No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NETCONF YANG API Reference

AR100, AR120, AR160, AR1200, AR2200, AR3200, and AR3600 V300R003

NETCONF YANG API Reference
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Signature Database Update

Signature Database Update

Data Models

The data model file name is huawei-signature-database-update.yang.

Table 3-1143 Configuration data model of the signature database update

Field

Description

signature-database-updates

Indicates that the file is used to operate update signature database. It contains only subnodes and has no data significance.

signature-database-updates/signature-database-update

Indicates configuration data of the signature database update.

signature-database-updates/signature-database-update/signature-database-type

Indicates type of the signature database update.

signature-database-updates/signature-database-update/apply-confirmation-enable

Indicates whether the signature database is automatically loaded for confirmation.

signature-database-updates/signature-database-update/schedule

Indicates the signature database update policy.

signature-database-updates/signature-database-update/schedule/enable

Indicates whether the signature database auto-upgrade feature is enabled.

signature-database-updates/signature-database-update/schedule/daily-time

Indicating the characteristics of the automatic timing of the database upgrade cycle for the day, the time of the implementation of the regular time to automatically upgrade

signature-database-updates/signature-database-update/schedule/weekday

Indicates that the signature database automatically updates the cycle for a weekly, weekly execution cycle.

signature-database-updates/signature-database-update/schedule/weekday-time

Indicates that the automatic update period of the signature database is automatically updated every few weeks of the week.

signature-database-updates/signature-database-update/schedule/minute

Indicates that the signature time is automatically upgraded for hours per hour, and the hourly hour of the hour is automatically updated.

signature-database-updates/update-server

Indicates the server data of update. It contains only subnodes and has no data significance.

signature-database-updates/update-server/address

Indicates the domain or address of server.

signature-database-updates/update-server/port

Indicates the port of server.

signature-database-updates/update-proxy-server

Indicates the proxy server data of update. It contains only subnodes and has no data significance.

signature-database-updates/update-proxy-server/enable

Indicates that the feature server is enabled or enabled to upgrade the proxy server function.

signature-database-updates/update-proxy-server/address

Indicates the domain or address of proxy server.

signature-database-updates/update-proxy-server/port

Indicates the port of proxy server.

signature-database-updates/update-proxy-server/username

Indicates the username of proxy server.

signature-database-updates/update-proxy-server/password

Indicates the password of proxy server.

signature-database-updates/update-source

Indicates that the device source address data of update. It contains only subnodes and has no data significance.

signature-database-updates/update-source/interface

Indicates the device interface.

signature-database-updates/update-source/ip

Indicates the device IP.

signature-database-updates/update-source/vpn-instance

Indicates the device vpn-instance.

Table 3-1144 State data model of the signature database update

Field

Description

signature-database-update-state

Indicates that the status of update signature database. It contains only subnodes and has no data significance.

signature-database-update-state/result

Indicates the last update result. It contains only subnodes and has no data significance.

signature-database-update-state/result/signature-database-type

Indicates the last update type.

signature-database-update-state/result/result

Indicates the last update result.

signature-database-update-state/result/result-description

Indicates the last update result description.

signature-database-update-state/result/result-code

Indicates the last update result code.

signature-database-update-state/state

Indicates that the status of update. It contains only subnodes and has no data significance.

signature-database-update-state/state/signature-database-type

Indicates the update type.

signature-database-update-state/state/current-version

Indicates the current version.

signature-database-update-state/state/current-version/version

Indicates the current version.

signature-database-update-state/state/current-version/size

Indicates the size.

signature-database-update-state/state/current-version/update-time

Indicates the update time.

signature-database-update-state/state/current-version/issue-time

Indicates the update issue time.

signature-database-update-state/state/backup-version

Indicates the backup version.

signature-database-update-state/state/backup-version/version

Indicates the backup version.

signature-database-update-state/state/backup-version/size

Indicates the backup version size.

signature-database-update-state/state/backup-version/update-time

Indicates the backup version update time.

signature-database-update-state/state/backup-version/issue-time

Indicates the backup version issue time.

signature-database-update-state/state/download-version

Indicates the download version.

signature-database-update-state/state/download-version/version

Indicates the download version.

signature-database-update-state/state/download-version/size

Indicates the download version size.

Table 3-1145 RPC data model of the signature database update

Field

Description

signature-database-update-action

Indicates the PRC method for the signature database update.

signature-database-update-action/signature-database-type

Indicates the signature database update based on the the signature database type. The delivered operation is the local update method for this type of signature database. The tag pair <signature-database-update-action> </signature-database-update-action> indicates a single RPC method.

signature-database-update-action/update-type

Indicates the actions of the RPC method for the signature database update, including local, online, restore, rooback, and apply. Currently, only the local method is supported.

signature-database-update-action/signature-file

Indicates the file name of the signature database used for the local update. The file name includes the full path. This file must exist in the device storage card.

Query update configuration

This section provides packet examples for using the get-config method to query update configuration.

Table 3-1146 query update configuration

Operation

XPATH

Description

get-config

signature-database-updates

Query update configuration.

Request Example

<?xml version="1.0" encoding="UTF-8"?>
  <rpc message-id="1013" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
    <get-config>
      <source>
        <running/>
      </source>
      <filter>
        <signature-database-updates xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
        </signature-database-updates>
      </filter>
    </get-config>
  </rpc>

Response Example

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1013">
  <data>
    <signature-database-updates xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update">
      <signature-database-update>
        <signature-database-type>intrusion-prevention</signature-database-type>
        <apply-confirmation-enable>false</apply-confirmation-enable>
        <schedule>
          <enable>true</enable>
          <daily-time>06:48</daily-time>
        </schedule>
      </signature-database-update>
      <signature-database-update>
        <signature-database-type>antivirus</signature-database-type>
        <apply-confirmation-enable>false</apply-confirmation-enable>
        <schedule>
          <enable>true</enable>
          <daily-time>06:48</daily-time>
        </schedule>
      </signature-database-update>
      <signature-database-update>
        <signature-database-type>application</signature-database-type>
        <apply-confirmation-enable>false</apply-confirmation-enable>
        <schedule>
          <enable>true</enable>
          <daily-time>06:48</daily-time>
        </schedule>
      </signature-database-update>
      <signature-database-update>
        <signature-database-type>ip-reputation</signature-database-type>
        <apply-confirmation-enable>false</apply-confirmation-enable>
        <schedule>
          <enable>true</enable>
          <daily-time>06:48</daily-time>
        </schedule>
      </signature-database-update>
      <signature-database-update>
        <signature-database-type>cnc</signature-database-type>
        <apply-confirmation-enable>false</apply-confirmation-enable>
        <schedule>
          <enable>true</enable>
          <daily-time>06:48</daily-time>
        </schedule>
      </signature-database-update>
      <update-server>
        <address>sec.huawei.com</address>
        <port>80</port>
      </update-server>
      <update-proxy-server>
        <enable>true</enable>
      </update-proxy-server>
    </signature-database-updates>
  </data>
</rpc-reply>

Query update status

This section provides packet examples for using the get method to query update status.

Table 3-1147 query update status

Operation

XPATH

Description

get

signature-database-updates

Query update status.

Request Example

<?xml version="1.0" encoding="UTF-8"?>
  <rpc message-id="1013" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
    <get>
      <source>
        <running/>
      </source>
      <filter>
        <signature-database-update-state xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
        </signature-database-update-state>
      </filter>
    </get>
</rpc>

Response Example

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1013">
  <data>
    <signature-database-update-state xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update">
      <result>
        <signature-database-type>intrusion-prevention</signature-database-type>
        <result>success</result>
        <result-description>success</result-description>
        <result-code>2231370331</result-code>
      </result>
      <result>
        <signature-database-type>antivirus</signature-database-type>
        <result>success</result>
        <result-description>success</result-description>
        <result-code>2231370331</result-code>
      </result>
      <result>
        <signature-database-type>application</signature-database-type>
        <result>success</result>
        <result-description>success</result-description>
        <result-code>2231370331</result-code>
      </result>
      <result>
        <signature-database-type>ip-reputation</signature-database-type>
        <result>success</result>
        <result-description>success</result-description>
        <result-code>2231370331</result-code>
      </result>
      <result>
        <signature-database-type>cnc</signature-database-type>
        <result>success</result>
        <result-description>success</result-description>
        <result-code>2231370331</result-code>
      </result>
      <state>
        <signature-database-type>intrusion-prevention</signature-database-type>
        <current-version>
          <version>2016042300</version>
          <size>2656543</size>
          <update-time>2016-11-26T03:00:17</update-time>
          <issue-time>2016-05-30T20:09:42</issue-time>
        </current-version>
        <backup-version>
          <version>2016110203</version>
          <size>2150086</size>
          <update-time>2016-11-22T07:57:10</update-time>
          <issue-time>2016-11-02T10:40:47</issue-time>
        </backup-version>
        <download-version>
          <version/>
          <size>0</size>
        </download-version>
      </state>
      <state>
        <signature-database-type>antivirus</signature-database-type>
        <current-version>
          <version>2016052300</version>
          <size>64780532</size>
          <update-time>2016-11-26T03:00:18</update-time>
          <issue-time>2016-05-23T11:06:57</issue-time>
        </current-version>
        <backup-version>
          <version>2016013000</version>
          <size>64954138</size>
          <update-time>2016-09-17T22:58:28</update-time>
          <issue-time>2016-01-30T12:12:55</issue-time>
        </backup-version>
        <download-version>
          <version/>
          <size>0</size>
        </download-version>
      </state>
      <state>
        <signature-database-type>application</signature-database-type>
        <current-version>
          <version>2016081200</version>
          <size>4002240</size>
          <update-time>2016-11-26T03:00:25</update-time>
          <issue-time>2016-08-12T14:17:11</issue-time>
        </current-version>
        <backup-version>
          <version>2016033100</version>
          <size>3686878</size>
          <update-time>2016-10-16T04:28:07</update-time>
          <issue-time>2016-03-31T15:47:33</issue-time>
        </backup-version>
        <download-version>
          <version/>
          <size>0</size>
        </download-version>
      </state>
      <state>
        <signature-database-type>ip-reputation</signature-database-type>
        <current-version>
          <version>2016051800</version>
          <size>19031781</size>
          <update-time>2016-11-26T02:54:26</update-time>
          <issue-time>2016-05-18T10:21:05</issue-time>
        </current-version>
        <backup-version>
          <version>2016051700</version>
          <size>17563506</size>
          <update-time>2016-10-16T04:23:26</update-time>
          <issue-time>2016-05-17T10:09:53</issue-time>
        </backup-version>
        <download-version>
          <version/>
          <size>0</size>
        </download-version>
      </state>
      <state>
        <signature-database-type>cnc</signature-database-type>
        <current-version>
          <version>2016082600</version>
          <size>2355</size>
          <update-time>2016-11-26T03:00:55</update-time>
          <issue-time>2016-08-26T10:38:48</issue-time>
        </current-version>
        <backup-version>
          <version>2014121000</version>
          <size>490149</size>
          <update-time>2016-10-30T06:47:15</update-time>
          <issue-time>2014-12-10T17:33:08</issue-time>
        </backup-version>
        <download-version>
          <version/>
          <size>0</size>
        </download-version>
      </state>
    </signature-database-update-state>
  </data>
</rpc-reply>

Configure update policy

This section provides packet examples for using the edit-config method to config update policy.

Data Requirement

Table 3-1148 Configuration signature database online upgrade auto load confirmation function

Item

Date

Description

update type

application

Indicate the update type such as application

auto load confirmation function

true

open auto load confirmation function

Request Example

<?xml version="1.0" encoding="UTF-8"?>
  <rpc message-id="1003" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
    <edit-config>
      <target>
        <running/>
      </target>
      <error-option>rollback-on-error</error-option>
      <config>
        <signature-database-updates xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
          <signature-database-update>
            <signature-database-type>application</signature-database-type>
            <apply-confirmation-enable>true</apply-confirmation-enable>
          </signature-database-update>
        </signature-database-updates>
      </config>
    </edit-config>
  </rpc>

Perform update operations

This section provides packet examples for performing the local update of the signature database using the RPC method. For the configuration, see Table 2-2.

Table 3-1149 Performing the local update of a signature database

Operation

XPATH

Description

rpc

signature-database-update-action

Perform the local update of a signature database.

Data Requirement

Table 3-1150 Performing the local update of a signature database

Item

Data

Description

Type of the signature database

application

Specify the type of the signature database, such as application.

Update type

local

Set the update type to local.

File name

hda1:/sa_h30071000_2016033100.zip

Specify the file name of the SA signature database to be loaded locally.

Request Example

<?xml version="1.0" encoding="UTF-8"?> 
<rpc message-id="1002" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> 
<signature-database-update-action xmlns="urn:huawei:params:xml:ns:yang:huawei-signature-database-update" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"> 
<signature-database-type>application</signature-database-type> 
<update-type>local</update-type> 
<signature-file>hda1:/sa_h30071000_2016033100.zip</signature-file> 
</signature-database-update-action> 
</rpc>

Synchronization Response Example

<?xml version="1.0" encoding="UTF-8"?> 
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1002"> 
<ok/> 
</rpc-reply>

Asynchronous Response Example

<?xml version="1.0" encoding="UTF-8"?> 
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1002"> 
<data> 
<signature-database-type>application</signature-database-type> 
<result>success</result> 
<result-code>2231370335</result-code> 
</data> 
</rpc-reply>

Upload signature database

This section provides packet examples for updaloading the signature database using the RPC method.

Table 3-1151 updaload signature database

Signature database type

Description

sa-sdb-xml

SA

url-sdb-xml

URL

ips-sdb-xml

IPS

Request example

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="1003" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> 
<load-file xmlns="urn:huawei:params:xml:ns:yang:huawei-system-load"> 
<loadfile> 
<files> 
<name>application.xml</name>
 <file-parameters>
<type>sa-sdb-xml</type>
 </file-parameters>
 <direction>upload</direction>
 <file-load-peers>
<file-location> 
<fileserver-address>10.177.255.248</fileserver-address>
<file-directory>hda1:/</file-directory>
</file-location> 
 </file-load-peers>
 <sftp>                            
   <username>1</username>
   <password>1</password>
   <port>31922</port>
 </sftp>
 <pre-load-actions>
   <action-rule>
 <type>sdb-file-proc</type>
 <sdb-file-action-rule>
   <compress-method>sdb-file-zip</compress-method>
   <rename-method>sdbtype-version-deviceip-date</rename-method>
   <clean>true</clean>
 </sdb-file-action-rule>
   </action-rule>
 </pre-load-actions> 
</files> 
</loadfile> 
</load-file> 
  </rpc>

Response Example

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1003">
  <ok/>
</rpc-reply>

Query status of uploading database

Request Example

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="1053" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <get>
    <filter type="subtree">
<download-guage xmlns="urn:huawei:params:xml:ns:yang:huawei-system-load">  
<files> 
</files> 
</download-guage>  
    </filter>
  </get>
</rpc>

Upload successful response example

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1053">
  <data>
    <download-guage xmlns="urn:huawei:params:xml:ns:yang:huawei-system-load">
      <files>
        <filename>sa_7.2.1086.1_4.1.152.72_20170220235725.zip</filename>
        <direction>upload</direction>
        <filetype>sa-sdb-xml</filetype>
        <status>success</status>
        <file-directory/>
      </files>
    </download-guage>
  </data>
</rpc-reply>

Upload failed response example

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1011">
  <data>
    <download-guage xmlns="urn:huawei:params:xml:ns:yang:huawei-system-load">
      <files>
        <filename>ips_4.1.72.23_20170220210355.zip</filename>
        <direction>upload</direction>
        <filetype>ips-sdb-xml</filetype>
        <status>fail</status>
        <error-tag>1</error-tag>
        <file-directory/>
      </files>
    </download-guage>
  </data>
</rpc-reply>

Translation
Download
Updated: 2019-03-06

Document ID: EDOC1100022096

Views: 8359

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next