Re: [netmod] Netmod ACL - Can "access-lists" be set up as a "grouping"
"Einar Nilsen-Nygaard (einarnn)" <einarnn@cisco.com> Mon, 08 January 2018 15:03 UTC
Return-Path: <einarnn@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 581EE129C53 for <netmod@ietfa.amsl.com>; Mon, 8 Jan 2018 07:03:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q86GStKgzXo0 for <netmod@ietfa.amsl.com>; Mon, 8 Jan 2018 07:02:59 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DF1712706D for <netmod@ietf.org>; Mon, 8 Jan 2018 07:02:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=15520; q=dns/txt; s=iport; t=1515423779; x=1516633379; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Bu5PFg2e5e+9Khu/yvlE+2YljIvCrFdxOmWKmjkJGtE=; b=UFD/0bWrt9mcjsrtvWkg6GsgbmkW8l7+wvHBM9EVM3z+3b6FAy4T1Pbg ltem7s5VwsM36vdBqL3YlRK0rHJ7VzTGxoEo91y4D8zdgVOx7UOGOfXRz kmNbQ8eIPYwDd0GODbfrnAC8yQHeiprqleU0LdbNR0eKO1Fhr/9cZJGB3 Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CcAQDGh1Na/4cNJK1dGQEBAQEBAQEBAQEBAQcBAQEBAYJKdWZ0JweEAIokjliTW4VRghUKGAEKhANGTwIahBw/GAEBAQEBAQEBAWsohSQCAQMBASFLCxACAQgOMQMCAgIlCxQRAQEEAQ0FiU1kELELgieKLwEBAQEBAQEBAQEBAQEBAQEBAQEBARgFhCCCFYNogwWDLwGBbYMYMYI0BaNeAogFjTeUCY0zhh+DGAIRGQGBOwEfOYFQbxU9KgGBfz+EGHiJUYEXAQEB
X-IronPort-AV: E=Sophos; i="5.46,330,1511827200"; d="scan'208,217"; a="53165277"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Jan 2018 15:02:55 +0000
Received: from XCH-RTP-010.cisco.com (xch-rtp-010.cisco.com [64.101.220.150]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id w08F2sRk017189 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 8 Jan 2018 15:02:55 GMT
Received: from xch-rtp-009.cisco.com (64.101.220.149) by XCH-RTP-010.cisco.com (64.101.220.150) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 8 Jan 2018 10:02:53 -0500
Received: from xch-rtp-009.cisco.com ([64.101.220.149]) by XCH-RTP-009.cisco.com ([64.101.220.149]) with mapi id 15.00.1320.000; Mon, 8 Jan 2018 10:02:53 -0500
From: "Einar Nilsen-Nygaard (einarnn)" <einarnn@cisco.com>
To: Jon Shallow <supjps-ietf@jpshallow.com>, Mahesh Jethanandani <mjethanandani@gmail.com>
CC: "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] Netmod ACL - Can "access-lists" be set up as a "grouping"
Thread-Index: AdOIbvlU0QBjg+SHRESC+Oh6XUPoRwATLimA
Date: Mon, 08 Jan 2018 15:02:53 +0000
Message-ID: <B0576B62-CB61-45EA-99EF-E5B67545B85C@cisco.com>
References: <012301d3886e$f96f08e0$ec4d1aa0$@jpshallow.com>
In-Reply-To: <012301d3886e$f96f08e0$ec4d1aa0$@jpshallow.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.5.20)
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.106.4]
Content-Type: multipart/alternative; boundary="_000_B0576B62CB6145EA99EFE5B67545B85Cciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/r7wn0sxBWpz4YqIcuEPdSUOgnQQ>
Subject: Re: [netmod] Netmod ACL - Can "access-lists" be set up as a "grouping"
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2018 15:03:01 -0000
Since this is a 7-line change, I see no harm in it if no-one objects? Mahesh has the token for rolling in updates discussed just prior to the end of 2017.
Here’s a possible diff:
$ git diff -b
diff --git a/src/yang/ietf-access-control-list.yang b/src/yang/ietf-access-control-list.yang
index 4d698c9..b1a173f 100644
--- a/src/yang/ietf-access-control-list.yang
+++ b/src/yang/ietf-access-control-list.yang
@@ -402,6 +402,10 @@ module ietf-access-control-list {
/*
* Configuration data nodes
*/
+ grouping access-lists-top {
+ description
+ "Grouping to allow reuse of access lists container elsewhere.";
+
container access-lists {
description
"This is a top level container for Access Control Lists.
@@ -576,6 +580,9 @@ module ietf-access-control-list {
}
}
}
+ }
+ uses access-lists-top;
+
augment "/if:interfaces/if:interface" {
description
"Augment interfaces to allow ACLs to be associated in either the
Cheers,
Einar
On 8 Jan 2018, at 10:53, Jon Shallow <supjps-ietf@jpshallow.com<mailto:supjps-ietf@jpshallow.com>> wrote:
Hi There,
I appreciate that this is late to the table, but is it possible to set up “access-lists” as a “grouping” in the YANG data model so that “access-lists” can be included by “uses” in a higher level YANG data model?
I have raised this as issue #22 at https://github.com/netmod-wg/acl-model/issues
Regards
Jon
_______________________________________________
netmod mailing list
netmod@ietf.org<mailto:netmod@ietf.org>
https://www.ietf.org/mailman/listinfo/netmod
- [netmod] Netmod ACL - Can "access-lists" be set u… Jon Shallow
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Einar Nilsen-Nygaard (einarnn)
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Robert Wilton
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Martin Bjorklund
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Jon Shallow
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Einar Nilsen-Nygaard (einarnn)
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Acee Lindem (acee)
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Martin Bjorklund
- Re: [netmod] Netmod ACL - Can "access-lists" be s… Mahesh Jethanandani