ietf-snmp-usm

This submodule contains a collection of YANG definitions for configuring the User-based Security Model (USM) of SNMP. Copyright...

  • Version: 2014-12-10

    ietf-snmp-usm@2014-12-10


    
      submodule ietf-snmp-usm {
    
        yang-version 1;
    
        belongs-to ietf-snmp {
            prefix snmp;
        }
    
        import ietf-yang-types {
          prefix yang;
        }
        import ietf-netconf-acm {
          prefix nacm;
        }
    
        include ietf-snmp-common;
        include ietf-snmp-target;
        include ietf-snmp-proxy;
    
        organization
          "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
    
        contact
          "WG Web:   <http://tools.ietf.org/wg/netmod/>
         WG List:  <mailto:netmod@ietf.org>
    
         WG Chair: Thomas Nadeau
                   <mailto:tnadeau@lucidvision.com>
    
         WG Chair: Juergen Schoenwaelder
                   <mailto:j.schoenwaelder@jacobs-university.de>
    
         Editor:   Martin Bjorklund
                   <mailto:mbj@tail-f.com>
    
         Editor:   Juergen Schoenwaelder
                   <mailto:j.schoenwaelder@jacobs-university.de>";
    
        description
          "This submodule contains a collection of YANG definitions for
         configuring the User-based Security Model (USM) of SNMP.
    
         Copyright (c) 2014 IETF Trust and the persons identified as
         authors of the code.  All rights reserved.
    
         Redistribution and use in source and binary forms, with or
         without modification, is permitted pursuant to, and subject
         to the license terms contained in, the Simplified BSD License
         set forth in Section 4.c of the IETF Trust's Legal Provisions
         Relating to IETF Documents
         (http://trustee.ietf.org/license-info).
    
         This version of this YANG module is part of RFC 7407; see
         the RFC itself for full legal notices.";
    
        reference
          "RFC 3414: User-based Security Model (USM) for version 3 of the
            Simple Network Management Protocol (SNMPv3)";
    
    
        revision "2014-12-10" {
          description "Initial revision.";
          reference
            "RFC 7407: A YANG Data Model for SNMP Configuration";
    
        }
    
    
        grouping key {
          leaf key {
            nacm:default-deny-all;
            type yang:hex-string;
            mandatory true;
            description
              "Localized key specified as a list of colon-specified
             hexadecimal octets.";
          }
        }  // grouping key
    
        grouping user-list {
          list user {
            key "name";
            reference
              "RFC 3414: User-based Security Model (USM) for version 3
                of the Simple Network Management Protocol (SNMPv3).
                SNMP-USER-BASED-SM-MIB.usmUserTable";
    
            leaf name {
              type identifier;
              reference
                "RFC 3414: User-based Security Model (USM) for version 3
                  of the Simple Network Management Protocol (SNMPv3).
                  SNMP-USER-BASED-SM-MIB.usmUserName";
    
            }
    
            container auth {
              presence "enables authentication";
              description
                "Enables authentication of the user.";
              choice protocol {
                mandatory true;
                reference
                  "RFC 3414: User-based Security Model (USM) for version 3
                    of the Simple Network Management Protocol (SNMPv3).
                    SNMP-USER-BASED-SM-MIB.usmUserAuthProtocol";
    
                container md5 {
                  reference
                    "RFC 3414: User-based Security Model (USM) for
                      version 3 of the Simple Network Management Protocol
                      (SNMPv3).
                      SNMP-USER-BASED-SM-MIB.usmHMACMD5AuthProtocol";
    
                  uses key;
                }  // container md5
                container sha {
                  reference
                    "RFC 3414: User-based Security Model (USM) for
                      version 3 of the Simple Network Management Protocol
                      (SNMPv3).
                      SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol";
    
                  uses key;
                }  // container sha
              }  // choice protocol
            }  // container auth
    
            container priv {
              must "../auth" {
                error-message
                  "when privacy (confidentiality) is used, "
                    + "authentication must also be used";
              }
              presence "enables encryption";
              description
                "Enables encryption of SNMP messages.";
              choice protocol {
                mandatory true;
                reference
                  "RFC 3414: User-based Security Model (USM) for version 3
                    of the Simple Network Management Protocol (SNMPv3).
                    SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol";
    
                container des {
                  reference
                    "RFC 3414: User-based Security Model (USM) for
                      version 3 of the Simple Network Management Protocol
                      (SNMPv3).
                      SNMP-USER-BASED-SM-MIB.usmDESPrivProtocol";
    
                  uses key;
                }  // container des
                container aes {
                  reference
                    "RFC 3826: The Advanced Encryption Standard (AES)
                      Cipher Algorithm in the SNMP User-based Security
                      Model.
                      SNMP-USM-AES-MIB.usmAesCfb128Protocol";
    
                  uses key;
                }  // container aes
              }  // choice protocol
            }  // container priv
          }  // list user
        }  // grouping user-list
    
        augment /snmp:snmp {
          container usm {
            description
              "Configuration of the User-based Security Model.";
            container local {
              uses user-list;
            }  // container local
    
            list remote {
              key "engine-id";
              leaf engine-id {
                type engine-id;
                reference
                  "RFC 3414: User-based Security Model (USM) for version 3
                    of the Simple Network Management Protocol (SNMPv3).
                    SNMP-USER-BASED-SM-MIB.usmUserEngineID";
    
              }
    
              uses user-list;
            }  // list remote
          }  // container usm
        }
    
        grouping usm-target-params {
          container usm {
            description
              "User-based SNMPv3 parameters type.
    
             Represents snmpTargetParamsMPModel '3' and
             snmpTargetParamsSecurityModel '3'.";
            leaf user-name {
              type security-name;
              mandatory true;
              reference
                "RFC 3413: Simple Network Management Protocol (SNMP).
                  Applications.
                  SNMP-TARGET-MIB.snmpTargetParamsSecurityName";
    
            }
    
            leaf security-level {
              type security-level;
              mandatory true;
              reference
                "RFC 3413: Simple Network Management Protocol (SNMP).
                  Applications.
                  SNMP-TARGET-MIB.snmpTargetParamsSecurityLevel";
    
            }
          }  // container usm
        }  // grouping usm-target-params
    
        augment /snmp:snmp/snmp:target-params/snmp:params {
          case usm {
            uses usm-target-params;
          }  // case usm
        }
      }  // submodule ietf-snmp-usm
    

© 2023 YumaWorks, Inc. All rights reserved.