module ietf-dots-signal-control {
yang-version 1.1;
namespace
"urn:ietf:params:xml:ns:yang:ietf-dots-signal-control";
prefix signal-control;
import ietf-dots-signal-channel {
prefix ietf-signal;
reference
"RFC SSSS: Distributed Denial-of-Service Open Threat
Signaling (DOTS) Signal Channel Specification";
}
import ietf-dots-data-channel {
prefix ietf-data;
reference
"RFC DDDD: Distributed Denial-of-Service Open Threat
Signaling (DOTS) Data Channel Specification";
}
organization
"IETF DDoS Open Threat Signaling (DOTS) Working Group";
contact
"WG Web:
WG List:
Author: Konda, Tirumaleswar Reddy
Author: Mohamed Boucadair
Author: Kaname Nishizuka
Author: Takahiko Nagata
";
description
"This module contains YANG definition for the signaling
messages exchanged between a DOTS client and a DOTS server
to control, by means of the DOTS signal channel, filtering
rules configured using the DOTS data channel.
Copyright (c) 2019 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
revision 2019-04-01 {
description
"Initial revision.";
reference
"RFC XXXX: Controlling Filtering Rules Using Distributed
Denial-of-Service Open Threat Signaling (DOTS)
Signal Channel";
}
feature control-filtering {
description
"This feature means that the DOTS signal channel is able
to manage the filtering rules created by the same DOTS
client using the DOTS data channel.";
}
augment "/ietf-signal:dots-signal/ietf-signal:message-type"
+ "/ietf-signal:mitigation-scope/ietf-signal:scope" {
if-feature control-filtering;
description "ACL name and activation type.";
list acl-list {
key "acl-name";
description
"List of ACLs as defined in the DOTS data
channel. These ACLs are uniquely defined by
cuid and name.";
leaf acl-name {
type leafref {
path "/ietf-data:dots-data/ietf-data:dots-client"
+ "/ietf-data:acls/ietf-data:acl/ietf-data:name";
}
description
"Reference to the ACL name bound to a DOTS client.";
}
leaf activation-type {
type ietf-data:activation-type;
default "activate-when-mitigating";
description
"Set the activation type of an ACL.";
}
}
}
}