expected_config_acl_update.xml revision 834e67e5
1<!--
2  ~ Copyright (c) 2018 Cisco and/or its affiliates.
3  ~
4  ~ Licensed under the Apache License, Version 2.0 (the "License");
5  ~ you may not use this file except in compliance with the License.
6  ~ You may obtain a copy of the License at:
7  ~
8  ~     http://www.apache.org/licenses/LICENSE-2.0
9  ~
10  ~ Unless required by applicable law or agreed to in writing, software
11  ~ distributed under the License is distributed on an "AS IS" BASIS,
12  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  ~ See the License for the specific language governing permissions and
14  ~ limitations under the License.
15  -->
16<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
17    <nat xmlns="urn:ietf:params:xml:ns:yang:ietf-nat">
18        <instances>
19            <instance>
20                <id>0</id>
21                <policy>
22                    <id>0</id>
23                </policy>
24            </instance>
25        </instances>
26    </nat>
27    <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
28        <interface>
29            <name>local0</name>
30            <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type>
31            <enabled>false</enabled>
32        </interface>
33        <interface>
34            <name>loop1</name>
35            <description>for testing purposes</description>
36            <type xmlns:x="urn:opendaylight:params:xml:ns:yang:v3po">x:loopback</type>
37            <loopback xmlns="urn:opendaylight:params:xml:ns:yang:v3po">
38                <mac>00:ff:ff:ff:ff:ff</mac>
39            </loopback>
40            <acl xmlns="urn:opendaylight:params:xml:ns:yang:interface:acl">
41                <ingress>
42                    <vpp-macip-acl>
43                        <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-macip-acl</type>
44                        <name>macip-acl</name>
45                    </vpp-macip-acl>
46                </ingress>
47            </acl>
48        </interface>
49        <interface>
50            <name>loop2</name>
51            <description>for testing purposes</description>
52            <type xmlns:x="urn:opendaylight:params:xml:ns:yang:v3po">x:loopback</type>
53            <loopback xmlns="urn:opendaylight:params:xml:ns:yang:v3po">
54                <mac>aa:ff:ff:ff:ff:ff</mac>
55            </loopback>
56            <acl xmlns="urn:opendaylight:params:xml:ns:yang:interface:acl">
57                <ingress>
58                    <vpp-acls>
59                        <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</type>
60                        <name>tcp-acl2</name>
61                    </vpp-acls>
62                    <vpp-acls>
63                        <type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</type>
64                        <name>udp-acl</name>
65                    </vpp-acls>
66                </ingress>
67            </acl>
68        </interface>
69    </interfaces>
70    <access-lists xmlns="urn:ietf:params:xml:ns:yang:ietf-access-control-list">
71        <acl>
72            <acl-name>macip-acl</acl-name>
73            <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-macip-acl</acl-type>
74            <access-list-entries>
75                <ace>
76                    <rule-name>macip-rule</rule-name>
77                    <matches>
78                        <vpp-macip-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
79                            <source-ipv4-network>192.168.2.2/32</source-ipv4-network>
80                            <source-mac-address>aa:aa:aa:aa:aa:aa</source-mac-address>
81                            <source-mac-address-mask>ff:00:00:00:00:00</source-mac-address-mask>
82                        </vpp-macip-ace-nodes>
83                    </matches>
84                    <actions>
85                        <permit/>
86                    </actions>
87                </ace>
88            </access-list-entries>
89        </acl>
90        <acl>
91            <acl-name>icmp-v6-acl</acl-name>
92            <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type>
93            <access-list-entries>
94                <ace>
95                    <rule-name>imcp-v6-rule</rule-name>
96                    <matches>
97                        <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
98                            <destination-ipv6-network>2001:0db8:0a0b:12f0:0000:0000:0000:0001/64
99                            </destination-ipv6-network>
100                            <source-ipv6-network>2001:0db8:0a0b:12f0:0000:0000:0000:0002/48</source-ipv6-network>
101                            <icmp-v6-nodes>
102                                <icmp-type-range>
103                                    <last>8</last>
104                                    <first>5</first>
105                                </icmp-type-range>
106                                <icmp-code-range>
107                                    <last>3</last>
108                                    <first>1</first>
109                                </icmp-code-range>
110                            </icmp-v6-nodes>
111                        </vpp-ace-nodes>
112                    </matches>
113                    <actions>
114                        <permit/>
115                    </actions>
116                </ace>
117            </access-list-entries>
118        </acl>
119        <acl>
120            <acl-name>udp-acl</acl-name>
121            <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type>
122            <access-list-entries>
123                <ace>
124                    <rule-name>udp-rule</rule-name>
125                    <matches>
126                        <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
127                            <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network>
128                            <source-ipv4-network>192.168.2.2/32</source-ipv4-network>
129                            <udp-nodes>
130                                <source-port-range>
131                                    <upper-port>5486</upper-port>
132                                    <lower-port>11</lower-port>
133                                </source-port-range>
134                            </udp-nodes>
135                        </vpp-ace-nodes>
136                    </matches>
137                    <actions>
138                        <permit/>
139                    </actions>
140                </ace>
141            </access-list-entries>
142        </acl>
143        <acl>
144            <acl-name>tcp-acl2</acl-name>
145            <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type>
146            <access-list-entries>
147                <ace>
148                    <rule-name>tcp-rule</rule-name>
149                    <matches>
150                        <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
151                            <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network>
152                            <source-ipv4-network>192.168.2.2/32</source-ipv4-network>
153                            <tcp-nodes>
154                                <source-port-range>
155                                    <upper-port>5487</upper-port>
156                                    <lower-port>1</lower-port>
157                                </source-port-range>
158                                <destination-port-range>
159                                    <upper-port>6745</upper-port>
160                                    <lower-port>87</lower-port>
161                                </destination-port-range>
162                                <tcp-flags-mask>1</tcp-flags-mask>
163                                <tcp-flags-value>7</tcp-flags-value>
164                            </tcp-nodes>
165                        </vpp-ace-nodes>
166                    </matches>
167                    <actions>
168                        <permit/>
169                    </actions>
170                </ace>
171            </access-list-entries>
172        </acl>
173        <acl>
174            <acl-name>icmp-acl</acl-name>
175            <acl-type xmlns:x="urn:opendaylight:params:xml:ns:yang:vpp:acl">x:vpp-acl</acl-type>
176            <access-list-entries>
177                <ace>
178                    <rule-name>renamed-imcp-rule</rule-name>
179                    <matches>
180                        <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
181                            <destination-ipv4-network>192.168.2.1/24</destination-ipv4-network>
182                            <source-ipv4-network>192.168.2.2/32</source-ipv4-network>
183                            <icmp-nodes>
184                                <icmp-type-range>
185                                    <last>8</last>
186                                    <first>5</first>
187                                </icmp-type-range>
188                                <icmp-code-range>
189                                    <last>3</last>
190                                    <first>1</first>
191                                </icmp-code-range>
192                            </icmp-nodes>
193                        </vpp-ace-nodes>
194                    </matches>
195                    <actions>
196                        <permit/>
197                    </actions>
198                </ace>
199                <ace>
200                    <rule-name>new-icmp-rule</rule-name>
201                    <matches>
202                        <vpp-ace-nodes xmlns="urn:opendaylight:params:xml:ns:yang:vpp:acl">
203                            <destination-ipv4-network>10.1.1.1/24</destination-ipv4-network>
204                            <source-ipv4-network>10.2.2.2/32</source-ipv4-network>
205                            <icmp-nodes>
206                                <icmp-type-range>
207                                    <first>4</first>
208                                    <last>9</last>
209                                </icmp-type-range>
210                            </icmp-nodes>
211                        </vpp-ace-nodes>
212                    </matches>
213                    <actions>
214                        <permit/>
215                    </actions>
216                </ace>
217            </access-list-entries>
218        </acl>
219    </access-lists>
220</data>
221