experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[Code formatting: Change indentation style to space](https://github.com/clicon/clixon/issues/379)

Browse source 
* Applies to all c/h/y/l/sh files and .editorconfig
This commit is contained in:
Olof hagsand 2022-10-27 14:21:17 +02:00
parent a9d1ab006c
commit d84c529ff1
376 changed files with 38147 additions and 38133 deletions
Download patch file Download diff file Expand all files Collapse all files

256
yang/clixon/clixon-autocli@2022-02-11.yang
View file

@ -4,13 +4,13 @@ module clixon-autocli{
prefix autocli;
organization
"Clicon / Clixon";
"Clicon / Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"Clixon CLIgen specification declarations, including autocli.
"Clixon CLIgen specification declarations, including autocli.
Design inspired by ietf-netconf-acm.yang
***** BEGIN LICENSE BLOCK *****
@ -42,40 +42,40 @@ module clixon-autocli{
***** END LICENSE BLOCK *****";
revision 2022-02-11 {
description
"Initial version
description
"Initial version
Released in Clixon 5.6";
}
revision 2021-12-05 {
description
"Initial version
description
"Initial version
Released in Clixon 5.5";
}
extension hide {
description
"Modify the autocli by hiding the command associated with a YANG node and its
description
"Modify the autocli by hiding the command associated with a YANG node and its
sub-commands.
The command is active but not shown by ? or TAB. In other words, it hides the
auto-completion of commands";
}
extension hide-show {
description
"Modify the autocli by hiding the command associated with a YANG node and its
description
"Modify the autocli by hiding the command associated with a YANG node and its
sub-commands in CLI show commands.";
}
extension strict-expand {
description
"Modify the autocli by only showing exactly the expanded values of a variable.
description
"Modify the autocli by only showing exactly the expanded values of a variable.
It should not be possible to add a new value that is not in the expanded list.";
}
typedef autocli-op {
description
"Autocli rule-type operation, each rule use different fields as
description
"Autocli rule-type operation, each rule use different fields as
described in the individual enums below.";
type enumeration {
enum enable {
description
"Include a complete subtree to rendering of autocli.
type enumeration {
enum enable {
description
"Include a complete subtree to rendering of autocli.
Example:
<module-default>false</module-default>
<rule>
@ -85,163 +85,163 @@ module clixon-autocli{
</rule>
Only on module-level and if module-default is false,
Rule fields used: module-name";
}
enum compress {
description
"Skip a keyword from a command.
}
enum compress {
description
"Skip a keyword from a command.
Keep the command, only make it shorter by omitting a part.
Example: compress containers if single list child
<rule>
<name>container compress</name>
<operation>compress</operation>
<yang-keyword>container</yang-keyword>
<yang-keyword-child>list</yang-keyword-child>
<yang-keyword>container</yang-keyword>
<yang-keyword-child>list</yang-keyword-child>
</rule>
Rule fields used:
module-name, yang-keyword, schema-nodeid, yang-keyword-child, extension";
}
enum edit-mode {
description
"Autocli CLI edit modes for YANG symbols.
}
enum edit-mode {
description
"Autocli CLI edit modes for YANG symbols.
For example,
edit interface eth0<CR>
enters a new mode with local context.";
}
}
}
}
}
typedef list-keyword-type {
description
"Autocli CLI keyword behaviour in YANG lists.
description
"Autocli CLI keyword behaviour in YANG lists.
With 'keyword' is meant CLIgen 'constants' rather than 'variables'.
Assume a YANG LIST: list a{ key x; leaf x; leaf y;} and how to generate
the autocli";
type enumeration {
enum kw-none{
description "No extra keywords, only variables: a <x> <y>";
}
enum kw-nokey{
description "Keywords on non-key variables: a <x> y <y>";
}
enum kw-all{
description "Keywords on all variables: a x <x> y <y>";
}
}
type enumeration {
enum kw-none{
description "No extra keywords, only variables: a <x> <y>";
}
enum kw-nokey{
description "Keywords on non-key variables: a <x> y <y>";
}
enum kw-all{
description "Keywords on all variables: a x <x> y <y>";
}
}
}
typedef yang-keywords {
type bits {
bit list;
bit listall{ /* NYI */
description
"Variant of list encompassing all list entries, not just an instance";
}
bit container;
bit leaf; /* Also leaf-list (NYI) */
bit list;
bit listall{ /* NYI */
description
"Variant of list encompassing all list entries, not just an instance";
}
bit container;
bit leaf; /* Also leaf-list (NYI) */
}
}
grouping clixon-autocli{
/* options */
leaf module-default {
description
"Include YANG modules for generation of autocli.
/* options */
leaf module-default {
description
"Include YANG modules for generation of autocli.
If true, all modules with a top-level datanode are generated, ie
they get a top-level entry in the @basemodel tree.
If false, you need to explicitly enable modules for autocli generation
using 'enable' rules";
type boolean;
default true;
}
leaf list-keyword-default {
description
"Autocli CLI keyword behaviour in YANG lists.";
type list-keyword-type;
default kw-nokey;
}
leaf treeref-state-default {
description
"If 'true', generate CLI from YANG state/non-config statements as well, not only config data.
type boolean;
default true;
}
leaf list-keyword-default {
description
"Autocli CLI keyword behaviour in YANG lists.";
type list-keyword-type;
default kw-nokey;
}
leaf treeref-state-default {
description
"If 'true', generate CLI from YANG state/non-config statements as well, not only config data.
Many specs have very large state parts, for example openconfig has ca 10 times
larger state than config parts, see for example openconfig-isis.yang.";
type boolean;
default false;
}
leaf edit-mode-default {
description
"Open automatic edit-modes for some YANG keywords and do not allow others.
type boolean;
default false;
}
leaf edit-mode-default {
description
"Open automatic edit-modes for some YANG keywords and do not allow others.
A CLI edit mode opens a carriage-return option and changes the context to be
in that local context.
For example:
cli> interfaces interface e0<cr>
eth0>
Default is to generate edit-modes for all containers and lists.";
type yang-keywords;
default "list container";
}
leaf completion-default {
description
"Generate code for CLI completion of existing db symbols.
type yang-keywords;
default "list container";
}
leaf completion-default {
description
"Generate code for CLI completion of existing db symbols.
That is, check existing configure database for completion options.
This is normally always enabled.";
type boolean;
default true;
}
/* rules */
list rule {
description
"Represents a modification rule of a clixon clispec.";
key name;
leaf name {
description
"Arbitrary name assigned for the rule, must be unique";
type string;
}
leaf description {
description
"Rule description";
type string;
}
leaf operation {
description "Rule operation";
type autocli-op;
}
leaf module-name {
description
"Name of the module associated with this rule.
type boolean;
default true;
}
/* rules */
list rule {
description
"Represents a modification rule of a clixon clispec.";
key name;
leaf name {
description
"Arbitrary name assigned for the rule, must be unique";
type string;
}
leaf description {
description
"Rule description";
type string;
}
leaf operation {
description "Rule operation";
type autocli-op;
}
leaf module-name {
description
"Name of the module associated with this rule.
Wildchars '*' and '?' can be used (glob pattern).
Revision and yang suffix are omitted
Example: 'openconfig-*'";
type string;
}
leaf yang-keyword {
description
"If present identifes a YANG keyword which the rule applies to
type string;
}
leaf yang-keyword {
description
"If present identifes a YANG keyword which the rule applies to
Example: 'container'
";
type string;
}
leaf schema-nodeid {
description
"path in the form of /<id>/<id> or just a single <id> identifying a YANG
type string;
}
leaf schema-nodeid {
description
"path in the form of /<id>/<id> or just a single <id> identifying a YANG
schema-node identifier as defined in RFC 7950 Sec 6.5
Example: 'config', '/interfaces/interface'";
type string;
}
leaf yang-keyword-child {
description
"The YANG statement has a single child, and the yang type of the child is the
type string;
}
leaf yang-keyword-child {
description
"The YANG statement has a single child, and the yang type of the child is the
value of this option
A (maybe too) specific property to cover openconfig compressions
as defined here:
https://github.com/openconfig/ygot/blob/master/docs/design.md#openconfig-path-compression";
type string;
}
leaf extension {
/* Consider making this a container with name/module/value instead */
description
"The extension is set either in the node itself, or in this module
type string;
}
leaf extension {
/* Consider making this a container with name/module/value instead */
description
"The extension is set either in the node itself, or in this module
Extension prefix must be set
Example: oc-ext:openconfig-version";
type string;
}
}
type string;
}
}
}
}

1254
yang/clixon/clixon-config@2022-02-11.yang
View file

File diff suppressed because it is too large Load diff

1312
yang/clixon/clixon-config@2022-03-21.yang
View file

File diff suppressed because it is too large Load diff

280
yang/clixon/clixon-lib@2021-11-11.yang
View file

@ -4,13 +4,13 @@ module clixon-lib {
prefix cl;
import ietf-yang-types {
prefix yang;
prefix yang;
}
organization
"Clicon / Clixon";
"Clicon / Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"Clixon Netconf extensions for communication between clients and backend.
@ -45,39 +45,39 @@ module clixon-lib {
***** END LICENSE BLOCK *****";
revision 2021-11-11 {
description
"Changed: RPC stats extended with YANG stats";
description
"Changed: RPC stats extended with YANG stats";
}
revision 2021-03-08 {
description
"Changed: RPC process-control output to choice dependent on operation";
description
"Changed: RPC process-control output to choice dependent on operation";
}
revision 2020-12-30 {
description
"Changed: RPC process-control output parameter status to pid";
description
"Changed: RPC process-control output parameter status to pid";
}
revision 2020-12-08 {
description
"Added: autocli-op extension.
description
"Added: autocli-op extension.
rpc process-control for process/daemon management
Released in clixon 4.9";
}
revision 2020-04-23 {
description
"Added: stats RPC for clixon XML and memory statistics.
description
"Added: stats RPC for clixon XML and memory statistics.
Added: restart-plugin RPC for restarting individual plugins without restarting backend.";
}
revision 2019-08-13 {
description
"No changes (reverted change)";
description
"No changes (reverted change)";
}
revision 2019-06-05 {
description
"ping rpc added for liveness";
description
"ping rpc added for liveness";
}
revision 2019-01-02 {
description
"Released in Clixon 3.9";
description
"Released in Clixon 3.9";
}
typedef service-operation {
type enumeration {
@ -107,156 +107,156 @@ module clixon-lib {
this point in the YANG tree for the automated generated CLI.
Note that this extension is only used in clixon_cli.
Operations is expected to be extended, but the following operations are defined:
- hide This command is active but not shown by ? or TAB (meaning, it hides the auto-completion of commands)
- hide-database This command hides the database
- hide This command is active but not shown by ? or TAB (meaning, it hides the auto-completion of commands)
- hide-database This command hides the database
- hide-database-auto-completion This command hides the database and the auto completion (meaning, this command acts as both commands above)";
argument cliop;
}
rpc debug {
description "Set debug level of backend.";
input {
leaf level {
type uint32;
}
}
description "Set debug level of backend.";
input {
leaf level {
type uint32;
}
}
}
rpc ping {
description "Check aliveness of backend daemon.";
}
rpc stats {
description "Clixon XML statistics.";
output {
container global{
description
"Clixon global statistics.
output {
container global{
description
"Clixon global statistics.
These are global counters incremented by new() and decreased by free() calls.
This number is higher than the sum of all datastore/module residing objects, since
objects may be used for other purposes than datastore/modules";
leaf xmlnr{
description
"Number of existing XML objects: number of residing xml/json objects
leaf xmlnr{
description
"Number of existing XML objects: number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf yangnr{
description
"Number of resident YANG objects. ";
type uint64;
}
}
list datastore{
description "Per datastore statistics for cxobj";
key "name";
leaf name{
description "Name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
type uint64;
}
leaf yangnr{
description
"Number of resident YANG objects. ";
type uint64;
}
}
list datastore{
description "Per datastore statistics for cxobj";
key "name";
leaf name{
description "Name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
list module{
description "Per YANG module statistics";
key "name";
leaf name{
description "Name of YANG module.";
type string;
}
leaf nr{
description
"Number of YANG objects. That is number of residing YANG objects";
type uint64;
}
leaf size{
description
"Size in bytes of internal YANG object representation.";
type uint64;
}
}
}
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
list module{
description "Per YANG module statistics";
key "name";
leaf name{
description "Name of YANG module.";
type string;
}
leaf nr{
description
"Number of YANG objects. That is number of residing YANG objects";
type uint64;
}
leaf size{
description
"Size in bytes of internal YANG object representation.";
type uint64;
}
}
}
}
rpc restart-plugin {
description "Restart specific backend plugins.";
input {
leaf-list plugin {
description "Name of plugin to restart";
type string;
}
}
description "Restart specific backend plugins.";
input {
leaf-list plugin {
description "Name of plugin to restart";
type string;
}
}
}
rpc process-control {
description
"Control a specific process or daemon: start/stop, etc.
description
"Control a specific process or daemon: start/stop, etc.
This is for direct managing of a process by the backend.
Alternatively one can manage a daemon via systemd, containerd, kubernetes, etc.";
input {
leaf name {
description "Name of process";
type string;
mandatory true;
}
leaf operation {
type service-operation;
mandatory true;
description
"One of the strings 'start', 'stop', 'restart', or 'status'.";
}
}
output {
choice result {
case status {
description
"Output from status rpc";
leaf active {
description
"True if process is running, false if not.
input {
leaf name {
description "Name of process";
type string;
mandatory true;
}
leaf operation {
type service-operation;
mandatory true;
description
"One of the strings 'start', 'stop', 'restart', or 'status'.";
}
}
output {
choice result {
case status {
description
"Output from status rpc";
leaf active {
description
"True if process is running, false if not.
More specifically, there is a process-id and it exists (in Linux: kill(pid,0).
Note that this is actual state and status is administrative state,
which means that changing the administrative state, eg stopped->running
may not immediately switch active to true.";
type boolean;
}
leaf description {
type string;
description "Description of process. This is a static string";
}
leaf command {
type string;
description "Start command with arguments";
}
leaf status {
description
"Administrative status (except on external kill where it enters stopped
type boolean;
}
leaf description {
type string;
description "Description of process. This is a static string";
}
leaf command {
type string;
description "Start command with arguments";
}
leaf status {
description
"Administrative status (except on external kill where it enters stopped
directly from running):
stopped: pid=0, No process running
running: pid set, Process started and believed to be running
exiting: pid set, Process is killed by parent but not waited for";
type string;
}
leaf starttime {
description "Time of starting process UTC";
type yang:date-and-time;
}
leaf pid {
description "Process-id of main running process (if active)";
type uint32;
}
}
case other {
description
"Output from start/stop/restart rpc";
leaf ok {
type empty;
}
}
}
}
type string;
}
leaf starttime {
description "Time of starting process UTC";
type yang:date-and-time;
}
leaf pid {
description "Process-id of main running process (if active)";
type uint32;
}
}
case other {
description
"Output from start/stop/restart rpc";
leaf ok {
type empty;
}
}
}
}
}
}

284
yang/clixon/clixon-lib@2021-12-05.yang
View file

@ -4,13 +4,13 @@ module clixon-lib {
prefix cl;
import ietf-yang-types {
prefix yang;
prefix yang;
}
organization
"Clicon / Clixon";
"Clicon / Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"Clixon Netconf extensions for communication between clients and backend.
@ -45,43 +45,43 @@ module clixon-lib {
***** END LICENSE BLOCK *****";
revision 2021-12-05 {
description
"Obsoleted: extension autocli-op";
description
"Obsoleted: extension autocli-op";
}
revision 2021-11-11 {
description
"Changed: RPC stats extended with YANG stats";
description
"Changed: RPC stats extended with YANG stats";
}
revision 2021-03-08 {
description
"Changed: RPC process-control output to choice dependent on operation";
description
"Changed: RPC process-control output to choice dependent on operation";
}
revision 2020-12-30 {
description
"Changed: RPC process-control output parameter status to pid";
description
"Changed: RPC process-control output parameter status to pid";
}
revision 2020-12-08 {
description
"Added: autocli-op extension.
description
"Added: autocli-op extension.
rpc process-control for process/daemon management
Released in clixon 4.9";
}
revision 2020-04-23 {
description
"Added: stats RPC for clixon XML and memory statistics.
description
"Added: stats RPC for clixon XML and memory statistics.
Added: restart-plugin RPC for restarting individual plugins without restarting backend.";
}
revision 2019-08-13 {
description
"No changes (reverted change)";
description
"No changes (reverted change)";
}
revision 2019-06-05 {
description
"ping rpc added for liveness";
description
"ping rpc added for liveness";
}
revision 2019-01-02 {
description
"Released in Clixon 3.9";
description
"Released in Clixon 3.9";
}
typedef service-operation {
type enumeration {
@ -111,158 +111,158 @@ module clixon-lib {
this point in the YANG tree for the automated generated CLI.
Note that this extension is only used in clixon_cli.
Operations is expected to be extended, but the following operations are defined:
- hide This command is active but not shown by ? or TAB (meaning, it hides the auto-completion of commands)
- hide-database This command hides the database
- hide This command is active but not shown by ? or TAB (meaning, it hides the auto-completion of commands)
- hide-database This command hides the database
- hide-database-auto-completion This command hides the database and the auto completion (meaning, this command acts as both commands above)
Obsolete: use clixon-autocli:hide and clixon-autocli:hide-show instead";
argument cliop;
status obsolete;
}
rpc debug {
description "Set debug level of backend.";
input {
leaf level {
type uint32;
}
}
description "Set debug level of backend.";
input {
leaf level {
type uint32;
}
}
}
rpc ping {
description "Check aliveness of backend daemon.";
}
rpc stats {
description "Clixon XML statistics.";
output {
container global{
description
"Clixon global statistics.
output {
container global{
description
"Clixon global statistics.
These are global counters incremented by new() and decreased by free() calls.
This number is higher than the sum of all datastore/module residing objects, since
objects may be used for other purposes than datastore/modules";
leaf xmlnr{
description
"Number of existing XML objects: number of residing xml/json objects
leaf xmlnr{
description
"Number of existing XML objects: number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf yangnr{
description
"Number of resident YANG objects. ";
type uint64;
}
}
list datastore{
description "Per datastore statistics for cxobj";
key "name";
leaf name{
description "Name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
type uint64;
}
leaf yangnr{
description
"Number of resident YANG objects. ";
type uint64;
}
}
list datastore{
description "Per datastore statistics for cxobj";
key "name";
leaf name{
description "Name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
list module{
description "Per YANG module statistics";
key "name";
leaf name{
description "Name of YANG module.";
type string;
}
leaf nr{
description
"Number of YANG objects. That is number of residing YANG objects";
type uint64;
}
leaf size{
description
"Size in bytes of internal YANG object representation.";
type uint64;
}
}
}
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
list module{
description "Per YANG module statistics";
key "name";
leaf name{
description "Name of YANG module.";
type string;
}
leaf nr{
description
"Number of YANG objects. That is number of residing YANG objects";
type uint64;
}
leaf size{
description
"Size in bytes of internal YANG object representation.";
type uint64;
}
}
}
}
rpc restart-plugin {
description "Restart specific backend plugins.";
input {
leaf-list plugin {
description "Name of plugin to restart";
type string;
}
}
description "Restart specific backend plugins.";
input {
leaf-list plugin {
description "Name of plugin to restart";
type string;
}
}
}
rpc process-control {
description
"Control a specific process or daemon: start/stop, etc.
description
"Control a specific process or daemon: start/stop, etc.
This is for direct managing of a process by the backend.
Alternatively one can manage a daemon via systemd, containerd, kubernetes, etc.";
input {
leaf name {
description "Name of process";
type string;
mandatory true;
}
leaf operation {
type service-operation;
mandatory true;
description
"One of the strings 'start', 'stop', 'restart', or 'status'.";
}
}
output {
choice result {
case status {
description
"Output from status rpc";
leaf active {
description
"True if process is running, false if not.
input {
leaf name {
description "Name of process";
type string;
mandatory true;
}
leaf operation {
type service-operation;
mandatory true;
description
"One of the strings 'start', 'stop', 'restart', or 'status'.";
}
}
output {
choice result {
case status {
description
"Output from status rpc";
leaf active {
description
"True if process is running, false if not.
More specifically, there is a process-id and it exists (in Linux: kill(pid,0).
Note that this is actual state and status is administrative state,
which means that changing the administrative state, eg stopped->running
may not immediately switch active to true.";
type boolean;
}
leaf description {
type string;
description "Description of process. This is a static string";
}
leaf command {
type string;
description "Start command with arguments";
}
leaf status {
description
"Administrative status (except on external kill where it enters stopped
type boolean;
}
leaf description {
type string;
description "Description of process. This is a static string";
}
leaf command {
type string;
description "Start command with arguments";
}
leaf status {
description
"Administrative status (except on external kill where it enters stopped
directly from running):
stopped: pid=0, No process running
running: pid set, Process started and believed to be running
exiting: pid set, Process is killed by parent but not waited for";
type string;
}
leaf starttime {
description "Time of starting process UTC";
type yang:date-and-time;
}
leaf pid {
description "Process-id of main running process (if active)";
type uint32;
}
}
case other {
description
"Output from start/stop/restart rpc";
leaf ok {
type empty;
}
}
}
}
type string;
}
leaf starttime {
description "Time of starting process UTC";
type yang:date-and-time;
}
leaf pid {
description "Process-id of main running process (if active)";
type uint32;
}
}
case other {
description
"Output from start/stop/restart rpc";
leaf ok {
type empty;
}
}
}
}
}
}

294
yang/clixon/clixon-restconf@2022-03-21.yang
View file

@ -4,17 +4,17 @@ module clixon-restconf {
prefix "clrc";
import ietf-inet-types {
prefix inet;
prefix inet;
}
organization
"Clixon";
"Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"This YANG module provides a data-model for the Clixon RESTCONF daemon.
"This YANG module provides a data-model for the Clixon RESTCONF daemon.
There is also clixon-config also including some restconf options.
The separation is not always logical but there are some reasons for the split:
1. Some data (ie 'socket') is structurally complex and cannot be expressed as a
@ -54,36 +54,36 @@ module clixon-restconf {
***** END LICENSE BLOCK *****";
revision 2022-03-21 {
description
"Added feature:
description
"Added feature:
http-data - Limited static http server
Released in Clixon 5.7";
}
revision 2021-05-20 {
description
"Added log-destination for restconf
description
"Added log-destination for restconf
Released in Clixon 5.2";
}
revision 2021-03-15 {
description
"make authentication-type none a feature
Added flag to enable core dumps
description
"make authentication-type none a feature
Added flag to enable core dumps
Released in Clixon 5.1";
}
revision 2020-12-30 {
description
"Added: debug field
description
"Added: debug field
Added 'none' as default value for auth-type
Changed http-auth-type enum from 'password' to 'user'";
}
revision 2020-10-30 {
description
"Initial release";
description
"Initial release";
}
feature fcgi {
description
"This feature indicates that the restconf server supports the fast-cgi reverse
description
"This feature indicates that the restconf server supports the fast-cgi reverse
proxy solution.
That is, a reverse proxy is the HTTP front-end and the restconf daemon listens
to a fcgi socket.
@ -92,12 +92,12 @@ module clixon-restconf {
feature allow-auth-none {
description
"This feature allows the use of authentication-type none.";
"This feature allows the use of authentication-type none.";
}
feature http-data {
description
"This feature allows for a very limited static http-data function as
description
"This feature allows for a very limited static http-data function as
addition to RESTCONF.
It is limited to:
1. path: Local static files within WWW_DATA_ROOT
@ -110,98 +110,98 @@ module clixon-restconf {
}
typedef http-auth-type {
type enumeration {
enum none {
if-feature "allow-auth-none";
description
"Incoming message are set to authenticated by default. No ca-auth callback is called,
type enumeration {
enum none {
if-feature "allow-auth-none";
description
"Incoming message are set to authenticated by default. No ca-auth callback is called,
Authenticated user is set to special user 'none'.
Typically assumes NACM is not enabled.";
}
enum client-certificate {
description
"TLS client certificate validation is made on each incoming message. If it passes
}
enum client-certificate {
description
"TLS client certificate validation is made on each incoming message. If it passes
the authenticated user is extracted from the SSL_CN parameter
The ca-auth callback can be used to revise this behavior.";
}
enum user {
description
"User-defined authentication as defined by the ca-auth callback.
}
enum user {
description
"User-defined authentication as defined by the ca-auth callback.
One example is some form of password authentication, such as basic auth.";
}
}
description
"Enumeration of HTTP authorization types.";
}
}
description
"Enumeration of HTTP authorization types.";
}
typedef log-destination {
type enumeration {
enum syslog {
description
"Log to syslog with:
type enumeration {
enum syslog {
description
"Log to syslog with:
ident: clixon_restconf and PID
facility: LOG_USER";
}
enum file {
description
"Log to generated file at /var/log/clixon_restconf.log";
}
}
}
enum file {
description
"Log to generated file at /var/log/clixon_restconf.log";
}
}
}
grouping clixon-restconf{
description
"HTTP RESTCONF configuration.";
leaf enable {
type boolean;
default "false";
description
"Enables RESTCONF functionality.
description
"HTTP RESTCONF configuration.";
leaf enable {
type boolean;
default "false";
description
"Enables RESTCONF functionality.
Note that starting/stopping of a restconf daemon is different from it being
enabled or not.
For example, if the restconf daemon is under systemd management, the restconf
daemon will only start if enable=true.";
}
leaf enable-http-data {
type boolean;
default "false";
if-feature "http-data";
description
"Enables Limited static http-data functionality.
}
leaf enable-http-data {
type boolean;
default "false";
if-feature "http-data";
description
"Enables Limited static http-data functionality.
enable must be true for this option to be meaningful.";
}
leaf auth-type {
type http-auth-type;
description
"The authentication type.
}
leaf auth-type {
type http-auth-type;
description
"The authentication type.
Note client-certificate applies only if ssl-enable is true and socket has ssl";
default user;
}
leaf debug {
description
"Set debug level of restconf daemon.
default user;
}
leaf debug {
description
"Set debug level of restconf daemon.
0 is no debug, 1 is debugging, more is detailed debug.
Debug logs will be directed to log-destination with LOG_DEBUG level (for syslog)";
type uint32;
default 0;
}
leaf log-destination {
description
"Log destination.
type uint32;
default 0;
}
leaf log-destination {
description
"Log destination.
If debug is not set, only notice, error and warning will be logged";
type log-destination;
default syslog;
}
leaf enable-core-dump {
description
"enable core dumps.
type log-destination;
default syslog;
}
leaf enable-core-dump {
description
"enable core dumps.
this is a no-op on systems that don't support it.";
type boolean;
default false;
}
leaf pretty {
type boolean;
default true;
description
"Restconf return value pretty print.
type boolean;
default false;
}
leaf pretty {
type boolean;
default true;
description
"Restconf return value pretty print.
Restconf clients may add HTTP header:
Accept: application/yang-data+json, or
Accept: application/yang-data+xml
@ -210,75 +210,75 @@ module clixon-restconf {
Setting this value to false makes restconf return not pretty-printed
which may be desirable for performance or tests
This replaces the CLICON_RESTCONF_PRETTY option in clixon-config.yang";
}
/* From this point only specific options
* First fcgi-specific options
*/
leaf fcgi-socket {
if-feature fcgi; /* Set by default by fcgi clixon_restconf daemon */
type string;
default "/www-data/fastcgi_restconf.sock";
description
"Path to FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock
}
/* From this point only specific options
* First fcgi-specific options
*/
leaf fcgi-socket {
if-feature fcgi; /* Set by default by fcgi clixon_restconf daemon */
type string;
default "/www-data/fastcgi_restconf.sock";
description
"Path to FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock
Only if with-restconf=fcgi, NOT native
This replaces CLICON_RESTCONF_PATH option in clixon-config.yang";
}
/* Second, local native options */
leaf server-cert-path {
type string;
description
"Path to server certificate file.
}
/* Second, local native options */
leaf server-cert-path {
type string;
description
"Path to server certificate file.
Note only applies if socket has ssl enabled";
}
leaf server-key-path {
type string;
description
"Path to server key file
}
leaf server-key-path {
type string;
description
"Path to server key file
Note only applies if socket has ssl enabled";
}
leaf server-ca-cert-path {
type string;
description
"Path to server CA cert file
Note only applies if socket has ssl enabled";
}
list socket {
description
"List of server sockets that the restconf daemon listens to.
}
leaf server-ca-cert-path {
type string;
description
"Path to server CA cert file
Note only applies if socket has ssl enabled";
}
list socket {
description
"List of server sockets that the restconf daemon listens to.
Not fcgi";
key "namespace address port";
leaf namespace {
type string;
description
"Network namespace.
key "namespace address port";
leaf namespace {
type string;
description
"Network namespace.
On platforms where namespaces are not suppported, 'default'
Default value can be changed by RESTCONF_NETNS_DEFAULT";
}
leaf address {
type inet:ip-address;
description "IP address to bind to";
}
leaf port {
type inet:port-number;
description "TCP port to bind to";
}
leaf ssl {
type boolean;
default true;
description "Enable for HTTPS otherwise HTTP protocol";
}
}
}
leaf address {
type inet:ip-address;
description "IP address to bind to";
}
leaf port {
type inet:port-number;
description "TCP port to bind to";
}
leaf ssl {
type boolean;
default true;
description "Enable for HTTPS otherwise HTTP protocol";
}
}
}
container restconf {
description
"This presence is strictly not necessary since the enable flag
description
"This presence is strictly not necessary since the enable flag
in clixon-restconf is the flag bearing the actual semantics.
However, removing the presence leads to default config in all
clixon installations, even those which do not use backend-started restconf.
One could see this as mostly cosmetically annoying.
Alternative would be to make the inclusion of this yang conditional.";
presence "Enables RESTCONF";
uses clixon-restconf;
presence "Enables RESTCONF";
uses clixon-restconf;
}
}

408
yang/clixon/clixon-restconf@2022-08-01.yang
View file

@ -4,17 +4,17 @@ module clixon-restconf {
prefix "clrc";
import ietf-inet-types {
prefix inet;
prefix inet;
}
organization
"Clixon";
"Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"This YANG module provides a data-model for the Clixon RESTCONF daemon.
"This YANG module provides a data-model for the Clixon RESTCONF daemon.
There is also clixon-config also including some restconf options.
The separation is not always logical but there are some reasons for the split:
1. Some data (ie 'socket') is structurally complex and cannot be expressed as a
@ -28,40 +28,40 @@ module clixon-restconf {
Some of this spec if in-lined from ietf-restconf-server@2022-05-24.yang
";
revision 2022-08-01 {
description
"Added socket/call-home container
description
"Added socket/call-home container
Released in Clixon 5.9";
}
revision 2022-03-21 {
description
"Added feature:
description
"Added feature:
http-data - Limited static http server
Released in Clixon 5.7";
}
revision 2021-05-20 {
description
"Added log-destination for restconf
description
"Added log-destination for restconf
Released in Clixon 5.2";
}
revision 2021-03-15 {
description
"make authentication-type none a feature
Added flag to enable core dumps
description
"make authentication-type none a feature
Added flag to enable core dumps
Released in Clixon 5.1";
}
revision 2020-12-30 {
description
"Added: debug field
description
"Added: debug field
Added 'none' as default value for auth-type
Changed http-auth-type enum from 'password' to 'user'";
}
revision 2020-10-30 {
description
"Initial release";
description
"Initial release";
}
feature fcgi {
description
"This feature indicates that the restconf server supports the fast-cgi reverse
description
"This feature indicates that the restconf server supports the fast-cgi reverse
proxy solution.
That is, a reverse proxy is the HTTP front-end and the restconf daemon listens
to a fcgi socket.
@ -70,12 +70,12 @@ module clixon-restconf {
feature allow-auth-none {
description
"This feature allows the use of authentication-type none.";
"This feature allows the use of authentication-type none.";
}
feature http-data {
description
"This feature allows for a very limited static http-data function as
description
"This feature allows for a very limited static http-data function as
addition to RESTCONF.
It is limited to:
1. path: Local static files within WWW_DATA_ROOT
@ -87,98 +87,98 @@ module clixon-restconf {
7. HTTP/1+2, TLS as restconf";
}
typedef http-auth-type {
type enumeration {
enum none {
if-feature "allow-auth-none";
description
"Incoming message are set to authenticated by default. No ca-auth callback is called,
type enumeration {
enum none {
if-feature "allow-auth-none";
description
"Incoming message are set to authenticated by default. No ca-auth callback is called,
Authenticated user is set to special user 'none'.
Typically assumes NACM is not enabled.";
}
enum client-certificate {
description
"TLS client certificate validation is made on each incoming message. If it passes
}
enum client-certificate {
description
"TLS client certificate validation is made on each incoming message. If it passes
the authenticated user is extracted from the SSL_CN parameter
The ca-auth callback can be used to revise this behavior.";
}
enum user {
description
"User-defined authentication as defined by the ca-auth callback.
}
enum user {
description
"User-defined authentication as defined by the ca-auth callback.
One example is some form of password authentication, such as basic auth.";
}
}
description
"Enumeration of HTTP authorization types.";
}
}
description
"Enumeration of HTTP authorization types.";
}
typedef log-destination {
type enumeration {
enum syslog {
description
"Log to syslog with:
type enumeration {
enum syslog {
description
"Log to syslog with:
ident: clixon_restconf and PID
facility: LOG_USER";
}
enum file {
description
"Log to generated file at /var/log/clixon_restconf.log";
}
}
}
enum file {
description
"Log to generated file at /var/log/clixon_restconf.log";
}
}
}
grouping clixon-restconf{
description
"HTTP RESTCONF configuration.";
leaf enable {
type boolean;
default "false";
description
"Enables RESTCONF functionality.
description
"HTTP RESTCONF configuration.";
leaf enable {
type boolean;
default "false";
description
"Enables RESTCONF functionality.
Note that starting/stopping of a restconf daemon is different from it being
enabled or not.
For example, if the restconf daemon is under systemd management, the restconf
daemon will only start if enable=true.";
}
leaf enable-http-data {
type boolean;
default "false";
if-feature "http-data";
description
"Enables Limited static http-data functionality.
}
leaf enable-http-data {
type boolean;
default "false";
if-feature "http-data";
description
"Enables Limited static http-data functionality.
enable must be true for this option to be meaningful.";
}
leaf auth-type {
type http-auth-type;
description
"The authentication type.
}
leaf auth-type {
type http-auth-type;
description
"The authentication type.
Note client-certificate applies only if ssl-enable is true and socket has ssl";
default user;
}
leaf debug {
description
"Set debug level of restconf daemon.
default user;
}
leaf debug {
description
"Set debug level of restconf daemon.
0 is no debug, 1 is debugging, more is detailed debug.
Debug logs will be directed to log-destination with LOG_DEBUG level (for syslog)";
type uint32;
default 0;
}
leaf log-destination {
description
"Log destination.
type uint32;
default 0;
}
leaf log-destination {
description
"Log destination.
If debug is not set, only notice, error and warning will be logged";
type log-destination;
default syslog;
}
leaf enable-core-dump {
description
"enable core dumps.
type log-destination;
default syslog;
}
leaf enable-core-dump {
description
"enable core dumps.
this is a no-op on systems that don't support it.";
type boolean;
default false;
}
leaf pretty {
type boolean;
default true;
description
"Restconf return value pretty print.
type boolean;
default false;
}
leaf pretty {
type boolean;
default true;
description
"Restconf return value pretty print.
Restconf clients may add HTTP header:
Accept: application/yang-data+json, or
Accept: application/yang-data+xml
@ -187,141 +187,141 @@ module clixon-restconf {
Setting this value to false makes restconf return not pretty-printed
which may be desirable for performance or tests
This replaces the CLICON_RESTCONF_PRETTY option in clixon-config.yang";
}
/* From this point only specific options
* First fcgi-specific options
*/
leaf fcgi-socket {
if-feature fcgi; /* Set by default by fcgi clixon_restconf daemon */
type string;
default "/www-data/fastcgi_restconf.sock";
description
"Path to FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock
}
/* From this point only specific options
* First fcgi-specific options
*/
leaf fcgi-socket {
if-feature fcgi; /* Set by default by fcgi clixon_restconf daemon */
type string;
default "/www-data/fastcgi_restconf.sock";
description
"Path to FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock
Only if with-restconf=fcgi, NOT native
This replaces CLICON_RESTCONF_PATH option in clixon-config.yang";
}
/* Second, local native options */
leaf server-cert-path {
type string;
description
"Path to server certificate file.
}
/* Second, local native options */
leaf server-cert-path {
type string;
description
"Path to server certificate file.
Note only applies if socket has ssl enabled";
}
leaf server-key-path {
type string;
description
"Path to server key file
}
leaf server-key-path {
type string;
description
"Path to server key file
Note only applies if socket has ssl enabled";
}
leaf server-ca-cert-path {
type string;
description
"Path to server CA cert file
Note only applies if socket has ssl enabled";
}
list socket {
description
"List of server sockets that the restconf daemon listens to.
}
leaf server-ca-cert-path {
type string;
description
"Path to server CA cert file
Note only applies if socket has ssl enabled";
}
list socket {
description
"List of server sockets that the restconf daemon listens to.
Not fcgi";
key "namespace address port";
leaf namespace {
type string;
description
"Network namespace.
key "namespace address port";
leaf namespace {
type string;
description
"Network namespace.
On platforms where namespaces are not suppported, 'default'
Default value can be changed by RESTCONF_NETNS_DEFAULT";
}
leaf description{
type string;
}
leaf address {
type inet:ip-address;
description "IP address to bind to";
}
leaf port {
type inet:port-number;
description "TCP port to bind to";
}
leaf ssl {
type boolean;
default true;
description "Enable for HTTPS otherwise HTTP protocol";
}
/* Some of this in-lined from ietf-restconf-server@2022-05-24.yang */
container call-home {
presence
"Identifies that the server has been configured to initiate
}
leaf description{
type string;
}
leaf address {
type inet:ip-address;
description "IP address to bind to";
}
leaf port {
type inet:port-number;
description "TCP port to bind to";
}
leaf ssl {
type boolean;
default true;
description "Enable for HTTPS otherwise HTTP protocol";
}
/* Some of this in-lined from ietf-restconf-server@2022-05-24.yang */
container call-home {
presence
"Identifies that the server has been configured to initiate
call home connections.
If set, address/port refers to destination.";
description
"See RFC 8071 NETCONF Call Home and RESTCONF Call Home";
container connection-type {
description
"Indicates the RESTCONF server's preference for how the
If set, address/port refers to destination.";
description
"See RFC 8071 NETCONF Call Home and RESTCONF Call Home";
container connection-type {
description
"Indicates the RESTCONF server's preference for how the
RESTCONF connection is maintained.";
choice connection-type {
mandatory true;
description
"Selects between available connection types.";
case persistent-connection {
container persistent {
presence
"Indicates that a persistent connection is to be
choice connection-type {
mandatory true;
description
"Selects between available connection types.";
case persistent-connection {
container persistent {
presence
"Indicates that a persistent connection is to be
maintained.";
}
}
case periodic-connection {
container periodic {
presence
"Indicates periodic connects";
leaf period {
type uint32; /* XXX: note uit16 in std */
units "seconds"; /* XXX: note minutes in draft */
default "3600"; /* XXX: same: 60min in draft */
description
"Duration of time between periodic connections.";
}
leaf idle-timeout {
type uint16;
units "seconds";
default "120"; // two minutes
description
"Specifies the maximum number of seconds that
}
}
case periodic-connection {
container periodic {
presence
"Indicates periodic connects";
leaf period {
type uint32; /* XXX: note uit16 in std */
units "seconds"; /* XXX: note minutes in draft */
default "3600"; /* XXX: same: 60min in draft */
description
"Duration of time between periodic connections.";
}
leaf idle-timeout {
type uint16;
units "seconds";
default "120"; // two minutes
description
"Specifies the maximum number of seconds that
the underlying TCP session may remain idle.
A TCP session will be dropped if it is idle
for an interval longer than this number of
seconds. If set to zero, then the server
will never drop a session because it is idle.";
}
}
}
}
}
container reconnect-strategy {
leaf max-attempts {
type uint8 {
range "1..max";
}
default "3";
description
"Specifies the number times the RESTCONF server tries
}
}
}
}
container reconnect-strategy {
leaf max-attempts {
type uint8 {
range "1..max";
}
default "3";
description
"Specifies the number times the RESTCONF server tries
to connect to a specific endpoint before moving on to
the next endpoint in the list (round robin).";
}
}
}
}
}
}
}
}
}
container restconf {
description
"This presence is strictly not necessary since the enable flag
description
"This presence is strictly not necessary since the enable flag
in clixon-restconf is the flag bearing the actual semantics.
However, removing the presence leads to default config in all
clixon installations, even those which do not use backend-started restconf.
One could see this as mostly cosmetically annoying.
Alternative would be to make the inclusion of this yang conditional.";
presence "Enables RESTCONF";
uses clixon-restconf;
presence "Enables RESTCONF";
uses clixon-restconf;
}
}

158
yang/clixon/clixon-rfc5277@2008-07-01.yang
View file

@ -7,91 +7,91 @@ module clixon-rfc5277 {
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
"IETF NETCONF (Network Configuration) Working Group";
description
"Note this is a translation from RFC 5277 schema in section 4 to Yang
"Note this is a translation from RFC 5277 schema in section 4 to Yang
made by Olof Hagsand manually for the Clixon project.
RFC 5277 is Copyright (C) The IETF Trust (2008).";
revision 2008-07-01 {
description
"Initial revision.";
reference
"RFC 5277: NETCONF Event Notifications.";
description
"Initial revision.";
reference
"RFC 5277: NETCONF Event Notifications.";
}
container netconf {
config false;
description
"Contains NETCONF protocol monitoring information.";
config false;
description
"Contains NETCONF protocol monitoring information.";
container capabilities {
description
"Contains a list of protocol capability URIs.";
container capabilities {
description
"Contains a list of protocol capability URIs.";
leaf-list capability {
type inet:uri;
description
"A RESTCONF protocol capability URI.";
}
}
leaf-list capability {
type inet:uri;
description
"A RESTCONF protocol capability URI.";
}
}
container streams {
description
"Container representing the notification event streams
container streams {
description
"Container representing the notification event streams
supported by the server.";
reference
"RFC 5277, Section 3.4, <streams> element.";
list stream {
key name;
description
"Each entry describes an event stream supported by
reference
"RFC 5277, Section 3.4, <streams> element.";
list stream {
key name;
description
"Each entry describes an event stream supported by
the server.";
leaf name {
type string;
description
"The stream name.";
reference
"RFC 5277, Section 3.4, <name> element.";
}
leaf name {
type string;
description
"The stream name.";
reference
"RFC 5277, Section 3.4, <name> element.";
}
leaf description {
type string;
description
"Description of stream content.";
reference
"RFC 5277, Section 3.4, <description> element.";
}
leaf description {
type string;
description
"Description of stream content.";
reference
"RFC 5277, Section 3.4, <description> element.";
}
leaf replay-support {
type boolean;
default false;
description
"Indicates if replay buffer is supported for this stream.
leaf replay-support {
type boolean;
default false;
description
"Indicates if replay buffer is supported for this stream.
If 'true', then the server MUST support the 'start-time'
and 'stop-time' query parameters for this stream.";
reference
"RFC 5277, Section 3.4, <replaySupport> element.";
}
reference
"RFC 5277, Section 3.4, <replaySupport> element.";
}
leaf replay-log-creation-time {
when "../replay-support" {
description
"Only present if notification replay is supported.";
}
type yang:date-and-time;
description
"Indicates the time the replay log for this stream
leaf replay-log-creation-time {
when "../replay-support" {
description
"Only present if notification replay is supported.";
}
type yang:date-and-time;
description
"Indicates the time the replay log for this stream
was created.";
reference
"RFC 5277, Section 3.4, <replayLogCreationTime>
reference
"RFC 5277, Section 3.4, <replayLogCreationTime>
element.";
}
}
}
}
}
}
}
rpc create-subscription {
description
@ -104,36 +104,36 @@ module clixon-rfc5277 {
of interest to the notification replay feature.";
reference "RFC 5277, Section 2.1";
input {
leaf stream{
type string;
default "NETCONF";
description "An optional parameter, <stream>, that indicates which
leaf stream{
type string;
default "NETCONF";
description "An optional parameter, <stream>, that indicates which
stream of events is of interest. If not present, events in the
default NETCONF stream will be sent.";
}
leaf filter{
type string;
description "An optional parameter, <filter>, that indicates which
}
leaf filter{
type string;
description "An optional parameter, <filter>, that indicates which
subset of all possible events is of interest. The format of this
parameter is the same as that of the filter parameter in the
NETCONF protocol operations. If not present, all events not
precluded by other parameters will be sent. See section 3.6
for more information on filters";
}
leaf startTime {
type yang:date-and-time;
description "used to trigger the replay feature
}
leaf startTime {
type yang:date-and-time;
description "used to trigger the replay feature
and indicate that the replay should start at the time
specified. If <startTime> is not present, this is not a replay
subscription.";
}
leaf stopTime {
type yang:date-and-time;
description "used with the optional
}
leaf stopTime {
type yang:date-and-time;
description "used with the optional
replay feature to indicate the newest notifications of
interest. If <stopTime> is not present, the notifications will
continue until the subscription is terminated.";
}
}
}
}
}

178
yang/clixon/clixon-xml-changelog@2019-03-21.yang
View file

@ -4,15 +4,15 @@ module clixon-xml-changelog {
prefix ml;
import ietf-yang-library {
prefix yanglib;
prefix yanglib;
}
import ietf-yang-types {
prefix yang;
prefix yang;
}
organization "Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
"Olof Hagsand <olof@hagsand.se>";
description
"This is experimental XML changelog module with several influences:
1) draft-wang-netmod-module-revision-management-01, by:
@ -21,13 +21,13 @@ module clixon-xml-changelog {
2) XProc https://www.w3.org/TR/xproc/#xpath-context";
revision 2019-03-21 {
description
"Initial Clixon derived version";
description
"Initial Clixon derived version";
}
typedef operation_type {
description
"From: https://en.wikipedia.org/wiki/XML_pipeline:
description
"From: https://en.wikipedia.org/wiki/XML_pipeline:
Rename - renames elements or attributes without modifying the content
Replace - replaces elements or attributes
Insert - adds a new data element to the output stream at a specified point
@ -35,111 +35,111 @@ module clixon-xml-changelog {
Wrap - wraps elements with additional elements
Reorder - changes the order of elements
More inspiration in XProc: https://www.w3.org/TR/xproc/#ex2";
type enumeration{
enum rename {
description
"Rename the 'where' node, ie XML label
type enumeration{
enum rename {
description
"Rename the 'where' node, ie XML label
Synopsis: rename(where:targets, when:bool, tag:string)";
}
enum replace {
description
"Replace the target data node modification is given by the leaf
}
enum replace {
description
"Replace the target data node modification is given by the leaf
transform which is a string with %s where the original value
is inserted.
Synopsis: replace(where:targets, when:bool, new:xml)";
}
enum insert {
description
"Create new data nodes and insert under an existing node.
}
enum insert {
description
"Create new data nodes and insert under an existing node.
Synopsis: insert(where:parents, when:bool, new:xml)";
}
enum delete {
description
"Delete the target node.
}
enum delete {
description
"Delete the target node.
Synopsis: delete(where:parents, when:bool)";
}
enum move {
description
"Move the target node(Added).
}
enum move {
description
"Move the target node(Added).
Synopsis: move(where:parents, when:bool, dst:node)";
}
}
}
}
}
container changelogs {
config false;
list changelog {
key "namespace revision";
leaf namespace {
type string;
description
"The YANG namespace identifying a module or submodule.
config false;
list changelog {
key "namespace revision";
leaf namespace {
type string;
description
"The YANG namespace identifying a module or submodule.
XML needs to be identified by namespace, translation to
module name may not always be possible.";
}
leaf revision {
type yanglib:revision-identifier;
description
"The YANG module or submodule revision date.
}
leaf revision {
type yanglib:revision-identifier;
description
"The YANG module or submodule revision date.
This is the actual date of the changlelog items.
Note however if the terminate flag is set, this is a virtual
revision just in place to terminate the XML, such as removing or
moving items,.";
}
leaf revfrom {
type yanglib:revision-identifier;
description
"Optional revision from date. This changelog is effective in the
}
leaf revfrom {
type yanglib:revision-identifier;
description
"Optional revision from date. This changelog is effective in the
range [from,to]. If from is not given the changelog is open-ended.
Several changelogs may be applied if the upgrade spans multiple
ranges: [from0,to0],..[fromN,toN]";
}
list step {
description
"List for module revision change log";
key "name";
leaf name {
type string;
description
"Unique step name";
}
leaf op {
type operation_type;
mandatory true;
description
"This leaf indicate the change operation, such as create, move, delete, modify, etc.";
}
leaf where {
type yang:xpath1.0;
mandatory true;
description
"Identifies the target data node for update.
}
list step {
description
"List for module revision change log";
key "name";
leaf name {
type string;
description
"Unique step name";
}
leaf op {
type operation_type;
mandatory true;
description
"This leaf indicate the change operation, such as create, move, delete, modify, etc.";
}
leaf where {
type yang:xpath1.0;
mandatory true;
description
"Identifies the target data node for update.
for move, modify or delete the target-node points to
the data node of the old version.
For create, it is the parent where it should be
inserted.";
}
leaf when {
type yang:xpath1.0;
description
"Boolean XPATH. Execute this step if this xpath exists
}
leaf when {
type yang:xpath1.0;
description
"Boolean XPATH. Execute this step if this xpath exists
and evaluates to true";
}
leaf tag {
description
"For rename, a string XPath definining the new tag.";
type yang:xpath1.0;
}
leaf dst {
description
"For move, a destination XPath definining the parent where
}
leaf tag {
description
"For rename, a string XPath definining the new tag.";
type yang:xpath1.0;
}
leaf dst {
description
"For move, a destination XPath definining the parent where
to insert.";
type yang:xpath1.0;
}
anydata new {
description
"If op is replace or insert, new XML for the new node.";
}
}
}
type yang:xpath1.0;
}
anydata new {
description
"If op is replace or insert, new XML for the new node.";
}
}
}
}
}

72
yang/mandatory/ietf-list-pagination-nc@2022-07-24.yang
View file

@ -4,32 +4,32 @@ module ietf-list-pagination-nc {
prefix lpgnc;
import ietf-netconf {
prefix nc;
reference
"RFC 6241: Network Configuration Protocol (NETCONF)";
prefix nc;
reference
"RFC 6241: Network Configuration Protocol (NETCONF)";
}
import ietf-netconf-nmda {
prefix ncds;
reference
"RFC 8526: NETCONF Extensions to Support the
prefix ncds;
reference
"RFC 8526: NETCONF Extensions to Support the
Network Management Datastore Architecture";
}
import ietf-list-pagination {
prefix lp;
reference
"RFC XXXX: List Pagination for YANG-driven Protocols";
prefix lp;
reference
"RFC XXXX: List Pagination for YANG-driven Protocols";
}
organization
"IETF NETCONF (Network Configuration) Working Group";
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: https://datatracker.ietf.org/wg/netconf
"WG Web: https://datatracker.ietf.org/wg/netconf
WG List: NETCONF WG list <mailto:netconf@ietf.org>";
description
"This module augments the <get>, <get-config>, and <get-data>
"This module augments the <get>, <get-config>, and <get-data>
'rpc' statements to support list pagination.
Copyright (c) 2021 IETF Trust and the persons identified
@ -54,47 +54,47 @@ module ietf-list-pagination-nc {
capitals, as shown here.";
revision 2022-07-24 {
description
"Initial revision.";
reference
"RFC XXXX: NETCONF Extensions to Support List Pagination";
description
"Initial revision.";
reference
"RFC XXXX: NETCONF Extensions to Support List Pagination";
}
grouping pagination-parameters {
description "A grouping for list pagination parameters.";
container list-pagination {
description "List pagination parameters.";
presence "Flag that request contains pagination parameters";
uses lp:where-param-grouping;
uses lp:sort-by-param-grouping;
uses lp:direction-param-grouping;
uses lp:offset-param-grouping;
uses lp:limit-param-grouping;
uses lp:sublist-limit-param-grouping;
}
description "A grouping for list pagination parameters.";
container list-pagination {
description "List pagination parameters.";
presence "Flag that request contains pagination parameters";
uses lp:where-param-grouping;
uses lp:sort-by-param-grouping;
uses lp:direction-param-grouping;
uses lp:offset-param-grouping;
uses lp:limit-param-grouping;
uses lp:sublist-limit-param-grouping;
}
}
augment "/nc:get/nc:input" {
description
"Allow the 'get' operation to use content filter
description
"Allow the 'get' operation to use content filter
parameter for specifying the YANG list or leaf-list
that is to be retrieved";
uses pagination-parameters;
uses pagination-parameters;
}
augment "/nc:get-config/nc:input" {
description
"Allow the 'get-config' operation to use content filter
description
"Allow the 'get-config' operation to use content filter
parameter for specifying the YANG list or leaf-list
that is to be retrieved";
uses pagination-parameters;
uses pagination-parameters;
}
augment "/ncds:get-data/ncds:input" {
description
"Allow the 'get-data' operation to use content filter
description
"Allow the 'get-data' operation to use content filter
parameter for specifying the YANG list or leaf-list
that is to be retrieved";
uses pagination-parameters;
uses pagination-parameters;
}
}

288
yang/mandatory/ietf-list-pagination@2022-07-24.yang
View file

@ -1,39 +1,39 @@
module ietf-list-pagination {
yang-version 1.1;
namespace
"urn:ietf:params:xml:ns:yang:ietf-list-pagination";
"urn:ietf:params:xml:ns:yang:ietf-list-pagination";
prefix lpg;
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-yang-metadata {
prefix md;
reference
"RFC 7952: Defining and Using Metadata with YANG";
prefix md;
reference
"RFC 7952: Defining and Using Metadata with YANG";
}
/* XXX Clixon FIXME: system-capabilities brings in NACM that breaks clixon testing
import ietf-system-capabilities {
prefix sysc;
reference
"draft-ietf-netconf-notification-capabilities:
prefix sysc;
reference
"draft-ietf-netconf-notification-capabilities:
YANG Modules describing Capabilities for
Systems and Datastore Update Notifications";
}
*/
organization
"IETF NETCONF (Network Configuration) Working Group";
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: https://datatracker.ietf.org/wg/netconf
"WG Web: https://datatracker.ietf.org/wg/netconf
WG List: NETCONF WG list <mailto:netconf@ietf.org>";
description
"This module is used by servers to 1) indicate they support
"This module is used by servers to 1) indicate they support
pagination on 'list' and 'leaf-list' resources, 2) define a
grouping for each list-pagination parameter, and 3) indicate
which 'config false' lists have constrained 'where' and
@ -61,28 +61,28 @@ module ietf-list-pagination {
capitals, as shown here.";
revision 2022-07-24 {
description
"Initial revision.";
reference
"RFC XXXX: List Pagination for YANG-driven Protocols";
description
"Initial revision.";
reference
"RFC XXXX: List Pagination for YANG-driven Protocols";
}
// Annotations
md:annotation remaining {
type union {
type uint32;
type enumeration {
enum "unknown" {
description
"Indicates that number of remaining entries is unknown
type union {
type uint32;
type enumeration {
enum "unknown" {
description
"Indicates that number of remaining entries is unknown
to the server in case, e.g., the server has determined
that counting would be prohibitively expensive.";
}
}
}
description
"This annotation contains the number of elements not included
}
}
}
description
"This annotation contains the number of elements not included
in the result set (a positive value) due to a 'limit' or
'sublist-limit' operation. If no elements were removed,
this annotation MUST NOT appear. The minimum value (0),
@ -95,37 +95,37 @@ module ietf-list-pagination {
// Identities
identity list-pagination-error {
description
"Base identity for list-pagination errors.";
description
"Base identity for list-pagination errors.";
}
identity offset-out-of-range {
base list-pagination-error;
description
"The 'offset' query parameter value is greater than the number
base list-pagination-error;
description
"The 'offset' query parameter value is greater than the number
of instances in the target list or leaf-list resource.";
}
// Groupings
grouping where-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf where {
type union {
type yang:xpath1.0;
type enumeration {
enum "unfiltered" {
description
"Indicates that no entries are to be filtered
leaf where {
type union {
type yang:xpath1.0;
type enumeration {
enum "unfiltered" {
description
"Indicates that no entries are to be filtered
from the working result-set.";
}
}
}
default "unfiltered";
description
"The 'where' parameter specifies a boolean expression
}
}
}
default "unfiltered";
description
"The 'where' parameter specifies a boolean expression
that result-set entries must match.
It is an error if the XPath expression references a node
@ -134,166 +134,166 @@ module ietf-list-pagination {
false' lists and leaf-lists, if the node identifier does
not point to a node having the 'indexed' extension
statement applied to it (see RFC XXXX).";
}
}
}
grouping sort-by-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf sort-by {
type union {
type string {
// An RFC 7950 'descendant-schema-nodeid'.
pattern '([0-9a-fA-F]*:)?[0-9a-fA-F]*'
+ '(/([0-9a-fA-F]*:)?[0-9a-fA-F]*)*';
}
type enumeration {
enum "none" {
description
"Indicates that the list or leaf-list's default
leaf sort-by {
type union {
type string {
// An RFC 7950 'descendant-schema-nodeid'.
pattern '([0-9a-fA-F]*:)?[0-9a-fA-F]*'
+ '(/([0-9a-fA-F]*:)?[0-9a-fA-F]*)*';
}
type enumeration {
enum "none" {
description
"Indicates that the list or leaf-list's default
order is to be used, per the YANG 'ordered-by'
statement.";
}
}
}
default "none";
description
"The 'sort-by' parameter indicates the node in the
}
}
}
default "none";
description
"The 'sort-by' parameter indicates the node in the
working result-set (i.e., after the 'where' parameter
has been applied) that entries should be sorted by.
Sorts are in ascending order (e.g., '1' before '9',
'a' before 'z', etc.). Missing values are sorted to
the end (e.g., after all nodes having values).";
}
}
}
grouping direction-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf direction {
type enumeration {
enum forwards {
description
"Indicates that entries should be traversed from
leaf direction {
type enumeration {
enum forwards {
description
"Indicates that entries should be traversed from
the first to last item in the working result set.";
}
enum backwards {
description
"Indicates that entries should be traversed from
}
enum backwards {
description
"Indicates that entries should be traversed from
the last to first item in the working result set.";
}
}
default "forwards";
description
"The 'direction' parameter indicates how the entries in the
}
}
default "forwards";
description
"The 'direction' parameter indicates how the entries in the
working result-set (i.e., after the 'sort-by' parameter
has been applied) should be traversed.";
}
}
}
grouping offset-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf offset {
type uint32;
default 0;
description
"The 'offset' parameter indicates the number of entries
leaf offset {
type uint32;
default 0;
description
"The 'offset' parameter indicates the number of entries
in the working result-set (i.e., after the 'direction'
parameter has been applied) that should be skipped over
when preparing the response.";
}
}
}
grouping limit-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf limit {
type union {
type uint32 {
range "1..max";
}
type enumeration {
enum "unbounded" {
description
"Indicates that the number of entries that may be
leaf limit {
type union {
type uint32 {
range "1..max";
}
type enumeration {
enum "unbounded" {
description
"Indicates that the number of entries that may be
returned is unbounded.";
}
}
}
default "unbounded";
description
"The 'limit' parameter limits the number of entries returned
}
}
}
default "unbounded";
description
"The 'limit' parameter limits the number of entries returned
from the working result-set (i.e., after the 'offset'
parameter has been applied).
Any result-set that is limited includes, somewhere in its
encoding, the metadata value 'remaining' to indicate the
number entries not included in the result set.";
}
}
}
grouping sublist-limit-param-grouping {
description
"This grouping may be used by protocol-specific YANG modules
description
"This grouping may be used by protocol-specific YANG modules
to define a protocol-specific query parameter.";
leaf sublist-limit {
type union {
type uint32 {
range "1..max";
}
type enumeration {
enum "unbounded" {
description
"Indicates that the number of entries that may be
leaf sublist-limit {
type union {
type uint32 {
range "1..max";
}
type enumeration {
enum "unbounded" {
description
"Indicates that the number of entries that may be
returned is unbounded.";
}
}
}
default "unbounded";
description
"The 'sublist-limit' parameter limits the number of entries
}
}
}
default "unbounded";
description
"The 'sublist-limit' parameter limits the number of entries
for descendent lists and leaf-lists.
Any result-set that is limited includes, somewhere in
its encoding, the metadata value 'remaining' to indicate
the number entries not included in the result set.";
}
}
}
/* XXX Clixon FIXME: system-capabilities brings in NACM that breaks clixon testing
// Protocol-accessible nodes
augment // FIXME: ensure datastore == <operational>
"/sysc:system-capabilities/sysc:datastore-capabilities"
+ "/sysc:per-node-capabilities" {
description
"Defines some leafs that MAY be used by the server to
"/sysc:system-capabilities/sysc:datastore-capabilities"
+ "/sysc:per-node-capabilities" {
description
"Defines some leafs that MAY be used by the server to
describe constraints imposed of the 'where' filters and
'sort-by' parameters used in list pagination queries.";
leaf constrained {
type empty;
description
"Indicates that 'where' filters and 'sort-by' parameters
leaf constrained {
type empty;
description
"Indicates that 'where' filters and 'sort-by' parameters
on the targeted 'config false' list node are constrained.
If a list is not 'constrained', then full XPath 1.0
expressions may be used in 'where' filters and all node
identifiers are usable by 'sort-by'.";
}
leaf indexed {
type empty;
description
"Indicates that the targeted descendent node of a
}
leaf indexed {
type empty;
description
"Indicates that the targeted descendent node of a
'constrained' list (see the 'constrained' leaf) may be
used in 'where' filters and/or 'sort-by' parameters.
If a descendent node of a 'constrained' list is not
'indexed', then it MUST NOT be used in 'where' filters
or 'sort-by' parameters.";
}
}
}
*/
}

478
yang/mandatory/ietf-netconf-acm@2018-02-14.yang
View file

@ -5,14 +5,14 @@ module ietf-netconf-acm {
prefix nacm;
import ietf-yang-types {
prefix yang;
prefix yang;
}
organization
"IETF NETCONF (Network Configuration) Working Group";
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
Author: Andy Bierman
@ -22,7 +22,7 @@ module ietf-netconf-acm {
<mailto:mbj@tail-f.com>";
description
"Network Configuration Access Control Model.
"Network Configuration Access Control Model.
Copyright (c) 2012 - 2018 IETF Trust and the persons
identified as authors of the code. All rights reserved.
@ -38,19 +38,19 @@ module ietf-netconf-acm {
the RFC itself for full legal notices.";
revision "2018-02-14" {
description
"Added support for YANG 1.1 actions and notifications tied to
description
"Added support for YANG 1.1 actions and notifications tied to
data nodes. Clarified how NACM extensions can be used by
other data models.";
reference
"RFC 8341: Network Configuration Access Control Model";
reference
"RFC 8341: Network Configuration Access Control Model";
}
revision "2012-02-22" {
description
"Initial version.";
reference
"RFC 6536: Network Configuration Protocol (NETCONF)
description
"Initial version.";
reference
"RFC 6536: Network Configuration Protocol (NETCONF)
Access Control Model";
}
@ -59,8 +59,8 @@ module ietf-netconf-acm {
*/
extension default-deny-write {
description
"Used to indicate that the data model node
description
"Used to indicate that the data model node
represents a sensitive security system parameter.
If present, the NETCONF server will only allow the designated
@ -76,8 +76,8 @@ module ietf-netconf-acm {
}
extension default-deny-all {
description
"Used to indicate that the data model node
description
"Used to indicate that the data model node
controls a very sensitive security system parameter.
If present, the NETCONF server will only allow the designated
@ -99,84 +99,84 @@ module ietf-netconf-acm {
*/
typedef user-name-type {
type string {
length "1..max";
}
description
"General-purpose username string.";
type string {
length "1..max";
}
description
"General-purpose username string.";
}
typedef matchall-string-type {
type string {
pattern '\*';
}
description
"The string containing a single asterisk '*' is used
type string {
pattern '\*';
}
description
"The string containing a single asterisk '*' is used
to conceptually represent all possible values
for the particular leaf using this data type.";
}
typedef access-operations-type {
type bits {
bit create {
description
"Any protocol operation that creates a
type bits {
bit create {
description
"Any protocol operation that creates a
new data node.";
}
bit read {
description
"Any protocol operation or notification that
}
bit read {
description
"Any protocol operation or notification that
returns the value of a data node.";
}
bit update {
description
"Any protocol operation that alters an existing
}
bit update {
description
"Any protocol operation that alters an existing
data node.";
}
}
bit delete {
description
"Any protocol operation that removes a data node.";
}
bit exec {
description
"Execution access to the specified protocol operation.";
}
}
description
"Access operation.";
bit delete {
description
"Any protocol operation that removes a data node.";
}
bit exec {
description
"Execution access to the specified protocol operation.";
}
}
description
"Access operation.";
}
typedef group-name-type {
type string {
length "1..max";
pattern '[^\*].*';
}
description
"Name of administrative group to which
type string {
length "1..max";
pattern '[^\*].*';
}
description
"Name of administrative group to which
users can be assigned.";
}
typedef action-type {
type enumeration {
enum permit {
description
"Requested action is permitted.";
}
enum deny {
description
"Requested action is denied.";
}
}
description
"Action taken by the server when a particular
type enumeration {
enum permit {
description
"Requested action is permitted.";
}
enum deny {
description
"Requested action is denied.";
}
}
description
"Action taken by the server when a particular
rule matches.";
}
typedef node-instance-identifier {
type yang:xpath1.0;
description
"Path expression used to represent a special
type yang:xpath1.0;
description
"Path expression used to represent a special
data node, action, or notification instance-identifier
string.
@ -213,147 +213,147 @@ module ietf-netconf-acm {
*/
container nacm {
nacm:default-deny-all;
nacm:default-deny-all;
description
"Parameters for NETCONF access control model.";
description
"Parameters for NETCONF access control model.";
leaf enable-nacm {
type boolean;
default "true";
description
"Enables or disables all NETCONF access control
leaf enable-nacm {
type boolean;
default "true";
description
"Enables or disables all NETCONF access control
enforcement. If 'true', then enforcement
is enabled. If 'false', then enforcement
is disabled.";
}
}
leaf read-default {
type action-type;
default "permit";
description
"Controls whether read access is granted if
leaf read-default {
type action-type;
default "permit";
description
"Controls whether read access is granted if
no appropriate rule is found for a
particular read request.";
}
}
leaf write-default {
type action-type;
default "deny";
description
"Controls whether create, update, or delete access
leaf write-default {
type action-type;
default "deny";
description
"Controls whether create, update, or delete access
is granted if no appropriate rule is found for a
particular write request.";
}
}
leaf exec-default {
type action-type;
default "permit";
description
"Controls whether exec access is granted if no appropriate
leaf exec-default {
type action-type;
default "permit";
description
"Controls whether exec access is granted if no appropriate
rule is found for a particular protocol operation request.";
}
}
leaf enable-external-groups {
type boolean;
default "true";
description
"Controls whether the server uses the groups reported by the
leaf enable-external-groups {
type boolean;
default "true";
description
"Controls whether the server uses the groups reported by the
NETCONF transport layer when it assigns the user to a set of
NACM groups. If this leaf has the value 'false', any group
names reported by the transport layer are ignored by the
server.";
}
}
leaf denied-operations {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that a
leaf denied-operations {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that a
protocol operation request was denied.";
}
}
leaf denied-data-writes {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that a
leaf denied-data-writes {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that a
protocol operation request to alter
a configuration datastore was denied.";
}
}
leaf denied-notifications {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that
leaf denied-notifications {
type yang:zero-based-counter32;
config false;
mandatory true;
description
"Number of times since the server last restarted that
a notification was dropped for a subscription because
access to the event type was denied.";
}
}
container groups {
description
"NETCONF access control groups.";
container groups {
description
"NETCONF access control groups.";
list group {
key name;
list group {
key name;
description
"One NACM group entry. This list will only contain
description
"One NACM group entry. This list will only contain
configured entries, not any entries learned from
any transport protocols.";
leaf name {
type group-name-type;
description
"Group name associated with this entry.";
}
leaf name {
type group-name-type;
description
"Group name associated with this entry.";
}
leaf-list user-name {
type user-name-type;
description
"Each entry identifies the username of
leaf-list user-name {
type user-name-type;
description
"Each entry identifies the username of
a member of the group associated with
this entry.";
}
}
}
}
}
}
list rule-list {
key name;
ordered-by user;
description
"An ordered collection of access control rules.";
list rule-list {
key name;
ordered-by user;
description
"An ordered collection of access control rules.";
leaf name {
type string {
length "1..max";
}
description
"Arbitrary name assigned to the rule-list.";
}
leaf-list group {
type union {
type matchall-string-type;
type group-name-type;
}
description
"List of administrative groups that will be
leaf name {
type string {
length "1..max";
}
description
"Arbitrary name assigned to the rule-list.";
}
leaf-list group {
type union {
type matchall-string-type;
type group-name-type;
}
description
"List of administrative groups that will be
assigned the associated access rights
defined by the 'rule' list.
The string '*' indicates that all groups apply to the
entry.";
}
}
list rule {
key name;
ordered-by user;
description
"One access control rule.
list rule {
key name;
ordered-by user;
description
"One access control rule.
Rules are processed in user-defined order until a match is
found. A rule matches if 'module-name', 'rule-type', and
@ -361,62 +361,62 @@ module ietf-netconf-acm {
matches, the 'action' leaf determines whether or not
access is granted.";
leaf name {
type string {
length "1..max";
}
description
"Arbitrary name assigned to the rule.";
}
leaf name {
type string {
length "1..max";
}
description
"Arbitrary name assigned to the rule.";
}
leaf module-name {
type union {
type matchall-string-type;
type string;
}
default "*";
description
"Name of the module associated with this rule.
leaf module-name {
type union {
type matchall-string-type;
type string;
}
default "*";
description
"Name of the module associated with this rule.
This leaf matches if it has the value '*' or if the
object being accessed is defined in the module with the
specified module name.";
}
choice rule-type {
description
"This choice matches if all leafs present in the rule
}
choice rule-type {
description
"This choice matches if all leafs present in the rule
match the request. If no leafs are present, the
choice matches all requests.";
case protocol-operation {
leaf rpc-name {
type union {
type matchall-string-type;
type string;
}
description
"This leaf matches if it has the value '*' or if
case protocol-operation {
leaf rpc-name {
type union {
type matchall-string-type;
type string;
}
description
"This leaf matches if it has the value '*' or if
its value equals the requested protocol operation
name.";
}
}
case notification {
leaf notification-name {
type union {
type matchall-string-type;
type string;
}
description
"This leaf matches if it has the value '*' or if its
}
}
case notification {
leaf notification-name {
type union {
type matchall-string-type;
type string;
}
description
"This leaf matches if it has the value '*' or if its
value equals the requested notification name.";
}
}
}
}
case data-node {
leaf path {
type node-instance-identifier;
mandatory true;
description
"Data node instance-identifier associated with the
case data-node {
leaf path {
type node-instance-identifier;
mandatory true;
description
"Data node instance-identifier associated with the
data node, action, or notification controlled by
this rule.
@ -427,40 +427,40 @@ module ietf-netconf-acm {
The special value '/' refers to all possible
datastore contents.";
}
}
}
}
}
}
leaf access-operations {
type union {
type matchall-string-type;
type access-operations-type;
}
default "*";
description
"Access operations associated with this rule.
leaf access-operations {
type union {
type matchall-string-type;
type access-operations-type;
}
default "*";
description
"Access operations associated with this rule.
This leaf matches if it has the value '*' or if the
bit corresponding to the requested operation is set.";
}
}
leaf action {
type action-type;
mandatory true;
description
"The access control action associated with the
leaf action {
type action-type;
mandatory true;
description
"The access control action associated with the
rule. If a rule has been determined to match a
particular request, then this object is used
to determine whether to permit or deny the
request.";
}
}
leaf comment {
type string;
description
"A textual description of the access rule.";
}
}
}
leaf comment {
type string;
description
"A textual description of the access rule.";
}
}
}
}
}

160
yang/mandatory/ietf-restconf-monitoring@2017-01-26.yang
View file

@ -6,10 +6,10 @@ module ietf-restconf-monitoring {
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
Author: Andy Bierman
@ -22,7 +22,7 @@ module ietf-restconf-monitoring {
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information for the
"This module contains monitoring information for the
RESTCONF protocol.
Copyright (c) 2017 IETF Trust and the persons identified as
@ -39,111 +39,111 @@ module ietf-restconf-monitoring {
the RFC itself for full legal notices.";
revision 2017-01-26 {
description
"Initial revision.";
reference
"RFC 8040: RESTCONF Protocol.";
description
"Initial revision.";
reference
"RFC 8040: RESTCONF Protocol.";
}
container restconf-state {
config false;
description
"Contains RESTCONF protocol monitoring information.";
config false;
description
"Contains RESTCONF protocol monitoring information.";
container capabilities {
description
"Contains a list of protocol capability URIs.";
container capabilities {
description
"Contains a list of protocol capability URIs.";
leaf-list capability {
type inet:uri;
description
"A RESTCONF protocol capability URI.";
}
}
leaf-list capability {
type inet:uri;
description
"A RESTCONF protocol capability URI.";
}
}
container streams {
description
"Container representing the notification event streams
container streams {
description
"Container representing the notification event streams
supported by the server.";
reference
"RFC 5277, Section 3.4, <streams> element.";
reference
"RFC 5277, Section 3.4, <streams> element.";
list stream {
key name;
description
"Each entry describes an event stream supported by
list stream {
key name;
description
"Each entry describes an event stream supported by
the server.";
leaf name {
type string;
description
"The stream name.";
reference
"RFC 5277, Section 3.4, <name> element.";
}
leaf name {
type string;
description
"The stream name.";
reference
"RFC 5277, Section 3.4, <name> element.";
}
leaf description {
type string;
description
"Description of stream content.";
reference
"RFC 5277, Section 3.4, <description> element.";
}
leaf description {
type string;
description
"Description of stream content.";
reference
"RFC 5277, Section 3.4, <description> element.";
}
leaf replay-support {
type boolean;
default false;
description
"Indicates if replay buffer is supported for this stream.
leaf replay-support {
type boolean;
default false;
description
"Indicates if replay buffer is supported for this stream.
If 'true', then the server MUST support the 'start-time'
and 'stop-time' query parameters for this stream.";
reference
"RFC 5277, Section 3.4, <replaySupport> element.";
}
reference
"RFC 5277, Section 3.4, <replaySupport> element.";
}
leaf replay-log-creation-time {
when "../replay-support" {
description
"Only present if notification replay is supported.";
}
type yang:date-and-time;
description
"Indicates the time the replay log for this stream
leaf replay-log-creation-time {
when "../replay-support" {
description
"Only present if notification replay is supported.";
}
type yang:date-and-time;
description
"Indicates the time the replay log for this stream
was created.";
reference
"RFC 5277, Section 3.4, <replayLogCreationTime>
reference
"RFC 5277, Section 3.4, <replayLogCreationTime>
element.";
}
}
list access {
key encoding;
min-elements 1;
description
"The server will create an entry in this list for each
list access {
key encoding;
min-elements 1;
description
"The server will create an entry in this list for each
encoding format that is supported for this stream.
The media type 'text/event-stream' is expected
for all event streams. This list identifies the
subtypes supported for this stream.";
leaf encoding {
type string;
description
"This is the secondary encoding format within the
leaf encoding {
type string;
description
"This is the secondary encoding format within the
'text/event-stream' encoding used by all streams.
The type 'xml' is supported for XML encoding.
The type 'json' is supported for JSON encoding.";
}
}
leaf location {
type inet:uri;
mandatory true;
description
"Contains a URL that represents the entry point
leaf location {
type inet:uri;
mandatory true;
description
"Contains a URL that represents the entry point
for establishing notification delivery via
server-sent events.";
}
}
}
}
}
}
}
}
}
}