Paul, Eunsoo, Tae-Jin, Rakesh, and Sue,
Thank you very much for the updated i2nsf-consumer-facing-interface-dm03, which
matches much better with the i2nsf-consumer-facing-im draft.
Just a few questions.
I noticed that you don't list individual value for the rules. For example,
"primary-action" list the "permit", "deny", "rate limit", etc in the
description:
leaf primary-action {
type string;
description
"This field identifies the action when a rule
is matched by NSF. The action could be one of
'PERMIT', 'DENY', 'RATE-LIMIT', 'TRAFFIC-CLASS',
'AUTHENTICATE-SESSION', 'IPS, 'APP-FIREWALL', etc.";
}
In draft-ietf-netmod-acl-model-11, the actions are listed as explicit value.
[cid:image001.png@01D315F0.BD2B6B30]
Similar paten goes with the definition of "Source" and "destination". You have:
leaf source {
type string;
description
"This field identifies the source of
the traffic. This could be reference to
either 'Policy Endpoint Group' or
'Threat-Feed' or 'Custom-List' if Security
Admin wants to specify the source; otherwise,
the default is to match all traffic.";
}
Not an expert in the data model, I am wondering if you need to explicitly list
the 'Policy Endpoint Group', 'Custom-List', etc
Thank you very much,
Linda
_______________________________________________
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf
