diff --git a/example-data/nfv.xml b/example-data/nfv.xml
index 42ddfedf1554cdf4edb324dc2b29098af49eaa5f..0c603f5cf1214413db12364e624604a809c9088e 100644
--- a/example-data/nfv.xml
+++ b/example-data/nfv.xml
@@ -4,7 +4,7 @@
My Company
My Company ASAv
9.8
- 9.8
+ 9.8
My Company Vnfm
firewall
diff --git a/src/yang/etsi-nfv-common.yang b/src/yang/etsi-nfv-common.yang
index ef81556bd59bf664dac70fe9d4aaea7316f0a539..676527f6e4c5acdf9f483d1dea68676c4fe19203 100644
--- a/src/yang/etsi-nfv-common.yang
+++ b/src/yang/etsi-nfv-common.yang
@@ -565,5 +565,115 @@ submodule etsi-nfv-common {
reference
"GS NFV IFA011: Section 7.1.6.3 Cpd information element";
}
+
+ leaf security-group-rule-id {
+ type leafref {
+ path "/nfv/vnfd/security-group-rule/id";
+ }
+ description
+ "Reference of the security group rules bound to this
+ CPD.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.3 Cpd information element";
+ }
+ }
+
+ grouping security-group-rule {
+ list security-group-rule {
+ key "id";
+
+ leaf id {
+ type string;
+ description
+ "Identifier of this SecurityGroupRule information
+ element.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf description {
+ type string;
+ description
+ "Human readable description of the security group rule.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf direction {
+ type enumeration {
+ enum ingress;
+ enum egress;
+ }
+ default "ingress";
+ description
+ "The direction in which the security group rule is applied.
+ Permitted values: INGRESS, EGRESS. Defaults to INGRESS.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf ether-type {
+ type enumeration {
+ enum ipv4;
+ enum ipv6;
+ }
+ default "ipv4";
+ description
+ "Indicates the protocol carried over the Ethernet layer.
+ Permitted values: IPV4, IPV6. Defaults to IPV4.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf protocol {
+ type enumeration {
+ enum tcp;
+ enum udp;
+ enum icmp;
+ }
+ default "tcp";
+ description
+ "Indicates the protocol carried over the IP layer.
+ Permitted values: any protocol defined in the IANA
+ protocol registry, e.g. TCP, UDP, ICMP, etc. Defaults
+ to TCP.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf port-range-min {
+ must ". <= ../port-range-max";
+ type uint16;
+ default "0";
+ description
+ "Indicates minimum port number in the range that is
+ matched by the security group rule. Defaults to 0.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ leaf port-range-max {
+ must ". >= ../port-range-min";
+ type uint16;
+ default "65535";
+ description
+ "Indicates maximum port number in the range that is
+ matched by the security group rule. Defaults to 65535.";
+ reference
+ "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
+ information element.";
+ }
+
+ description
+ "Defines security group rules to be used by the VNF.";
+ reference
+ "GS NFV IFA011: Section 7.1.2, VNFD information element.";
+ }
}
}
diff --git a/src/yang/etsi-nfv-pnf.yang b/src/yang/etsi-nfv-pnf.yang
index 1bfad35ef488ebf8b45ed1a91740501bb7ce3aa9..69450eefe4d02aad851f72f57894cf43a00c056e 100644
--- a/src/yang/etsi-nfv-pnf.yang
+++ b/src/yang/etsi-nfv-pnf.yang
@@ -111,6 +111,7 @@ submodule etsi-nfv-pnf {
reference
"GS NFV-IFA014: Section 6.6.2, Pnfd information element";
}
+ uses security-group-rule;
}
}
}
diff --git a/src/yang/etsi-nfv-vnf.yang b/src/yang/etsi-nfv-vnf.yang
index 5432ac5084e5bcf64017cd5f2b3cde0d54fb92ba..6e2ef3be1076b42d652285d23d89a18fd5f9abef 100755
--- a/src/yang/etsi-nfv-vnf.yang
+++ b/src/yang/etsi-nfv-vnf.yang
@@ -281,18 +281,7 @@ submodule etsi-nfv-vnf {
"GS NFV IFA011: Section 7.1.6.4, VduCpd information
element.";
}
-
uses cpd;
- leaf security-group-rule-id {
- type leafref {
- path "../../../security-group-rule/id";
- }
- description
- "Reference of the security group rules bound to this
- CPD.";
- reference
- "GS NFV IFA011: Section 7.1.6.3 Cpd information element";
- }
}
leaf virtual-compute-desc {
type leafref {
@@ -1102,102 +1091,7 @@ submodule etsi-nfv-vnf {
}
}
- list security-group-rule {
- key "id";
-
- leaf id {
- type string;
- description
- "Identifier of this SecurityGroupRule information
- element.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf description {
- type string;
- description
- "Human readable description of the security group rule.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf direction {
- type enumeration {
- enum ingress;
- enum egress;
- }
- default "ingress";
- description
- "The direction in which the security group rule is applied.
- Permitted values: INGRESS, EGRESS. Defaults to INGRESS.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf ether-type {
- type enumeration {
- enum ipv4;
- enum ipv6;
- }
- default "ipv4";
- description
- "Indicates the protocol carried over the Ethernet layer.
- Permitted values: IPV4, IPV6. Defaults to IPV4.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf protocol {
- type enumeration {
- enum tcp;
- enum udp;
- enum icmp;
- }
- default "tcp";
- description
- "Indicates the protocol carried over the IP layer.
- Permitted values: any protocol defined in the IANA
- protocol registry, e.g. TCP, UDP, ICMP, etc. Defaults
- to TCP.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf port-range-min {
- must ". <= ../port-range-max";
- type uint16;
- default "0";
- description
- "Indicates minimum port number in the range that is
- matched by the security group rule. Defaults to 0.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- leaf port-range-max {
- must ". >= ../port-range-min";
- type uint16;
- default "65535";
- description
- "Indicates maximum port number in the range that is
- matched by the security group rule. Defaults to 65535.";
- reference
- "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule
- information element.";
- }
-
- description
- "Defines security group rules to be used by the VNF.";
- reference
- "GS NFV IFA011: Section 7.1.2, VNFD information element.";
- }
+ uses security-group-rule;
list ext-cpd {
key "id";
@@ -1233,17 +1127,6 @@ submodule etsi-nfv-vnf {
}
uses virtual-network-interface-requirements;
uses cpd;
-
- leaf security-group-rule-id {
- type leafref {
- path "../../security-group-rule/id";
- }
- description
- "Reference of the security group rules bound to this
- CPD.";
- reference
- "GS NFV IFA011: Section 7.1.6.3 Cpd information element";
- }
}
list df {