From 9761804ddef45b3a981c1148ff8165688aafb5a0 Mon Sep 17 00:00:00 2001 From: sever-sever Date: Mon, 15 Feb 2021 11:26:14 +0000 Subject: conf-mode: T2425: Add XML for policy-lists --- .../include/policy-list-action.xml.i | 21 + .../include/policy-list-description.xml.i | 11 + .../include/policy-list-rule-description.xml.i | 11 + interface-definitions/policy-lists.xml.in | 1266 ++++++++++++++++++++ 4 files changed, 1309 insertions(+) create mode 100644 interface-definitions/include/policy-list-action.xml.i create mode 100644 interface-definitions/include/policy-list-description.xml.i create mode 100644 interface-definitions/include/policy-list-rule-description.xml.i create mode 100644 interface-definitions/policy-lists.xml.in (limited to 'interface-definitions') diff --git a/interface-definitions/include/policy-list-action.xml.i b/interface-definitions/include/policy-list-action.xml.i new file mode 100644 index 000000000..fddbd5a98 --- /dev/null +++ b/interface-definitions/include/policy-list-action.xml.i @@ -0,0 +1,21 @@ + + + + Action to take on entries matching this rule [REQUIRED] + + permit deny + + + permit + Permit matching entries + + + deny + Deny matching entries + + + ^(permit|deny)$ + + + + diff --git a/interface-definitions/include/policy-list-description.xml.i b/interface-definitions/include/policy-list-description.xml.i new file mode 100644 index 000000000..a50278729 --- /dev/null +++ b/interface-definitions/include/policy-list-description.xml.i @@ -0,0 +1,11 @@ + + + + Description for this policy + + txt + Description for this policy + + + + diff --git a/interface-definitions/include/policy-list-rule-description.xml.i b/interface-definitions/include/policy-list-rule-description.xml.i new file mode 100644 index 000000000..e22fb7c28 --- /dev/null +++ b/interface-definitions/include/policy-list-rule-description.xml.i @@ -0,0 +1,11 @@ + + + + Description for this rule + + txt + Description for this rule + + + + diff --git a/interface-definitions/policy-lists.xml.in b/interface-definitions/policy-lists.xml.in new file mode 100644 index 000000000..0fece6594 --- /dev/null +++ b/interface-definitions/policy-lists.xml.in @@ -0,0 +1,1266 @@ + + + + + + Routing policy + + + + + IP access-list filter + + u32:1-99 + IP standard access list + + + u32:100-199 + IP extended access list + + + u32:1300-1999 + IP standard access list (expanded range) + + + u32:2000-2699 + IP extended access list (expanded range) + + + + #include + + + Rule for this access-list + + u32:1-65535 + Access-list rule number + + + + + + + #include + #include + + + Destination network or address + + + + + Any IP address to match + + + + + + Single host IP address to match + + ipv4 + Host address to match + + + + + + + + + Network/netmask to match (requires network be defined) + + ipv4 + Inverse-mask to match + + + + + + + + + Network/netmask to match (requires inverse-mask be defined) + + ipv4net + Inverse-mask to match + + + + + + + + + + + Source network or address to match + + + + + Any IP address to match + + + + + + Single host IP address to match + + ipv4 + Host address to match + + + + + + + + + Network/netmask to match (requires network be defined) + + ipv4 + Inverse-mask to match + + + + + + + + + Network/netmask to match (requires inverse-mask be defined) + + ipv4net + Inverse-mask to match + + + + + + + + + + + + + + + + IPv6 access-list filter + + txt + Name of IPv6 access-list + + + + #include + + + Rule for this access-list6 + + u32:1-65535 + Access-list6 rule number + + + + + + + #include + #include + + + Source IPv6 network to match + + + + + Any IP address to match + + + + + + Exact match of the network prefixes + + + + + + Network/netmask to match + + ipv6net + IPv6 address and prefix length + + + + + + + + + + + + + + + + Border Gateway Protocol (BGP) autonomous system path filter + + txt + AS path list name + + + + #include + + + Rule for this as-path-list + + u32:1-65535 + AS path list rule number + + + + + + + #include + #include + + + Regular expression to match against an AS path + + <asn> + AS path regular expression (ex: "64501 64502") + + + + + + + + + + + Border Gateway Protocol (BGP) autonomous system path filter + + txt + Border Gateway Protocol (BGP) community-list filter + + + + #include + + + Rule for this BGP community list + + u32:1-65535 + Community-list rule number + + + + + + + #include + #include + + + Regular expression to match against a community list + + <aa:nn> + Community list regular expression or one of: internet, local-AS, no-advertise, no-export + + + + + + + + + + + Border Gateway Protocol (BGP) extended community-list filter + + txt + Border Gateway Protocol (BGP) extended community-list filter + + + + #include + + + Rule for this BGP extended community list + + u32:1-65535 + Extended community-list rule number + + + + + + + #include + #include + + + Regular expression to match against an extended community list + + <aa:nn:nn> + Extended community list regular expression + + + <rt aa:nn:nn> + Extended community list regular expression + + + <soo aa:nn> + Extended community list regular expression + + + + + + + + + + + Border Gateway Protocol (BGP) large-community-list filter + + txt + Border Gateway Protocol (BGP) large-community-list filter + + + + #include + + + Rule for this BGP extended community list + + u32:1-65535 + Large community-list rule number + + + + + + + #include + #include + + + Regular expression to match against a large community list + + <aa:nn:nn> + Large community list regular expression + + + + + + + + + + + IP prefix-list filter + + txt + Prefix list name + + + + #include + + + Rule for this prefix-list + + u32:1-65535 + Prefix-list rule number + + + + + + + #include + #include + + + Prefix length to match a netmask greater than or equal to it + + u32:0-32 + Netmask greater than length + + + + + + + + + Prefix length to match a netmask less than or equal to it + + u32:0-32 + Netmask less than length + + + + + + + + + Prefix to match + + ipv4net + Prefix to match against + + + + + + + + + + + + + + IPv6 prefix-list filter + + txt + Prefix list name + + + + #include + + + Rule for this prefix-list6 + + u32:1-65535 + Prefix-list rule number + + + + + + + #include + #include + + + Prefix length to match a netmask greater than or equal to it + + u32:0-128 + Netmask greater than length + + + + + + + + + Prefix length to match a netmask less than or equal to it + + u32:0-128 + Netmask less than length + + + + + + + + + Prefix to match + + ipv6net + IPv6 prefix + + + + + + + + + + + + + + IP route-map + + txt + Route map name + + + + #include + + + Rule for this route-map + + u32:1-65535 + Route-map rule number + + + + + + + #include + + + Call another route-map on match + + txt + Route map name + + + policy route-map + + + + + + Jump to a different rule in this route-map on a match + + u32:1-65535 + Rule number + + + + #include + + + Route parameters to match + + + + + BGP as-path-list to match + + policy as-path-list + + + + + + BGP community-list to match + + + + + BGP community-list to match + + policy community-list + + + + + + Community-list to exactly match + + + + + + + + BGP extended community to match + + policy extcommunity-list + + + + + + First hop interface of a route to match + + + + + + + + IP prefix parameters to match + + + + + IP address of route to match + + + + + IP access-list to match + + u32:1-99 + IP standard access list + + + u32:100-199 + IP extended access list + + + u32:1300-1999 + IP standard access list (expanded range) + + + u32:2000-2699 + IP extended access list (expanded range) + + + + + + IP prefix-list to match + + policy prefix-list + + + + + + + + + IP next-hop of route to match + + ipv4 + Next-hop IPv4 router address + + + + + + IP access-list to match + + u32:1-99 + IP standard access list + + + u32:100-199 + IP extended access list + + + u32:1300-1999 + IP standard access list (expanded range) + + + u32:2000-2699 + IP extended access list (expanded range) + + + + + + IP prefix-list to match + + policy prefix-list + + + + + + + + test + + + + + IP access-list to match + + u32:1-99 + IP standard access list + + + u32:100-199 + IP extended access list + + + u32:1300-1999 + IP standard access list (expanded range) + + + u32:2000-2699 + IP extended access list (expanded range) + + + + + + IP prefix-list to match + + policy prefix-list + + + + + + + + + + IPv6 prefix parameters to match + + + + + IPv6 address of route to match + + + + + IPv6 access-list to match + + txt + IPV6 access list name + + + policy access-list6 + + + + + + IPv6 prefix-list to match + + policy prefix-list6 + + + + + + + + IPv6 next-hop of route to match + + ipv4 + Peer IP address + + + + + + + + + + + Match BGP large communities + + + + + BGP large-community-list to match + + policy large-community-list + + + + + + + + local-preference_help + + u32:0-4294967295 + Local Preference + + + + + + + + + Metric of route to match + + u32:1-65535 + Route metric + + + + + + + + + Border Gateway Protocol (BGP) origin code to match + + egp igp incomplete + + + egp + Exterior gateway protocol origin + + + igp + Interior gateway protocol origin + + + incomplete + Incomplete origin + + + ^(egp|igp|incomplete)$ + + + + + + Peer address to match + + ipv4 + Peer IP address + + + + + + + + + Match RPKI validation result + + invalid notfound valid + + + invalid + Match invalid entries + + + notfound + Match notfound entries + + + valid + Match valid entries + + + ^(invalid|notfound|valid)$ + + + + + + Route tag to match + + u32:1-65535 + Route tag + + + + + + + + + + + Exit policy on matches + + + + + Rule number to goto on match + + u32:1-65535 + Rule number + + + + + + + + + Next sequence number to goto on match + + + + + + + + Route parameters + + + + + Border Gateway Protocol (BGP) aggregator attribute + + + + + AS number of an aggregation + + u32:1-4294967295 + Rule number + + + + + + + + + IP address of an aggregation + + ipv4 + IP address + + + + + + + + + + + Remove ASN(s) from a Border Gateway Protocol (BGP) AS-path attribute + + txt + BGP AS path exclude string (ex: "456 64500 45001") + + + + + + as-path-prepend_help + + txt + BGP AS path prepend string (ex: "64501 64501") + + + + + + Border Gateway Protocol (BGP) atomic aggregate attribute + + + + + Set route target value + + <aa:nn> + ExtCommunity in format: asn:value + + + + + + Border Gateway Protocol (BGP) communities matching a community-list + + + + + BGP communities with a community-list + + txt + BGP communities with a community-list + + + + + + Delete BGP communities matching the community-list + + + + + + + + community_help + + local-AS no-advertise no-export internet additive none + + + <aa:nn> + Community in 4 octet AS:value format + + + local-AS + local-AS + + + no-advertise + no-advertise + + + no-export + no-export + + + internet + internet + + + additive + additive + + + none + none + + + + + + + Locally significant administrative distance + + u32:0-255 + Distance value + + + + + + + + + Set route target value + + txt + ASN:nn_or_IP_address:nn VPN extended community + + + + + + Set Site of Origin value + + txt + ASN:nn_or_IP_address:nn VPN extended community + + + + + + Nexthop IP address + + ipv4 + IP address + + + + + + + + + Nexthop IPv6 address + + + + + Nexthop IPv6 global address + + ipv6 + IPv6 address and prefix length + + + + + + + + + Nexthop IPv6 local address + + ipv6 + IPv6 address and prefix length + + + + + + + + + + + Set BGP large community value + + txt + ASN:nn:mm BGP large community + + + policy large-community-list + + + + + + Border Gateway Protocol (BGP) local preference attribute + + u32:0-4294967295 + Local preference value + + + + + + + + + Destination routing protocol metric + + <+/-metric> + Add or subtract metric + + + u32:0-4294967295 + Metric value + + + + + + + + + Open Shortest Path First (OSPF) external metric-type + + type-1 type-2 + + + type-1 + OSPF external type 1 metric + + + type-2 + OSPF external type 2 metric + + + ^(type-1|type-2)$ + + + + + + origin_help + + igp egp incomplete + + + igp + Interior gateway protocol origin + + + egp + Exterior gateway protocol origin + + + incomplete + Incomplete origin + + + ^(igp|egp|incomplete)$ + + + + + + Border Gateway Protocol (BGP) originator ID attribute + + ipv4 + Orignator IP address + + + + + + + + + Source address for route + + ipv4 + IPv4 address + + + ipv6 + IPv6 address + + + + + + + + + + Set prefixes to table + + u32:1-200 + Table value + + + + + + + + + Tag value for routing protocol + + u32:1-65535 + Tag value + + + + + + + + + Border Gateway Protocol (BGP) weight attribute + + u32:0-4294967295 + BGP weight + + + + + + + + + + + + + + + + -- cgit v1.2.3