[email protected] Maven / Gradle / Ivy
/*
* Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
module neutron-secgroups {
yang-version 1;
namespace "urn:opendaylight:neutron-secgroups";
prefix neutron-secgroups;
import ietf-yang-types { prefix "yang"; }
import ietf-inet-types { prefix "inet"; revision-date 2013-07-15; }
import neutron-attrs { prefix "attrs"; }
import neutron-constants { prefix "constants"; }
organization "OpenDaylight Neutron Group";
contact "J. Gregory Hall , Kiran Sreenivasa ";
description "This YANG module defines OpenStack Neutron security group model";
revision "2015-07-12" {
description
"OpenDaylight Beryllium release";
}
grouping security-group-attributes {
description "OpenStack Layer3 Security group information.";
}
grouping security-rule-attributes {
description "OpenStack Layer3 Security Group rules.";
leaf direction {
type identityref {
base "constants:direction-base";
}
description "The direction in which metering rule is applied.
For a compute instance, an ingress security group rule is
applied to incoming (ingress) traffic for that instance.
An egress rule is applied to traffic leaving the instance.";
}
leaf security-group-id {
type yang:uuid;
mandatory true;
description "The security group ID to associate with this security group rule.";
}
leaf remote-group-id {
description "The remote group ID to be associated with this security group rule.
You can specify either remote-ip-prefix or remote-group-id in the request body.";
type yang:uuid;
}
leaf remote-ip-prefix {
description "The remote IP Prefix to be associated with this security group rule.
You can specify either remote-ip-prefix or remote-group-id in the request body.";
type inet:ip-prefix;
}
leaf protocol {
type union {
type uint8;
type identityref {
base "constants:protocol-base";
}
}
description "The protocol that is matched by the security group rule.";
}
leaf ethertype {
description "Must be IPv4 or IPv6, and addresses represented in CIDR must
match the ingress or egress rules.";
type identityref {
base "constants:ethertype-base";
}
}
leaf port-range-min {
type uint16;
description "The minimum port number in the range that is matched by the
security group rule. If the protocol is TCP or UDP, this value must
be less than or equal to the value of the attribute. If the protocol
is ICMP, this value must be an ICMP type.";
}
leaf port-range-max {
type uint16;
description "The maximum port number in the range that is matched by the
security group rule. If the protocol is TCP or UDP, this value must
be less than or equal to the value of the attribute. If the protocol
is ICMP, this value must be an ICMP type.";
}
}
grouping security-groups-attributes {
container security-groups {
description "Container for security groups.";
list security-group {
key "uuid";
uses attrs:base-attributes;
uses security-group-attributes;
description "List of Security Groups.";
}
}
}
grouping security-rules-attributes {
container security-rules {
description "Container for security group rules.";
list security-rule {
key "uuid";
uses attrs:id-attributes;
uses security-rule-attributes;
description "List of Security Group Rules.";
}
}
}
}