacy {
|
|
+ description "Standard/Extended IPv4 access list";
|
|
+ type uint16 {
|
|
+ range "1..199 | 1300..2699";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ typedef access-list-name {
|
|
+ description "Access list name formatting";
|
|
+ type string;
|
|
+ }
|
|
+
|
|
+ typedef access-list-sequence {
|
|
+ description "Access list sequence number";
|
|
+ type uint32 {
|
|
+ range "1..4294967295";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ typedef access-list-action {
|
|
+ description "Access list return action on match";
|
|
+ type enumeration {
|
|
+ enum deny {
|
|
+ description "Deny an entry";
|
|
+ value 0;
|
|
+ }
|
|
+ enum permit {
|
|
+ description "Accept an entry";
|
|
+ value 1;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ /*
|
|
+ * Configuration data.
|
|
+ */
|
|
+ container filter-list {
|
|
+ list access-list-legacy {
|
|
+ description "Access list legacy instance";
|
|
+
|
|
+ key "number sequence";
|
|
+
|
|
+ leaf number {
|
|
+ description "Access list sequence value";
|
|
+ type access-list-legacy;
|
|
+ }
|
|
+
|
|
+ leaf sequence {
|
|
+ description "Access list sequence value";
|
|
+ type access-list-sequence;
|
|
+ }
|
|
+
|
|
+ leaf action {
|
|
+ description "Access list action on match";
|
|
+ type access-list-action;
|
|
+ mandatory true;
|
|
+ }
|
|
+
|
|
+ leaf remark {
|
|
+ description "Access list remark";
|
|
+ type string;
|
|
+ }
|
|
+
|
|
+ choice value {
|
|
+ description
|
|
+ "Standard access list: value to match.
|
|
+ Extended access list: source value to match.";
|
|
+ mandatory true;
|
|
+
|
|
+ case host {
|
|
+ leaf host {
|
|
+ description "Host to match";
|
|
+ type inet:ipv4-address;
|
|
+ }
|
|
+ }
|
|
+ case network {
|
|
+ leaf network {
|
|
+ description "Network to match";
|
|
+ type inet:ipv4-prefix;
|
|
+ }
|
|
+ }
|
|
+ case any {
|
|
+ leaf any {
|
|
+ description "Match any";
|
|
+ type empty;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ choice extended-value {
|
|
+ when "./sequence >= 100 and ./sequence <= 199 or
|
|
+ ./sequence >= 2000 and ./sequence <= 2699";
|
|
+ description "Destination value to match";
|
|
+
|
|
+ case destination-host {
|
|
+ leaf destination-host {
|
|
+ description "Host to match";
|
|
+ type inet:ipv4-address;
|
|
+ }
|
|
+ }
|
|
+ case destination-network {
|
|
+ leaf destination-network {
|
|
+ description "Network to match";
|
|
+ type inet:ipv4-prefix;
|
|
+ }
|
|
+ }
|
|
+ case destination-any {
|
|
+ leaf destination-any {
|
|
+ description "Match any";
|
|
+ type empty;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ list access-list {
|
|
+ description "Access list instance";
|
|
+
|
|
+ key "type identifier sequence";
|
|
+
|
|
+ leaf type {
|
|
+ description "Access list content type";
|
|
+ type enumeration {
|
|
+ enum ipv4 {
|
|
+ description "Internet Protocol address version 4";
|
|
+ value 0;
|
|
+ }
|
|
+ enum ipv6 {
|
|
+ description "Internet Protocol address version 6";
|
|
+ value 1;
|
|
+ }
|
|
+ enum mac {
|
|
+ description "Media Access Control address";
|
|
+ value 2;
|
|
+ }
|
|
+
|
|
+ /*
|
|
+ * Protocol YANG models should augment the parent node to
|
|
+ * contain the routing protocol specific value. The protocol
|
|
+ * must also augment `value` leaf to include its specific
|
|
+ * values or expand the `when` statement on the existing cases.
|
|
+ */
|
|
+ enum custom {
|
|
+ description "Custom data type";
|
|
+ value 100;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ leaf identifier {
|
|
+ description "Access list identifier";
|
|
+ type access-list-name;
|
|
+ }
|
|
+
|
|
+ leaf sequence {
|
|
+ description "Access list sequence value";
|
|
+ type access-list-sequence;
|
|
+ }
|
|
+
|
|
+ leaf action {
|
|
+ description "Access list action on match";
|
|
+ type access-list-action;
|
|
+ mandatory true;
|
|
+ }
|
|
+
|
|
+ leaf remark {
|
|
+ description "Access list remark";
|
|
+ type string;
|
|
+ }
|
|
+
|
|
+ choice value {
|
|
+ description "Access list value to match";
|
|
+ mandatory true;
|
|
+
|
|
+ case ipv4-prefix {
|
|
+ when "./type = 'ipv4'";
|
|
+
|
|
+ leaf ipv4-prefix {
|
|
+ description "Configure IPv4 prefix to match";
|
|
+ type inet:ipv4-prefix;
|
|
+ }
|
|
+
|
|
+ leaf ipv4-exact-match {
|
|
+ description "Exact match of prefix";
|
|
+ type boolean;
|
|
+ default false;
|
|
+ }
|
|
+ }
|
|
+ case ipv6-prefix {
|
|
+ when "./type = 'ipv6'";
|
|
+
|
|
+ leaf ipv6-prefix {
|
|
+ description "Configure IPv6 prefix to match";
|
|
+ type inet:ipv6-prefix;
|
|
+ }
|
|
+
|
|
+ leaf ipv6-exact-match {
|
|
+ description "Exact match of prefix";
|
|
+ type boolean;
|
|
+ default false;
|
|
+ }
|
|
+ }
|
|
+ case mac {
|
|
+ when "./type = 'mac'";
|
|
+
|
|
+ leaf mac {
|
|
+ description "Configure MAC address to match";
|
|
+ type yang:mac-address;
|
|
+ }
|
|
+ }
|
|
+ case any {
|
|
+ leaf any {
|
|
+ description "Match anything";
|
|
+ type empty;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ list prefix-list {
|
|
+ description "Prefix list instance";
|
|
+
|
|
+ key "type name sequence";
|
|
+
|
|
+ leaf type {
|
|
+ description "Prefix list type";
|
|
+ type enumeration {
|
|
+ enum ipv4 {
|
|
+ description "Internet Protocol address version 4";
|
|
+ value 0;
|
|
+ }
|
|
+ enum ipv6 {
|
|
+ description "Internet Protocol address version 6";
|
|
+ value 1;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ leaf name {
|
|
+ description "Prefix list name";
|
|
+ type access-list-name;
|
|
+ }
|
|
+
|
|
+ leaf sequence {
|
|
+ description "Access list sequence value";
|
|
+ type access-list-sequence;
|
|
+ }
|
|
+
|
|
+ leaf action {
|
|
+ description "Prefix list action on match";
|
|
+ type access-list-action;
|
|
+ mandatory true;
|
|
+ }
|
|
+
|
|
+ leaf description {
|
|
+ description "Prefix list user description";
|
|
+ type string;
|
|
+ }
|
|
+
|
|
+ choice value {
|
|
+ description "Prefix list value to match";
|
|
+ mandatory true;
|
|
+
|
|
+ case ipv4-prefix {
|
|
+ when "./type = 'ipv4'";
|
|
+
|
|
+ leaf ipv4-prefix {
|
|
+ description "Configure IPv4 prefix to match";
|
|
+ type inet:ipv4-prefix;
|
|
+ }
|
|
+
|
|
+ leaf ipv4-prefix-length-greater-or-equal {
|
|
+ description
|
|
+ "Specifies if matching prefixes with length greater than
|
|
+ or equal to value";
|
|
+ type uint8 {
|
|
+ range "0..32";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ leaf ipv4-prefix-length-lesser-or-equal {
|
|
+ description
|
|
+ "Specifies if matching prefixes with length lesser than
|
|
+ or equal to value";
|
|
+ type uint8 {
|
|
+ range "0..32";
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ case ipv6-prefix {
|
|
+ when "./type = 'ipv6'";
|
|
+
|
|
+ leaf ipv6-prefix {
|
|
+ description "Configure IPv6 prefix to match";
|
|
+ type inet:ipv6-prefix;
|
|
+ }
|
|
+
|
|
+ leaf ipv6-prefix-length-greater-or-equal {
|
|
+ description
|
|
+ "Specifies if matching prefixes with length greater than
|
|
+ or equal to value";
|
|
+ type uint8 {
|
|
+ range "0..128";
|
|
+ }
|
|
+ }
|
|
+
|
|
+ leaf ipv6-prefix-length-lesser-or-equal {
|
|
+ description
|
|
+ "Specifies if matching prefixes with length lesser than
|
|
+ or equal to value";
|
|
+ type uint8 {
|
|
+ range "0..128";
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ case any {
|
|
+ leaf any {
|
|
+ description "Match anything";
|
|
+ type empty;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+}
|