scottk/ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2025-10-29 01:02:20 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Resolving merge issues

Browse Source
This commit is contained in:
Mike Hansen
2025-02-04 12:08:04 -05:00
parent 1d052a18c2 51c5b1b9f4
commit 362e03a363
20 changed files with 2167 additions and 1199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
capabilities/connect.capabilities.yml
View File

@@ -15,18 +15,36 @@ properties:
version:
type: object
description:
The ols schema version to be used with this Switch
Switch version info, OLS release and schema.
properties:
major:
type: integer
minor:
type: integer
patch:
type: integer
examples:
- 'major': 3
'minor': 2
'patch': 0
switch:
type: object
description: the ols client version for this Switch
properties:
major:
type: integer
minor:
type: integer
patch:
type: integer
examples:
- 'major': 3
'minor': 2
'patch': 0
schema:
type: object
description: the ols schema version used with the ols client.
properties:
major:
type: integer
minor:
type: integer
patch:
type: integer
examples:
- 'major': 3
'minor': 2
'patch': 0
platform:
type: string
enum:

16
docs/ucentral-schema.html
View File

File diff suppressed because one or more lines are too long

2
docs/ucentral-state.html
View File

File diff suppressed because one or more lines are too long

11
docs/ucentral.capabilities.html
View File

File diff suppressed because one or more lines are too long

5
schema.json Normal file
View File

@@ -0,0 +1,5 @@
{
"major": 3,
"minor": 2,
"patch": 7
}

121
schema/ethernet.yml
View File

@@ -379,4 +379,123 @@ properties:
maximum: 65535
trusted:
type: boolean
description: Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks.
description: Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks.
rate-limit-port:
type: object
description: Configuration for ingress and egress rate limiting on a specific port (in kbps)
properties:
ingress-kbps:
type: integer
description: Sets the maximum allowed ingress (input) traffic rate for the port, in kilobits per second (kbps).
minimum: 64
maximum: 1000000000
egress-kbps:
type: integer
description: Sets the maximum allowed egress (output) traffic rate for the port, in kilobits per second (kbps).
minimum: 64
maximum: 1000000000
ip-source-guard-port:
type: object
description: Configuration of IP Source Guard (IPSG) on a physical interface in a Layer 2 switch.
properties:
rule:
type: string
description: Configures the switch to filter inbound traffic based on source IP address only,
or source IP address and corresponding MAC address combined.
enum:
- sip
- sip-mac
mode:
type: string
description: Specifies the learning mode to use for validation, either MAC address table or ACL table.
The system searches for source addresses in the specified table.
enum:
- mac
- acl
max-binding:
type: integer
description: Sets the maximum number of address entries that can be mapped to an interface
in the binding table. Includes both static entries and dynamically learned entries
via DHCP Snooping.
minimum: 1
maximum: 65535
acl:
description: A collection of access control entries that define the rules for filtering traffic through a network port.
type: array
items:
type: object
properties:
acl-inf-policy-preference:
description: Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.
type: integer
minimum: 1
maximum: 64
default: 1
acl-inf-policy-ingress:
description: Specifies the ACL policy that is applied to incoming traffic on an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-ingress:
description: Tracks the number and type of packets that match the ingress ACL rules on an interface.
type: boolean
default: false
acl-inf-policy-egress:
description: Specifies the ACL policy that is applied to outgoing traffic from an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-egress:
description: Tracks the number and type of packets that match the egress ACL rules on an interface.
type: boolean
default: false
voice-vlan-intf-config:
description: Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.
type: object
properties:
voice-vlan-intf-mode:
description: Specify the mode of placing this port on the voice VLAN.
type: string
default: "auto"
enum:
- none
- manual
- auto
voice-vlan-intf-priority:
description: Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.
type: integer
default: 6
minimum: 0
maximum: 6
voice-vlan-intf-detect-voice:
description: Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.
type: string
default: "oui"
enum:
- oui
- lldp
voice-vlan-intf-security:
description: Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.
type: boolean
default: false
dhcp-snoop-port:
description: Configuration for DHCP Snooping on a port level on a switch
type: object
properties:
dhcp-snoop-port-trust:
description: This parameter designates a switch port as trusted for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers
type: boolean
default: false
dhcp-snoop-port-client-limit:
description: It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the networks IP address pool
type: integer
minimum: 1
dhcp-snoop-port-circuit-id:
description: Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting
type: string
minLength: 1
maxLength: 32

33
schema/interface.acl.yml
View File

@@ -1,33 +0,0 @@
description: A collection of access control entries that define the rules for filtering traffic through a network interface.
type: array
items:
type: object
properties:
acl-inf-policy-preference:
description: Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.
type: integer
minimum: 1
maximum: 64
default: 1
acl-inf-policy-ingress:
description: Specifies the ACL policy that is applied to incoming traffic on an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-ingress:
description: Tracks the number and type of packets that match the ingress ACL rules on an interface.
type: boolean
default: false
acl-inf-policy-egress:
description: Specifies the ACL policy that is applied to outgoing traffic from an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-egress:
description: Tracks the number and type of packets that match the egress ACL rules on an interface.
type: boolean
default: false

16
schema/interface.dhcp-snoop-port.yml
View File

@@ -1,16 +0,0 @@
description: "Configuration for DHCP Snooping on a port level on a switch"
type: object
properties:
dhcp-snoop-port-trust:
description: "This parameter designates a switch port as trusted for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers"
type: boolean
default: false
dhcp-snoop-port-client-limit:
description: "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the networks IP address pool"
type: integer
minimum: 1
dhcp-snoop-port-circuit-id:
description: "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting"
type: string
minLength: 1
maxLength: 32

29
schema/interface.ipv4.yml
View File

@@ -202,35 +202,6 @@ properties:
default: false
ip-arp-inspect-vlan:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/arp-inspect/"
voice-vlan-intf-config:
description: "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port."
type: object
properties:
voice-vlan-intf-mode:
description: "Specify the mode of placing this port on the voice VLAN."
type: string
default: "auto"
enum:
- none
- manual
- auto
voice-vlan-intf-priority:
description: "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types."
type: integer
default: 6
minimum: 0
maximum: 6
voice-vlan-intf-detect-voice:
description: "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition."
type: string
default: "oui"
enum:
- oui
- lldp
voice-vlan-intf-security:
description: "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices."
type: boolean
default: false
dhcp:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/dhcp/"
dhcp-leases:

6
schema/interface.yml
View File

@@ -68,11 +68,7 @@ properties:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/"
ipv6:
$ref: "https://ucentral.io/schema/v1/interface/ipv6/"
acl:
$ref: "https://ucentral.io/schema/v1/interface/acl/"
dhcp-snoop-port:
$ref: "https://ucentral.io/schema/v1/interface/dhcp-snoop-port/"
broad-band:
$ref: "https://ucentral.io/schema/v1/interface/broad-band/"
tunnel:
$ref: "https://ucentral.io/schema/v1/interface/tunnel/"
$ref: "https://ucentral.io/schema/v1/interface/tunnel/"

110
schema/switch.acl.yml Normal file
View File

@@ -0,0 +1,110 @@
description: Contains all the access control rule definitions
type: array
uniqueItems: true
items:
type: object
properties:
acl-name:
description: The identifier or name for the Access Control List
type: string
maxLength: 32
minLength: 1
acl-type:
description: Type of the access control list
type: string
enum:
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-rules:
description: access control rules under this ACL
type: object
additionalProperties:
type: array
uniqueItems: true
items:
type: object
properties:
acl-rule-action:
description: Defines whether to permit or deny traffic matching the rule
type: string
enum:
- permit
- deny
acl-source-macaddress:
description: Specifies the source MAC address to filter on
type: string
format: uc-mac
acl-source-macbitmask:
description: The mask applied to the source MAC address
type: string
format: uc-mac
acl-dest-macaddress:
description: Specifies the destination MAC address for the filter
type: string
format: uc-mac
acl-dest-macbitmask:
description: The mask applied to the destination MAC address
type: string
format: uc-mac
acl-packet-format:
description: Identifies the protocol encapsulated in the Ethernet frame by its EtherType
type: string
enum:
- any
- untagged-eth2
- untagged-802.3
- tagged-eth2
- tagged-802.3
acl-vlanid:
description: Specifies a VLAN ID to filter traffic from a specific VLAN
type: integer
minimum: 1
maximum: 4094
acl-vid-bitmask:
description: The mask applied to the VLAN ID
type: integer
minimum: 1
maximum: 4095
acl-ethertype:
description: Filters packets based on the custom EtherType field (HEX) in the Ethernet frame
type: string
default: "800"
acl-ethertype-bitmask:
description: The mask applied to the EtherType field
type: string
default: "FFFF"
acl-cos:
description: Filters based on the Class of Service (CoS) field in the frame
type: integer
minimum: 0
maximum: 7
acl-cos-bitmask:
description: The mask applied to the CoS field
type: integer
minimum: 0
maximum: 7
acl-ipv4-source-address:
description: The IPv4 address of the source to filter on
type: string
format: ipv4
acl-ipv4-source-subnetmask:
description: The subnet mask applied to the source IPv4 address
type: string
format: ipv4
acl-ipv4-dest-address:
description: The IPv4 address of the destination to filter on
type: string
format: ipv4
acl-ipv4-dest-subnetmask:
description: The subnet mask applied to the destination IPv4 address
type: string
format: ipv4
acl-ip-proto:
description: Filters based on the IP protocol number
type: integer
minimum: 0
maximum: 255

29
schema/switch.ip-source-guard.yml Normal file
View File

@@ -0,0 +1,29 @@
type: object
description: Configuration for IP Source Guard global static bindings in a Layer 2 switch.
properties:
bindings:
type: array
description: List of static bindings for IP Source Guard.
items:
type: object
properties:
binding-mode:
type: string
description: Specifies the mode for adding a static address to the Source Guard ACL or MAC address binding table. It determines whether the binding is based on MAC addresses or ACLs.
enum:
- mac
- acl
binding-mac:
type: string
format: uc-mac
description: A valid unicast MAC address for binding to the Source Guard filtering table.
binding-vlans:
type: integer
description: The VLAN ID associated with the static binding for Source Guard filtering. Must be a valid, configured VLAN on the switch.
binding-ip:
type: string
format: ipv4
description: A valid unicast IPv4 address to associate with the Source Guard filtering table.
binding-port:
type: string
description: The physical interface (e.g., ethernet0, ethernet1) where the Source Guard binding applies.

162
schema/switch.rtevent.yml Normal file
View File

@@ -0,0 +1,162 @@
description: Configuration for enabling or disabling specific event categories and their sub-events.
type: object
properties:
port-status:
description: Enable/Disable Port Status events.
type: object
properties:
enabled:
description: Enable/Disable Port Status category.
type: boolean
default: false
sub-events:
type: object
properties:
wired.carrier-down:
type: boolean
description: Enable/Disable carrier down event.
default: false
wired.carrier-up:
type: boolean
description: Enable/Disable carrier up event.
default: false
module:
description: Enable/Disable Module events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable Module category.
default: false
sub-events:
type: object
properties:
module.plugout:
type: boolean
description: Enable/Disable module plugout event.
default: false
module.plugin:
type: boolean
description: Enable/Disable module plugin event.
default: false
stp:
description: Enable/Disable STP events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable STP category.
default: false
sub-events:
type: object
properties:
stp.loop-detected:
type: boolean
description: Enable/Disable loop detected event.
default: false
stp.loop-cleared:
type: boolean
description: Enable/Disable loop cleared event.
default: false
stp.state-change:
type: boolean
description: Enable/Disable state change event.
default: false
rstp:
description: Enable/Disable RSTP events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable RSTP category.
default: false
sub-events:
type: object
properties:
rstp.loop-detected:
type: boolean
description: Enable/Disable loop detected event.
default: false
rstp.loop-cleared:
type: boolean
description: Enable/Disable loop cleared event.
default: false
rstp.state-change:
type: boolean
description: Enable/Disable state change event.
default: false
fw-upgrade:
description: Enable/Disable Firmware Upgrade events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable Firmware Upgrade category.
default: false
sub-events:
type: object
properties:
upg.download-start:
type: boolean
description: Enable/Disable download start event.
default: false
upg.download-in-progress:
type: boolean
description: Enable/Disable download in progress event.
default: false
upg.download-failed:
type: boolean
description: Enable/Disable download failed event.
default: false
upg.validation-start:
type: boolean
description: Enable/Disable validation start event.
default: false
upg.validation-success:
type: boolean
description: Enable/Disable validation success event.
default: false
upg.validation-failed:
type: boolean
description: Enable/Disable validation failed event.
default: false
upg.backup-current-firmware:
type: boolean
description: Enable/Disable firmware backup event.
default: false
upg.install-start:
type: boolean
description: Enable/Disable install start event.
default: false
upg.install-failed:
type: boolean
description: Enable/Disable install failed event.
default: false
upg.reboot-start:
type: boolean
description: Enable/Disable reboot start event.
default: false
upg.success:
type: boolean
description: Enable/Disable upgrade success event.
default: false
dhcp-snooping:
description: Enable/Disable DHCP Snooping events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable DHCP Snooping category.
default: false
sub-events:
type: object
properties:
dhcp-snooping.violation-detected:
type: boolean
description: Enable/Disable DHCP Snooping violation detected event.
default: false
dhcp-snooping.violation-cleared:
type: boolean
description: Enable/Disable DHCP Snooping violation cleared event.
default: false
# Continue similarly for ARP Inspection, IPSG, PoE Status, PoE Fault, and Device Events.

194
schema/switch.yml
View File

@@ -1,4 +1,4 @@
description:
description:
This section defines the switch fabric specific features of a physical switch.
type: object
properties:
@@ -279,176 +279,6 @@ properties:
- drop
- keep
- replace
acl:
description: Contains all the access control rule definitions
type: array
items:
type: object
properties:
acl-type:
description: Type of the access control list
type: string
enum:
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-name:
description: The identifier or name for the Access Control List
type: string
maxLength: 32
minLength: 1
acl-rule-action:
description: Defines whether to permit or deny traffic matching the rule
type: string
enum:
- permit
- deny
acl-source-macaddress:
description: Specifies the source MAC address to filter on
type: string
format: uc-mac
acl-source-macbitmask:
description: The mask applied to the source MAC address
type: string
format: uc-mac
acl-dest-macaddress:
description: Specifies the destination MAC address for the filter
type: string
format: uc-mac
acl-dest-macbitmask:
description: The mask applied to the destination MAC address
type: string
format: uc-mac
acl-packet-format:
description: Identifies the protocol encapsulated in the Ethernet frame by its EtherType
type: string
enum:
- any
- untagged-eth2
- untagged-802.3
- tagged-eth2
- tagged-802.3
acl-vlanid:
description: Specifies a VLAN ID to filter traffic from a specific VLAN
type: integer
minimum: 1
maximum: 4094
acl-vid-bitmask:
description: The mask applied to the VLAN ID
type: integer
minimum: 1
maximum: 4095
acl-ethertype:
description: Filters packets based on the custom EtherType field (HEX) in the Ethernet frame
type: string
default: "800"
acl-ethertype-bitmask:
description: The mask applied to the EtherType field
type: string
default: "FFFF"
acl-cos:
description: Filters based on the Class of Service (CoS) field in the frame
type: integer
minimum: 0
maximum: 7
acl-cos-bitmask:
description: The mask applied to the CoS field
type: integer
minimum: 0
maximum: 7
# IP-ACL (IPv4/IPv6) Parameters
acl-ipv4-source-address:
description: The IPv4 address of the source to filter on
type: string
format: ipv4
acl-ipv4-source-subnetmask:
description: The subnet mask applied to the source IPv4 address
type: string
format: ipv4
acl-ipv4-dest-address:
description: The IPv4 address of the destination to filter on
type: string
format: ipv4
acl-ipv4-dest-subnetmask:
description: The subnet mask applied to the destination IPv4 address
type: string
format: ipv4
acl-ipv6-source-address:
description: The IPv6 address of the source to filter on
type: string
format: ipv6
acl-ipv6-source-prefix-length:
description: Defines the length of the prefix used in filtering IPv6 source addresses
type: integer
minimum: 0
maximum: 128
acl-ipv6-dest-address:
description: The IPv6 address of the destination to filter on
type: string
format: ipv6
acl-ipv6-dest-prefix-length:
description: Defines the length of the prefix used in filtering IPv6 destination addresses
type: integer
minimum: 0
maximum: 128
acl-ip-proto:
description: Filters based on the IP protocol number
type: integer
minimum: 0
maximum: 255
acl-ipv6-next-header:
description: Specifies the next header type in IPv6 traffic, such as TCP, UDP, or ICMPv6
type: integer
minimum: 0
maximum: 255
acl-ipv6-flow-label:
description: Filters packets based on the IPv6 Flow Label field
type: integer
minimum: 0
maximum: 1048575
acl-ip-source-port:
description: Specifies the source port number for filtering
type: integer
minimum: 0
maximum: 65535
acl-ip-source-port-bitmask:
description: The mask applied to the source port number
type: integer
minimum: 0
maximum: 65535
acl-ip-dest-port:
description: Specifies the destination port number for filtering
type: integer
minimum: 0
maximum: 65535
acl-ip-dest-port-bitmask:
description: The mask applied to the destination port number
type: integer
minimum: 0
maximum: 65535
acl-ipv4-fragment-offset:
description: Filters based on IPv4 fragment offset for fragmented packets
type: integer
minimum: 0
maximum: 8191
acl-ipv6-fragment-offset:
description: Filters based on IPv6 fragment offset for fragmented packets
type: integer
minimum: 0
maximum: 8191
acl-ip-ttl:
description: Filters IPv4 traffic based on the TTL (Time to Live) value
type: integer
minimum: 0
maximum: 255
acl-ipv6-hop-limit:
description: Filters IPv6 traffic based on the hop limit value, equivalent to IPv4 TTL
type: integer
minimum: 0
maximum: 255
mvr-config:
description: This section defines the Multicast VLAN Registration (MVR) general configuration.
type: object
@@ -672,40 +502,46 @@ properties:
type: boolean
default: true
voice-vlan-config:
description: "This parameter enables or disables the overall configuration of the Voice VLAN feature on the switch. When enabled, it allows the system to classify and prioritize voice traffic."
description: This parameter enables or disables the overall configuration of the Voice VLAN feature on the switch. When enabled, it allows the system to classify and prioritize voice traffic.
type: object
properties:
voice-vlan-id:
description: "Specifies the VLAN ID assigned to the Voice VLAN. This is the unique identifier for the VLAN that will be used for prioritizing voice traffic."
description: Specifies the VLAN ID assigned to the Voice VLAN. This is the unique identifier for the VLAN that will be used for prioritizing voice traffic.
type: integer
minimum: 1
maximum: 4094
voice-vlan-ageing-time:
description: "Defines the time, in minutes, that a dynamic Voice VLAN entry remains in the VLAN after voice traffic is no longer detected. It helps manage resources by removing inactive voice devices from the VLAN after this time elapses."
description: Defines the time, in minutes, that a dynamic Voice VLAN entry remains in the VLAN after voice traffic is no longer detected. It helps manage resources by removing inactive voice devices from the VLAN after this time elapses.
type: integer
minimum: 5
maximum: 43200
default: 1440
voice-vlan-oui-config:
description: "Configures the Organizationally Unique Identifier (OUI) for identifying the voice devices (like IP phones)."
description: Configures the Organizationally Unique Identifier (OUI) for identifying the voice devices (like IP phones).
type: array
items:
type: object
properties:
voice-vlan-oui-mac:
description: "The specific MAC address pattern that corresponds to voice devices, as determined by the OUI. It is used for identifying and classifying voice traffic."
description: The specific MAC address pattern that corresponds to voice devices, as determined by the OUI. It is used for identifying and classifying voice traffic.
type: string
format: uc-mac
voice-vlan-oui-mask:
description: "A mask applied to the MAC address to help match the OUI more precisely. It ensures that the correct portion of the MAC address is evaluated to identify a device as a voice device."
description: A mask applied to the MAC address to help match the OUI more precisely. It ensures that the correct portion of the MAC address is evaluated to identify a device as a voice device.
type: string
format: uc-mac
voice-vlan-oui-description:
description: "A descriptive label or comment for the OUI configuration. This can help administrators keep track of which OUI belongs to which type of voice device or vendor."
description: A descriptive label or comment for the OUI configuration. This can help administrators keep track of which OUI belongs to which type of voice device or vendor.
type: string
maxLength: 32
minLength: 1
examples:
- "A VoIP Phone"
arp-inspect:
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
ip-source-guard:
$ref: "https://ucentral.io/schema/v1/switch/ip-source-guard/"
rt-events:
$ref: "https://ucentral.io/schema/v1/switch/rtevent/"
acl:
$ref: "https://ucentral.io/schema/v1/switch/acl/"

28
state/state.yml
View File

@@ -87,4 +87,30 @@ properties:
description: Number of ARP packets dropped due to ARP ACL rules.
arp-pkt-dropped-dhcp:
type: integer
description: Number of ARP packets dropped due to DHCP snooping validation failures.
description: Number of ARP packets dropped due to DHCP snooping validation failures.
ip-source-guard:
type: object
description: Represents the configuration and state of IP Source Guard.
properties:
blocked-entries:
type: array
description: Displays a list of entries that are currently blocked by IP Source Guard (IPSG).
items:
type: object
properties:
blocked-mac:
type: string
description: The MAC address that has been blocked by IP Source Guard.
format: "mac-address"
blocked-ip:
type: string
description: The IP address that has been blocked by IP Source Guard.
format: "ipv4"
blocked-vlan:
type: integer
description: The VLAN ID associated with the blocked IP/MAC entry.
minimum: 1
maximum: 4095
blocked-interface:
type: string
description: The interface (e.g., port) where the blocked entry was detected.

60
ucentral.capabilities.pretty.json
View File

@@ -17,25 +17,53 @@
},
"version": {
"type": "object",
"description": "The ols schema version to be used with this Switch",
"description": "Switch version info, OLS release and schema.",
"properties": {
"major": {
"type": "integer"
"switch": {
"type": "object",
"description": "the ols client version for this Switch",
"properties": {
"major": {
"type": "integer"
},
"minor": {
"type": "integer"
},
"patch": {
"type": "integer"
}
},
"examples": [
{
"major": 3,
"minor": 2,
"patch": 0
}
]
},
"minor": {
"type": "integer"
},
"patch": {
"type": "integer"
"schema": {
"type": "object",
"description": "the ols schema version used with the ols client.",
"properties": {
"major": {
"type": "integer"
},
"minor": {
"type": "integer"
},
"patch": {
"type": "integer"
}
},
"examples": [
{
"major": 3,
"minor": 2,
"patch": 0
}
]
}
},
"examples": [
{
"major": 3,
"minor": 2,
"patch": 0
}
]
}
},
"platform": {
"type": "string",

858
ucentral.schema.full.json
View File

@@ -604,6 +604,155 @@
"description": "Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks."
}
}
},
"rate-limit-port": {
"type": "object",
"description": "Configuration for ingress and egress rate limiting on a specific port (in kbps)",
"properties": {
"ingress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed ingress (input) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
},
"egress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed egress (output) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
}
}
},
"ip-source-guard-port": {
"type": "object",
"description": "Configuration of IP Source Guard (IPSG) on a physical interface in a Layer 2 switch.",
"properties": {
"rule": {
"type": "string",
"description": "Configures the switch to filter inbound traffic based on source IP address only, or source IP address and corresponding MAC address combined.",
"enum": [
"sip",
"sip-mac"
]
},
"mode": {
"type": "string",
"description": "Specifies the learning mode to use for validation, either MAC address table or ACL table. The system searches for source addresses in the specified table.",
"enum": [
"mac",
"acl"
]
},
"max-binding": {
"type": "integer",
"description": "Sets the maximum number of address entries that can be mapped to an interface in the binding table. Includes both static entries and dynamically learned entries via DHCP Snooping.",
"minimum": 1,
"maximum": 65535
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network port.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"type": "boolean",
"default": false
}
}
},
"dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
}
}
}
@@ -913,214 +1062,6 @@
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv6-source-address": {
"description": "The IPv6 address of the source to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-source-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 source addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ipv6-dest-address": {
"description": "The IPv6 address of the destination to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-dest-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 destination addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-next-header": {
"description": "Specifies the next header type in IPv6 traffic, such as TCP, UDP, or ICMPv6",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-flow-label": {
"description": "Filters packets based on the IPv6 Flow Label field",
"type": "integer",
"minimum": 0,
"maximum": 1048575
},
"acl-ip-source-port": {
"description": "Specifies the source port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"description": "The mask applied to the source port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"description": "Specifies the destination port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"description": "The mask applied to the destination port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ipv4-fragment-offset": {
"description": "Filters based on IPv4 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ipv6-fragment-offset": {
"description": "Filters based on IPv6 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ip-ttl": {
"description": "Filters IPv4 traffic based on the TTL (Time to Live) value",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-hop-limit": {
"description": "Filters IPv6 traffic based on the hop limit value, equivalent to IPv4 TTL",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
},
"mvr-config": {
"description": "This section defines the Multicast VLAN Registration (MVR) general configuration.",
"type": "object",
@@ -1464,6 +1405,404 @@
"description": "Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Configuration for IP Source Guard global static bindings in a Layer 2 switch.",
"properties": {
"bindings": {
"type": "array",
"description": "List of static bindings for IP Source Guard.",
"items": {
"type": "object",
"properties": {
"binding-mode": {
"type": "string",
"description": "Specifies the mode for adding a static address to the Source Guard ACL or MAC address binding table. It determines whether the binding is based on MAC addresses or ACLs.",
"enum": [
"mac",
"acl"
]
},
"binding-mac": {
"type": "string",
"format": "uc-mac",
"description": "A valid unicast MAC address for binding to the Source Guard filtering table."
},
"binding-vlans": {
"type": "integer",
"description": "The VLAN ID associated with the static binding for Source Guard filtering. Must be a valid, configured VLAN on the switch."
},
"binding-ip": {
"type": "string",
"format": "ipv4",
"description": "A valid unicast IPv4 address to associate with the Source Guard filtering table."
},
"binding-port": {
"type": "string",
"description": "The physical interface (e.g., ethernet0, ethernet1) where the Source Guard binding applies."
}
}
}
}
}
},
"rt-events": {
"description": "Configuration for enabling or disabling specific event categories and their sub-events.",
"type": "object",
"properties": {
"port-status": {
"description": "Enable/Disable Port Status events.",
"type": "object",
"properties": {
"enabled": {
"description": "Enable/Disable Port Status category.",
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"wired.carrier-down": {
"type": "boolean",
"description": "Enable/Disable carrier down event.",
"default": false
},
"wired.carrier-up": {
"type": "boolean",
"description": "Enable/Disable carrier up event.",
"default": false
}
}
}
}
},
"module": {
"description": "Enable/Disable Module events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Module category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"module.plugout": {
"type": "boolean",
"description": "Enable/Disable module plugout event.",
"default": false
},
"module.plugin": {
"type": "boolean",
"description": "Enable/Disable module plugin event.",
"default": false
}
}
}
}
},
"stp": {
"description": "Enable/Disable STP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable STP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"stp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"stp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"stp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"rstp": {
"description": "Enable/Disable RSTP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable RSTP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"rstp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"rstp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"rstp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"fw-upgrade": {
"description": "Enable/Disable Firmware Upgrade events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Firmware Upgrade category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"upg.download-start": {
"type": "boolean",
"description": "Enable/Disable download start event.",
"default": false
},
"upg.download-in-progress": {
"type": "boolean",
"description": "Enable/Disable download in progress event.",
"default": false
},
"upg.download-failed": {
"type": "boolean",
"description": "Enable/Disable download failed event.",
"default": false
},
"upg.validation-start": {
"type": "boolean",
"description": "Enable/Disable validation start event.",
"default": false
},
"upg.validation-success": {
"type": "boolean",
"description": "Enable/Disable validation success event.",
"default": false
},
"upg.validation-failed": {
"type": "boolean",
"description": "Enable/Disable validation failed event.",
"default": false
},
"upg.backup-current-firmware": {
"type": "boolean",
"description": "Enable/Disable firmware backup event.",
"default": false
},
"upg.install-start": {
"type": "boolean",
"description": "Enable/Disable install start event.",
"default": false
},
"upg.install-failed": {
"type": "boolean",
"description": "Enable/Disable install failed event.",
"default": false
},
"upg.reboot-start": {
"type": "boolean",
"description": "Enable/Disable reboot start event.",
"default": false
},
"upg.success": {
"type": "boolean",
"description": "Enable/Disable upgrade success event.",
"default": false
}
}
}
}
},
"dhcp-snooping": {
"description": "Enable/Disable DHCP Snooping events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"dhcp-snooping.violation-detected": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation detected event.",
"default": false
},
"dhcp-snooping.violation-cleared": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation cleared event.",
"default": false
}
}
}
}
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rules": {
"description": "access control rules under this ACL",
"type": "object",
"additionalProperties": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
}
}
}
}
}
}
},
@@ -1892,43 +2231,6 @@
}
}
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"type": "boolean",
"default": false
}
}
},
"dhcp": {
"description": "This section describes the DHCP server configuration",
"type": "object",
@@ -2227,72 +2529,6 @@
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network interface.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"broad-band": {
"oneOf": [
{

738
ucentral.schema.json
View File

@@ -541,6 +541,133 @@
"type": "boolean"
}
}
},
"rate-limit-port": {
"type": "object",
"properties": {
"ingress-kbps": {
"type": "integer",
"minimum": 64,
"maximum": 1000000000
},
"egress-kbps": {
"type": "integer",
"minimum": 64,
"maximum": 1000000000
}
}
},
"ip-source-guard-port": {
"type": "object",
"properties": {
"rule": {
"type": "string",
"enum": [
"sip",
"sip-mac"
]
},
"mode": {
"type": "string",
"enum": [
"mac",
"acl"
]
},
"max-binding": {
"type": "integer",
"minimum": 1,
"maximum": 65535
}
}
},
"acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"type": "boolean",
"default": false
}
}
}
},
"voice-vlan-intf-config": {
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"type": "boolean",
"default": false
}
}
},
"dhcp-snoop-port": {
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
}
}
},
@@ -565,6 +692,340 @@
}
}
},
"switch.ip-source-guard": {
"type": "object",
"properties": {
"bindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"binding-mode": {
"type": "string",
"enum": [
"mac",
"acl"
]
},
"binding-mac": {
"type": "string",
"format": "uc-mac"
},
"binding-vlans": {
"type": "integer"
},
"binding-ip": {
"type": "string",
"format": "ipv4"
},
"binding-port": {
"type": "string"
}
}
}
}
}
},
"switch.rtevent": {
"type": "object",
"properties": {
"port-status": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"wired.carrier-down": {
"type": "boolean",
"default": false
},
"wired.carrier-up": {
"type": "boolean",
"default": false
}
}
}
}
},
"module": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"module.plugout": {
"type": "boolean",
"default": false
},
"module.plugin": {
"type": "boolean",
"default": false
}
}
}
}
},
"stp": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"stp.loop-detected": {
"type": "boolean",
"default": false
},
"stp.loop-cleared": {
"type": "boolean",
"default": false
},
"stp.state-change": {
"type": "boolean",
"default": false
}
}
}
}
},
"rstp": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"rstp.loop-detected": {
"type": "boolean",
"default": false
},
"rstp.loop-cleared": {
"type": "boolean",
"default": false
},
"rstp.state-change": {
"type": "boolean",
"default": false
}
}
}
}
},
"fw-upgrade": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"upg.download-start": {
"type": "boolean",
"default": false
},
"upg.download-in-progress": {
"type": "boolean",
"default": false
},
"upg.download-failed": {
"type": "boolean",
"default": false
},
"upg.validation-start": {
"type": "boolean",
"default": false
},
"upg.validation-success": {
"type": "boolean",
"default": false
},
"upg.validation-failed": {
"type": "boolean",
"default": false
},
"upg.backup-current-firmware": {
"type": "boolean",
"default": false
},
"upg.install-start": {
"type": "boolean",
"default": false
},
"upg.install-failed": {
"type": "boolean",
"default": false
},
"upg.reboot-start": {
"type": "boolean",
"default": false
},
"upg.success": {
"type": "boolean",
"default": false
}
}
}
}
},
"dhcp-snooping": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"dhcp-snooping.violation-detected": {
"type": "boolean",
"default": false
},
"dhcp-snooping.violation-cleared": {
"type": "boolean",
"default": false
}
}
}
}
}
}
},
"switch.acl": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-type": {
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rules": {
"type": "object",
"additionalProperties": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-rule-action": {
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
}
}
}
}
},
"switch": {
"type": "object",
"properties": {
@@ -822,180 +1283,6 @@
}
}
},
"acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv6-source-address": {
"type": "string",
"format": "ipv6"
},
"acl-ipv6-source-prefix-length": {
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ipv6-dest-address": {
"type": "string",
"format": "ipv6"
},
"acl-ipv6-dest-prefix-length": {
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ip-proto": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-next-header": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-flow-label": {
"type": "integer",
"minimum": 0,
"maximum": 1048575
},
"acl-ip-source-port": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ipv4-fragment-offset": {
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ipv6-fragment-offset": {
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ip-ttl": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-hop-limit": {
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
},
"mvr-config": {
"type": "object",
"properties": {
@@ -1268,6 +1555,15 @@
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
"ip-source-guard": {
"$ref": "#/$defs/switch.ip-source-guard"
},
"rt-events": {
"$ref": "#/$defs/switch.rtevent"
},
"acl": {
"$ref": "#/$defs/switch.acl"
}
}
},
@@ -1688,38 +1984,6 @@
"ip-arp-inspect-vlan": {
"$ref": "#/$defs/interface.ipv4.arp-inspect"
},
"voice-vlan-intf-config": {
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"type": "boolean",
"default": false
}
}
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},
@@ -1899,62 +2163,6 @@
}
}
},
"interface.acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"type": "boolean",
"default": false
}
}
}
},
"interface.dhcp-snoop-port": {
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"interface.broad-band.wwan": {
"type": "object",
"properties": {
@@ -2206,12 +2414,6 @@
"ipv6": {
"$ref": "#/$defs/interface.ipv6"
},
"acl": {
"$ref": "#/$defs/interface.acl"
},
"dhcp-snoop-port": {
"$ref": "#/$defs/interface.dhcp-snoop-port"
},
"broad-band": {
"$ref": "#/$defs/interface.broad-band"
},

873
ucentral.schema.pretty.json
View File

@@ -638,6 +638,155 @@
"description": "Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks."
}
}
},
"rate-limit-port": {
"type": "object",
"description": "Configuration for ingress and egress rate limiting on a specific port (in kbps)",
"properties": {
"ingress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed ingress (input) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
},
"egress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed egress (output) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
}
}
},
"ip-source-guard-port": {
"type": "object",
"description": "Configuration of IP Source Guard (IPSG) on a physical interface in a Layer 2 switch.",
"properties": {
"rule": {
"type": "string",
"description": "Configures the switch to filter inbound traffic based on source IP address only, or source IP address and corresponding MAC address combined.",
"enum": [
"sip",
"sip-mac"
]
},
"mode": {
"type": "string",
"description": "Specifies the learning mode to use for validation, either MAC address table or ACL table. The system searches for source addresses in the specified table.",
"enum": [
"mac",
"acl"
]
},
"max-binding": {
"type": "integer",
"description": "Sets the maximum number of address entries that can be mapped to an interface in the binding table. Includes both static entries and dynamically learned entries via DHCP Snooping.",
"minimum": 1,
"maximum": 65535
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network port.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"type": "boolean",
"default": false
}
}
},
"dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
}
}
},
@@ -668,6 +817,404 @@
}
}
},
"switch.ip-source-guard": {
"type": "object",
"description": "Configuration for IP Source Guard global static bindings in a Layer 2 switch.",
"properties": {
"bindings": {
"type": "array",
"description": "List of static bindings for IP Source Guard.",
"items": {
"type": "object",
"properties": {
"binding-mode": {
"type": "string",
"description": "Specifies the mode for adding a static address to the Source Guard ACL or MAC address binding table. It determines whether the binding is based on MAC addresses or ACLs.",
"enum": [
"mac",
"acl"
]
},
"binding-mac": {
"type": "string",
"format": "uc-mac",
"description": "A valid unicast MAC address for binding to the Source Guard filtering table."
},
"binding-vlans": {
"type": "integer",
"description": "The VLAN ID associated with the static binding for Source Guard filtering. Must be a valid, configured VLAN on the switch."
},
"binding-ip": {
"type": "string",
"format": "ipv4",
"description": "A valid unicast IPv4 address to associate with the Source Guard filtering table."
},
"binding-port": {
"type": "string",
"description": "The physical interface (e.g., ethernet0, ethernet1) where the Source Guard binding applies."
}
}
}
}
}
},
"switch.rtevent": {
"description": "Configuration for enabling or disabling specific event categories and their sub-events.",
"type": "object",
"properties": {
"port-status": {
"description": "Enable/Disable Port Status events.",
"type": "object",
"properties": {
"enabled": {
"description": "Enable/Disable Port Status category.",
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"wired.carrier-down": {
"type": "boolean",
"description": "Enable/Disable carrier down event.",
"default": false
},
"wired.carrier-up": {
"type": "boolean",
"description": "Enable/Disable carrier up event.",
"default": false
}
}
}
}
},
"module": {
"description": "Enable/Disable Module events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Module category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"module.plugout": {
"type": "boolean",
"description": "Enable/Disable module plugout event.",
"default": false
},
"module.plugin": {
"type": "boolean",
"description": "Enable/Disable module plugin event.",
"default": false
}
}
}
}
},
"stp": {
"description": "Enable/Disable STP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable STP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"stp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"stp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"stp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"rstp": {
"description": "Enable/Disable RSTP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable RSTP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"rstp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"rstp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"rstp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"fw-upgrade": {
"description": "Enable/Disable Firmware Upgrade events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Firmware Upgrade category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"upg.download-start": {
"type": "boolean",
"description": "Enable/Disable download start event.",
"default": false
},
"upg.download-in-progress": {
"type": "boolean",
"description": "Enable/Disable download in progress event.",
"default": false
},
"upg.download-failed": {
"type": "boolean",
"description": "Enable/Disable download failed event.",
"default": false
},
"upg.validation-start": {
"type": "boolean",
"description": "Enable/Disable validation start event.",
"default": false
},
"upg.validation-success": {
"type": "boolean",
"description": "Enable/Disable validation success event.",
"default": false
},
"upg.validation-failed": {
"type": "boolean",
"description": "Enable/Disable validation failed event.",
"default": false
},
"upg.backup-current-firmware": {
"type": "boolean",
"description": "Enable/Disable firmware backup event.",
"default": false
},
"upg.install-start": {
"type": "boolean",
"description": "Enable/Disable install start event.",
"default": false
},
"upg.install-failed": {
"type": "boolean",
"description": "Enable/Disable install failed event.",
"default": false
},
"upg.reboot-start": {
"type": "boolean",
"description": "Enable/Disable reboot start event.",
"default": false
},
"upg.success": {
"type": "boolean",
"description": "Enable/Disable upgrade success event.",
"default": false
}
}
}
}
},
"dhcp-snooping": {
"description": "Enable/Disable DHCP Snooping events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"dhcp-snooping.violation-detected": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation detected event.",
"default": false
},
"dhcp-snooping.violation-cleared": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation cleared event.",
"default": false
}
}
}
}
}
}
},
"switch.acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rules": {
"description": "access control rules under this ACL",
"type": "object",
"additionalProperties": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
}
}
}
}
},
"switch": {
"description": "This section defines the switch fabric specific features of a physical switch.",
"type": "object",
@@ -973,214 +1520,6 @@
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv6-source-address": {
"description": "The IPv6 address of the source to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-source-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 source addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ipv6-dest-address": {
"description": "The IPv6 address of the destination to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-dest-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 destination addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-next-header": {
"description": "Specifies the next header type in IPv6 traffic, such as TCP, UDP, or ICMPv6",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-flow-label": {
"description": "Filters packets based on the IPv6 Flow Label field",
"type": "integer",
"minimum": 0,
"maximum": 1048575
},
"acl-ip-source-port": {
"description": "Specifies the source port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"description": "The mask applied to the source port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"description": "Specifies the destination port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"description": "The mask applied to the destination port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ipv4-fragment-offset": {
"description": "Filters based on IPv4 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ipv6-fragment-offset": {
"description": "Filters based on IPv6 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ip-ttl": {
"description": "Filters IPv4 traffic based on the TTL (Time to Live) value",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-hop-limit": {
"description": "Filters IPv6 traffic based on the hop limit value, equivalent to IPv4 TTL",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
},
"mvr-config": {
"description": "This section defines the Multicast VLAN Registration (MVR) general configuration.",
"type": "object",
@@ -1500,6 +1839,15 @@
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
"ip-source-guard": {
"$ref": "#/$defs/switch.ip-source-guard"
},
"rt-events": {
"$ref": "#/$defs/switch.rtevent"
},
"acl": {
"$ref": "#/$defs/switch.acl"
}
}
},
@@ -1985,43 +2333,6 @@
"ip-arp-inspect-vlan": {
"$ref": "#/$defs/interface.ipv4.arp-inspect"
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"type": "boolean",
"default": false
}
}
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},
@@ -2221,72 +2532,6 @@
}
}
},
"interface.acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network interface.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"interface.dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"interface.broad-band.wwan": {
"description": "This Object defines the properties of a broad-band uplink.",
"type": "object",
@@ -2579,12 +2824,6 @@
"ipv6": {
"$ref": "#/$defs/interface.ipv6"
},
"acl": {
"$ref": "#/$defs/interface.acl"
},
"dhcp-snoop-port": {
"$ref": "#/$defs/interface.dhcp-snoop-port"
},
"broad-band": {
"$ref": "#/$defs/interface.broad-band"
},

35
ucentral.state.pretty.json
View File

@@ -123,6 +123,41 @@
"description": "Number of ARP packets dropped due to DHCP snooping validation failures."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Represents the configuration and state of IP Source Guard.",
"properties": {
"blocked-entries": {
"type": "array",
"description": "Displays a list of entries that are currently blocked by IP Source Guard (IPSG).",
"items": {
"type": "object",
"properties": {
"blocked-mac": {
"type": "string",
"description": "The MAC address that has been blocked by IP Source Guard.",
"format": "mac-address"
},
"blocked-ip": {
"type": "string",
"description": "The IP address that has been blocked by IP Source Guard.",
"format": "ipv4"
},
"blocked-vlan": {
"type": "integer",
"description": "The VLAN ID associated with the blocked IP/MAC entry.",
"minimum": 1,
"maximum": 4095
},
"blocked-interface": {
"type": "string",
"description": "The interface (e.g., port) where the blocked entry was detected."
}
}
}
}
}
}
},
"$defs": {