No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NETCONF YANG API Reference

AR100, AR120, AR160, AR1200, AR2200, AR3200, and AR3600 V300R003

NETCONF YANG API Reference
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
User-defined Application

User-defined Application

Data Model

The data model file matching the user-defined application is huawei-application.yang.

Table 3-2030 User-defined application

Object

Description

application-config

Indicates that the file is used to obtain the configuration of an application. It does not have any data meaning.

application-config/user-defined-application

Indicates user-defined application information. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys

Indicates vsys information. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys/name

Indicates the vsys name. The value is a string of 1 to 32 characters.

application-config/user-defined-application/vsys/applications

Indicates all user-defined application information of a vsys. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys/applications/application

Indicates one piece of user-defined application information. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys/applications/application/name

Indicates the user-defined application name. The value is a string of case-sensitive characters, and must start with UD_. When the name does not contain spaces, the value is a string of 4 to 32 characters. When the name contains spaces, the value is a string of 6 to 34 characters, and you need to put the string in double quotation marks (""), for example, "user for test."

application-config/user-defined-application/vsys/applications/application/label

Indicates the label name of a user-defined application. A maximum of eight label names can be configured, and the label name must be obtained from the SA signature file.

application-config/user-defined-application/vsys/applications/application/data-model

Indicates the data model of a user-defined application. The value must be obtained from the SA signature file.

application-config/user-defined-application/vsys/applications/application/category

Indicates the category name of a user-defined application. The value must be obtained from the SA signature file.

application-config/user-defined-application/vsys/applications/application/subcategory

Indicates the sub-category name of a user-defined application. The value must be obtained from the SA signature file. An application can belong to only one sub-category, a subcategory can belong to only one category.

application-config/user-defined-application/vsys/applications/application/description

Indicates the description of a user-defined application. The value is a string of 1 to 128 case-sensitive characters with spaces.

application-config/user-defined-application/vsys/applications/application/rule

Indicates user-defined application rule information. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys/applications/application/rule/name

Indicates the name of a user-defined application rule. The value is a string of case-sensitive characters. When the name does not contain spaces, the value is a string of 1 to 32 characters. When the name contains spaces, the value is a string of 3 to 34 characters, and you need to put the string in double quotation marks (""), for example, "user for test."

The name does not contain question mark (? ), commas (,), or hyphens (-). When the name does not contain spaces, the value cannot contain double quotation marks (""). The name cannot be any or all.

application-config/user-defined-application/vsys/applications/application/rule/protocol

Indicates protocol information about a user-defined application rule. The value is TCP or UDP.

application-config/user-defined-application/vsys/applications/application/rule/signature

Indicates signature information about a user-defined application rule. It is only used to contain sub-objects, but does not have any data meaning.

application-config/user-defined-application/vsys/applications/application/rule/signature/mode

Indicates the signature matching mode of a user-defined application rule. The value is flow or packet.

The value flow indicates the flow-based signature mode and the value packet indicates the packet-based signature mode.

application-config/user-defined-application/vsys/applications/application/rule/signature/direction

Indicates the signature detection direction of a user-defined application rule. The value is request, response, or both.

application-config/user-defined-application/vsys/applications/application/rule/signature/pattern-type

Indicates the signature type of a user-defined application rule. The value must be plain-string, that is, the value is a character string.

application-config/user-defined-application/vsys/applications/application/rule/signature/pattern

Indicates the signature string of a user-defined application rule. The value is a string of 3 to 128 case-sensitive characters. When the value contains spaces and question marks (?), you must put the string in double quotation marks (""), for example, "GET w?". In this case, the value contains 5 to 130 characters. When the keyword contains double quotation marks, the double quotation marks need to be converted into \x22. For example, the common character string abc"d is converted into abc\x22d.

application-config/user-defined-application/vsys/applications/application/rule/signature/field

Indicates the signature field of a user-defined application rule. When the protocol is TCP or UDP, only the General-payload field can be queried.

application-config/user-defined-application/vsys/applications/application/rule/ip-address

Indicates the destination IP address of a user-defined application rule. The mask of the IPv4 address is supported.

application-config/user-defined-application/vsys/applications/application/rule/port

Indicates the destination port of a user-defined application rule. The value is an integer that ranges from 1 to 65535.

application-config/user-defined-application/vsys/applications/application/rule/description

Indicates the description of a user-defined application rule. The value is a string of 1 to 128 case-sensitive characters with spaces.

Creating a User-defined Application

This section provides a sample of creating a user-defined application.

Table 3-2031 Creating a user-defined application

Operation

XPATH

edit-config: default

huawei-application:application-config

NOTE:

After a user-defined application is modified, the configuration does not take effect immediately. You need to execute configuration compilation to activate the configuration. Because the activation operation is valid for all security features, so it takes a long time to activate the configuration. You are advised to submit the configuration after completing configurations of all security features.

Data Requirements
Table 3-2032 Enabling SA statistics on an interface

Item

Data

Description

Name of a virtual system

public

Create a user-defined application named UD_test in the virtual system public. The description is "this is UD_test", the label is Bandwidth-Consuming and HTTP-Based, the data model is networking, the category is Business_Systems, and the sub-category is DataBase. Create a user-defined application rule named rule1 for the user-defined application UD_test. The protocol is TCP, the flow-based matching mode is used, the signature detection direction is both, the signature detection type is a character string, the detection character string is huaweitest, the signature field is General-payload, the destination IP address is 1.1.1.2/32, the destination port number is 5600, and the description is "this is huaweitest".

Name of a user-defined application

UD_test

Description of a user-defined application

this is UD_test

Label

Bandwidth-Consuming

Label

HTTP-Based

Data model

networking

Category name of a user-defined application

Business_Systems

Sub-category name of a user-defined application

DataBase

Name of a user-defined application rule

rule1

Protocol of a user-defined application rule

tcp

Signature matching mode of a user-defined application rule

flow

Signature detection direction of a user-defined application rule

both

Signature type of a user-defined application rule

plain-string

Signature string of a user-defined application rule

huaweitest

Signature field of a user-defined application rule

general-payload

Destination IP address of a user-defined application rule

1.1.1.2/32

Destination port of a user-defined application rule

5600

Description of a user-defined application rule

this is huaweitest

Request Example
<rpc message-id="1013" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">  
 <edit-config>  
  <target>  
   <running/>  
  </target>  
  <error-option>rollback-on-error</error-option>  
  <config>  
   <application-config xmlns="urn:huawei:params:xml:ns:yang:huawei-application" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">  
    <user-defined-application>  
     <vsys>  
      <name>public</name>  
      <applications>  
       <application>  
        <name>UD_test</name>  
        <description>this is UD_test</description>  
        <label>Bandwidth-Consuming</label>  
        <label>HTTP-Based</label>  
        <data-model>networking</data-model>  
        <category>Business_Systems</category>  
        <subcategory>DataBase</subcategory>  
        <rule>  
         <name>rule1</name>  
         <protocol>tcp</protocol>  
         <signature>  
          <mode>flow</mode>  
          <direction>both</direction>  
          <pattern-type>plain-string</pattern-type>  
          <pattern>huaweitest</pattern>  
          <field>general-payload</field>  
         </signature>  
         <ip-address>1.1.1.2/32</ip-address>  
         <port>5600</port>  
         <description>this is huaweitest</description>  
        </rule>  
       </application>  
      </applications>  
     </vsys>  
    </user-defined-application>  
   </application-config>  
  </config>  
 </edit-config>  
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1013"> 
  <ok/> 
</rpc-reply> 

Modifying a User-defined Application

This section provides a sample of modifying a user-defined application.

Table 3-2033 Modifying a user-defined application

Operation

XPATH

edit-config: remove

huawei-application:application-config

NOTE:

After a user-defined application is modified, the configuration does not take effect immediately. You need to execute configuration compilation to activate the configuration. Because the activation operation is valid for all security features, so it takes a long time to activate the configuration. You are advised to submit the configuration after completing configurations of all security features.

Data Requirements
Table 3-2034 Modifying a user-defined application

Item

Data

Description

Name of a virtual system

public

Change the signature mode of rule1 of UD_test from flow to packet.

Name of a user-defined application

UD_test

Description of a user-defined application

this is UD_test

Label

Bandwidth-Consuming

Label

HTTP-Based

Data model

networking

Category name of a user-defined application

Business_Systems

Sub-category name of a user-defined application

DataBase

Name of a user-defined application rule

rule1

Protocol of a user-defined application rule

tcp

Signature matching mode of a user-defined application rule

packet

Signature detection direction of a user-defined application rule

both

Signature type of a user-defined application rule

plain-string

Signature string of a user-defined application rule

huaweitest

Signature field of a user-defined application rule

general-payload

Destination IP address of a user-defined application rule

1.1.1.2/32

Destination port of a user-defined application rule

5600

Description of a user-defined application rule

this is huaweitest

Request Example
<rpc message-id="1013" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">  
 <edit-config>  
  <target>  
   <running/>  
  </target>  
  <error-option>rollback-on-error</error-option>  
  <config>  
   <application-config xmlns="urn:huawei:params:xml:ns:yang:huawei-application" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">  
    <user-defined-application>  
     <vsys>  
      <name>public</name>  
      <applications>  
       <application>  
        <name>UD_test</name>  
        <description>this is UD_test</description>  
        <label>Bandwidth-Consuming</label>  
        <label>HTTP-Based</label>  
        <data-model>networking</data-model>  
        <category>Business_Systems</category>  
        <subcategory>DataBase</subcategory>  
        <rule>  
         <name>rule1</name>  
         <protocol>tcp</protocol>  
         <signature>  
          <mode>packet</mode>  
          <direction>both</direction>  
          <pattern-type>plain-string</pattern-type>  
          <pattern>huaweitest</pattern>  
          <field>general-payload</field>  
         </signature>  
         <ip-address>1.1.1.2/32</ip-address>  
         <port>5600</port>  
         <description>this is huaweitest</description>  
        </rule>  
       </application>  
      </applications>  
     </vsys>  
    </user-defined-application>  
   </application-config>  
  </config>  
 </edit-config>  
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1013"> 
  <ok/> 
</rpc-reply> 

Deleting a User-defined Application

This section provides a sample of deleting a user-defined application.

Table 3-2035 Deleting a user-defined application

Operation

XPATH

edit-config: delete

huawei-application:application-config

NOTE:

After a user-defined application is deleted, the configuration does not take effect immediately. You need to execute configuration compilation to activate the configuration. Because the activation operation is valid for all security features, so it takes a long time to activate the configuration. You are advised to submit the configuration after completing configurations of all security features.

Data Requirements
Table 3-2036 Deleting a user-defined application

Item

Data

Description

Name of a virtual system

public

Delete the user-defined application UD_test from the virtual system public.

Name of a user-defined application

UD_test

Request Example
<rpc message-id="1013" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">  
 <edit-config>  
  <target>  
   <running/>  
  </target>  
  <error-option>rollback-on-error</error-option>  
  <config>  
   <application-config xmlns:nc='urn:ietf:params:xml:ns:netconf:base:1.0' xmlns='urn:huawei:params:xml:ns:yang:huawei-application'>  
    <user-defined-application>  
     <vsys>  
      <name>public</name>  
      <applications>  
       <application nc:operation="delete">  
        <name>UD_test</name>  
       </application>  
      </applications>  
     </vsys>  
    </user-defined-application>  
   </application-config>
  </config>  
 </edit-config>  
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1013"> 
  <ok/> 
</rpc-reply> 
Translation
Download
Updated: 2019-03-06

Document ID: EDOC1100022096

Views: 8232

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next