module ietf-acldns {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-acldns";
prefix ietf-acldns;
import ietf-access-control-list {
prefix acl;
}
import ietf-inet-types {
prefix inet;
}
organization
"IETF OPSAWG (Operations and Management Area Working Group)";
contact
"WG Web: <https://datatracker.ietf.org/wg/opsawg/>
WG List: opsawg@ietf.org
Author: Eliot Lear
lear@cisco.com
Author: Ralph Droms
rdroms@gmail.com
Author: Dan Romascanu
dromasca@gmail.com
";
description
"This YANG module defines a component that augments the
IETF description of an access list to allow DNS names
as matching criteria.
Copyright (c) 2019 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).";
revision 2019-01-28 {
description
"Base version of dnsname extension of the ACL model.";
reference
"RFC 8520: Manufacturer Usage Description
Specification";
}
grouping dns-matches {
description
"Domain names for matching.";
leaf src-dnsname {
type inet:host;
description
"domain name to be matched against.";
}
leaf dst-dnsname {
type inet:host;
description
"domain name to be matched against.";
}
}
augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches"
+ "/acl:l3/acl:ipv4/acl:ipv4" {
description
"Adding domain names to matching.";
uses dns-matches;
}
augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches"
+ "/acl:l3/acl:ipv6/acl:ipv6" {
description
"Adding domain names to matching.";
uses dns-matches;
}
}