Documentation
¶
Overview ¶
This module contains a collection of YANG definitions for ZBFW operational data. Copyright (c) 2018 by Cisco Systems, Inc. All rights reserved.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FwOperData ¶
type FwOperData struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
// Firewall Drop Statistcis.
FwDropStats FwOperData_FwDropStats
// Firewall Zonepair list entries. The type is slice of
// FwOperData_FwZonepairEntries.
FwZonepairEntries []*FwOperData_FwZonepairEntries
}
FwOperData Operational state of ZBFW
func (*FwOperData) GetEntityData ¶
func (fwOperData *FwOperData) GetEntityData() *types.CommonEntityData
type FwOperData_FwDropStats ¶
type FwOperData_FwDropStats struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YPresence bool
// Total packet drops seen since bringup. The type is interface{} with range:
// 0..18446744073709551615.
CatchAll interface{}
// Packet drops due to maximum L4 half-open sessions reached. The type is
// interface{} with range: 0..18446744073709551615.
L4MaxHalfsession interface{}
// Packet drops due to exceeding the maximum number of inspectable packets
// allowed per flow. The type is interface{} with range:
// 0..18446744073709551615.
L4TooManyPkts interface{}
// Packet drops for session initiators after exceeding maximum session limit.
// The type is interface{} with range: 0..18446744073709551615.
L4SessionLimit interface{}
// Packet drops due to invalid header/packet length. The type is interface{}
// with range: 0..18446744073709551615.
L4InvalidHdr interface{}
// Packet drops due to a failure in determining direction. The type is
// interface{} with range: 0..18446744073709551615.
L4InternalErrUndefinedDir interface{}
// Packet drops due to session in internal close state. The type is
// interface{} with range: 0..18446744073709551615.
L4ScbClose interface{}
// Packet drops due to invalid TCP ACK flags. The type is interface{} with
// range: 0..18446744073709551615.
L4TcpInvalidAckFlag interface{}
// Packet drops due to invalid ACK number. The type is interface{} with range:
// 0..18446744073709551615.
L4TcpInvalidAckNum interface{}
// Packet drops due to non-SYN packets received without valid session. The
// type is interface{} with range: 0..18446744073709551615.
L4TcpInvalidTcpInitiator interface{}
// Packet drops due to SYN packets having data. The type is interface{} with
// range: 0..18446744073709551615.
L4TcpSynWithData interface{}
// Packet drops due to invalid TCP window scale option. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpInvalidWinScaleOption interface{}
// Packet drops due to invalid packets received in SYNSENT state. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpInvalidSegSynsentState interface{}
// Packet drops due to invalid packets received in SYNRCVD state. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpInvalidSegSynrcvdState interface{}
// Packet drops due to packets being too old/out of window. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpInvalidSegPktTooOld interface{}
// Packet drops due to receiver window overflow (except when vTCP is enabled).
// The type is interface{} with range: 0..18446744073709551615.
L4TcpInvalidSegPktWinOverflow interface{}
// Packet drops due to payload received after FIN is sent. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpInvalidSegPyldAfterFinSend interface{}
// Packet drops due to invalid/unexpected TCP flags. The type is interface{}
// with range: 0..18446744073709551615.
L4TcpInvalidFlags interface{}
// Packet drops due to invalid sequence number. The type is interface{} with
// range: 0..18446744073709551615.
L4TcpInvalidSeq interface{}
// Packet drops due to invalid flags in TCP retransmitted packet. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpRetransInvalidFlags interface{}
// Packet drops due to L7 not accepting out-of-order TCP segments. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpL7OooSeg interface{}
// Packet drops during SYN flood attack. The type is interface{} with range:
// 0..18446744073709551615.
L4TcpSynFloodDrop interface{}
// Packet drops due to failure of hostdb allocation during a SYN flood attack.
// The type is interface{} with range: 0..18446744073709551615.
L4TcpInternalErrSynfloodAllocHostdbFail interface{}
// Packet drops due to blackout drop time when exceeding configured half-open
// connections. The type is interface{} with range: 0..18446744073709551615.
L4TcpSynfloodBlackoutDrop interface{}
// Packet drops due to receiving TCP packet with payload when a response is
// expected for SYN. The type is interface{} with range:
// 0..18446744073709551615.
L4TcpUnexpectTcpPayload interface{}
// Packet drops due to receiving SYN in an established connection. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpSynInWin interface{}
// Packet drops due to receiving RST in an established connection. The type is
// interface{} with range: 0..18446744073709551615.
L4TcpRstInWin interface{}
// Packet drops due to unexpected/stray TCP segments. The type is interface{}
// with range: 0..18446744073709551615.
L4TcpStraySeg interface{}
// RST sent to responder in SYNSENT state when ACK sequence is invalid. The
// type is interface{} with range: 0..18446744073709551615.
L4TcpRstToResp interface{}
// Packet drops when policy exists in zone-pair but PAM lookup fails. The type
// is interface{} with range: 0..18446744073709551615.
InspPamLookupFail interface{}
// Packet drops due to failure to get statistics block. The type is
// interface{} with range: 0..18446744073709551615.
InspInternalErrGetStatBlkFail interface{}
// Packet drops due to destination address lookup failure. The type is
// interface{} with range: 0..18446744073709551615.
InspDstaddrLookupFail interface{}
// Packet drops due to inspection policy not present in zone-pair. The type is
// interface{} with range: 0..18446744073709551615.
InspPolicyNotPresent interface{}
// Packet drops due to session lookup failure and no matching policy present.
// The type is interface{} with range: 0..18446744073709551615.
InspSessMissPolicyNotPresent interface{}
// Packet drops due to protocol classification failure. The type is
// interface{} with range: 0..18446744073709551615.
InspClassificationFail interface{}
// Packet drops due to a drop classification action. The type is interface{}
// with range: 0..18446744073709551615.
InspClassActionDrop interface{}
// Packet drops due to failed classification because of misconfigured security
// policy. The type is interface{} with range: 0..18446744073709551615.
InspPolicyMisconfigure interface{}
// Packet drops after exceeding the maximum number of ICMP error packets
// allowed per flow. The type is interface{} with range:
// 0..18446744073709551615.
L4IcmpTooManyErrPkts interface{}
// Packet drops when ICMP is NATed without internal NAT info. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpInternalErrNoNat interface{}
// Packet drops when ICMP failed to get error packets. The type is interface{}
// with range: 0..18446744073709551615.
L4IcmpInternalErrAllocFail interface{}
// Packet drops due to a failure to get statistics block. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpInternalErrGetStatBlkFail interface{}
// Packet drops due to unidentified ICMP packet direction. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpInternalErrDirNotIdentified interface{}
// Packet drops due to receiving ICMP packets when session is in internal
// close state. The type is interface{} with range: 0..18446744073709551615.
L4IcmpScbClose interface{}
// Packet drops due to missing IP header in ICMP packets. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpPktNoIpHdr interface{}
// Packet drops due to ICMP error where packets are too short. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpPktTooShort interface{}
// Packet drops due to packets not identified as IP or ICMP. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpErrNoIpNoIcmp interface{}
// Packet drops due to ICMP error where packet bursts exceed a limit of 10.
// The type is interface{} with range: 0..18446744073709551615.
L4IcmpErrPktsBurst interface{}
// Packet drops due to receiving multiple unreachable packets; only 1 is
// allowed. The type is interface{} with range: 0..18446744073709551615.
L4IcmpErrMultipleUnreach interface{}
// Packet drops when inner TCP sequence number of packet doesn't match that of
// packet originating the ICMP error. The type is interface{} with range:
// 0..18446744073709551615.
L4IcmpErrL4InvalidSeq interface{}
// Packet drops due to inner TCP header invalid ACK. The type is interface{}
// with range: 0..18446744073709551615.
L4IcmpErrL4InvalidAck interface{}
// Packet drops due to missing policy on zone-pair for ICMP. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpErrPolicyNotPresent interface{}
// Packet drops due to a miss when doing reverse path flow check. The type is
// interface{} with range: 0..18446744073709551615.
L4IcmpErrClassificationFail interface{}
// destinations per zone. The type is interface{} with range:
// 0..18446744073709551615.
SyncookieMaxDst interface{}
// destination table. The type is interface{} with range:
// 0..18446744073709551615.
SyncookieInternalErrAllocFail interface{}
// range: 0..18446744073709551615.
SyncookieTrigger interface{}
// Packet drops due to dropping fragmented packet when first fragment drops.
// The type is interface{} with range: 0..18446744073709551615.
PolicyFragmentDrop interface{}
// Packet drops when policy action is drop. The type is interface{} with
// range: 0..18446744073709551615.
PolicyActionDrop interface{}
// Packet drops when policy action for the ICMP packet is to drop. The type is
// interface{} with range: 0..18446744073709551615.
PolicyIcmpActionDrop interface{}
// Packet drops when L7 inspection returns drop as the action. The type is
// interface{} with range: 0..18446744073709551615.
L7TypeDrop interface{}
// Packet drops due to receiving segmented packets when ALG doesn't honor
// them. The type is interface{} with range: 0..18446744073709551615.
L7NoSeg interface{}
// Packet drops due to receiving fragmented packets when ALG doesn't honor
// them. The type is interface{} with range: 0..18446744073709551615.
L7NoFrag interface{}
// Packet drops due to unrecognized L7 protocol type. The type is interface{}
// with range: 0..18446744073709551615.
L7UnknownProto interface{}
// Packet drops due to L7 (ALG) deciding to drop the packet. The type is
// interface{} with range: 0..18446744073709551615.
L7AlgRetDrop interface{}
// Packet drops due to L7 sub-channel promotion failure due to no zone pair
// configured for the sub-channel. The type is interface{} with range:
// 0..18446744073709551615.
L7PromoteFailNoZonePair interface{}
// Packet drops due to L7 sub-channel promotion failure due to no policy
// configured for the sub-channel. The type is interface{} with range:
// 0..18446744073709551615.
L7PromoteFailNoPolicy interface{}
// Packet drops due to session creation failure. The type is interface{} with
// range: 0..18446744073709551615.
NoSession interface{}
// Packet drops due to internal state not allowing new session creation. The
// type is interface{} with range: 0..18446744073709551615.
NoNewSession interface{}
// Packet drops due to receiving a non-initiator packet for a session. The
// type is interface{} with range: 0..18446744073709551615.
NotInitiator interface{}
// Packet drops due to a zone not configured for interface. The type is
// interface{} with range: 0..18446744073709551615.
InvalidZone interface{}
// Packet drops due to asymmetric routing not configured and box not in active
// state. The type is interface{} with range: 0..18446744073709551615.
HaArStandby interface{}
// Packet drops when Firewall is uninitialized. The type is interface{} with
// range: 0..18446744073709551615.
NoForwardingZone interface{}
// Packet drops due to backpressure by log mechanism. The type is interface{}
// with range: 0..18446744073709551615.
Backpressure interface{}
// Packet drops due to zone mismatch. The type is interface{} with range:
// 0..18446744073709551615.
ZoneMismatch interface{}
// Packet drops due to a failure to register flow with flow database. The type
// is interface{} with range: 0..18446744073709551615.
FdbErr interface{}
// Packet drops due to LISP header restoration failure. The type is
// interface{} with range: 0..18446744073709551615.
LispHeaderRestoreFail interface{}
// Packet drops due to LISP inner packet sanity check failure. The type is
// interface{} with range: 0..18446744073709551615.
LispInnerPktInsane interface{}
// Packet drops due to LISP inner packet IPV4 sanity check failure. The type
// is interface{} with range: 0..18446744073709551615.
LispInnerIpv4Insane interface{}
// Packet drops due to LISP inner packet IPV6 sanity check failure. The type
// is interface{} with range: 0..18446744073709551615.
LispInnerIpv6Insane interface{}
}
FwOperData_FwDropStats Firewall Drop Statistcis This type is a presence type.
func (*FwOperData_FwDropStats) GetEntityData ¶
func (fwDropStats *FwOperData_FwDropStats) GetEntityData() *types.CommonEntityData
type FwOperData_FwZonepairEntries ¶
type FwOperData_FwZonepairEntries struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. Name of the zone pair. The type is string.
ZonepairName interface{}
// Name of the source zone. The type is string.
SrcZoneName interface{}
// Name of the destination zone. The type is string.
DstZoneName interface{}
// Name of the policy applied for this zone pair. The type is string.
PolicyName interface{}
// Firewall Traffic class list entries. The type is slice of
// FwOperData_FwZonepairEntries_FwTrafficClassEntry.
FwTrafficClassEntry []*FwOperData_FwZonepairEntries_FwTrafficClassEntry
}
FwOperData_FwZonepairEntries Firewall Zonepair list entries
func (*FwOperData_FwZonepairEntries) GetEntityData ¶
func (fwZonepairEntries *FwOperData_FwZonepairEntries) GetEntityData() *types.CommonEntityData
type FwOperData_FwZonepairEntries_FwTrafficClassEntry ¶
type FwOperData_FwZonepairEntries_FwTrafficClassEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. Name of the traffic class. The type is string.
ClassName interface{}
// Zonepair name. The type is string.
ZonepairName interface{}
// Action for the traffic class. The type is string.
ClassAction interface{}
// Total Packets. The type is interface{} with range: 0..18446744073709551615.
PktsCounter interface{}
// Total bytes. The type is interface{} with range: 0..18446744073709551615.
BytesCounter interface{}
// Total number for the attempted connections matching this traffic class. The
// type is interface{} with range: 0..18446744073709551615.
AttemptedConn interface{}
// Current number of active connections matching this traffic class. The type
// is interface{} with range: 0..18446744073709551615.
CurrentActiveConn interface{}
// Maximum number of active connections seen for this traffic class. The type
// is interface{} with range: 0..18446744073709551615.
MaxActiveConn interface{}
// Current number of half-open connections seen for this traffic class. The
// type is interface{} with range: 0..18446744073709551615.
CurrentHalfopenConn interface{}
// Maximum number of half-open connections seen for this traffic class. The
// type is interface{} with range: 0..18446744073709551615.
MaxHalfopenConn interface{}
// Current number of terminating connections seen for this traffic class. The
// type is interface{} with range: 0..18446744073709551615.
CurrentTerminatingConn interface{}
// Maximum number of terminating connections seen for this traffic class. The
// type is interface{} with range: 0..18446744073709551615.
MaxTerminatingConn interface{}
// Seconds since last session creation. The type is interface{} with range:
// 0..18446744073709551615.
TimeSinceLastSessionCreate interface{}
// List of match conditions. The type is slice of
// FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry.
FwTcMatchEntry []*FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry
// Firewall Traffic class protocol list entries. The type is slice of
// FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry.
FwTcProtoEntry []*FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry
}
FwOperData_FwZonepairEntries_FwTrafficClassEntry Firewall Traffic class list entries
func (*FwOperData_FwZonepairEntries_FwTrafficClassEntry) GetEntityData ¶
func (fwTrafficClassEntry *FwOperData_FwZonepairEntries_FwTrafficClassEntry) GetEntityData() *types.CommonEntityData
type FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry ¶
type FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. Match Name. The type is string.
MatchName interface{}
// This attribute is a key. Match Type Identifier. The type is interface{}
// with range: 0..255.
MatchTypeId interface{}
// Match Type. The type is string.
MatchType interface{}
}
FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry List of match conditions
func (*FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry) GetEntityData ¶
func (fwTcMatchEntry *FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcMatchEntry) GetEntityData() *types.CommonEntityData
type FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry ¶
type FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry struct {
EntityData types.CommonEntityData
YFilter yfilter.YFilter
YListKey string
// This attribute is a key. Protocol ID. The type is interface{} with range:
// 0..65535.
ProtoId interface{}
// Protocol Name. The type is string.
ProtocolName interface{}
// Number of bytes matching this protocol. The type is interface{} with range:
// 0..18446744073709551615.
ByteCounters interface{}
// Number of packets matching this protocol. The type is interface{} with
// range: 0..18446744073709551615.
PktCounters interface{}
}
FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry Firewall Traffic class protocol list entries
func (*FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry) GetEntityData ¶
func (fwTcProtoEntry *FwOperData_FwZonepairEntries_FwTrafficClassEntry_FwTcProtoEntry) GetEntityData() *types.CommonEntityData
Source Files
Click to show internal directories.
Click to hide internal directories.