diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json index da7258a0d8b..c044a3c0388 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json @@ -38,6 +38,13 @@ "desc": "Configure non-existing ACL_TABLE in ACL_RULE.", "eStrKey" : "LeafRef" }, + "ACL_RULE_WITH_VALID_POLICER_ACTION": { + "desc": "Configure ACL_RULE with valid POLICER_ACTION." + }, + "ACL_RULE_WITH_INVALID_POLICER_ACTION": { + "desc": "Configure ACL_RULE with non-existing POLICER_ACTION.", + "eStrKey" : "LeafRef" + }, "ACL_RULE_IP_TYPE_SRC_IPV6ANY": { "desc": "Configure IP_TYPE as ipv6any and SRC_IPV6 in ACL_RULE." }, diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json index fdd37304a82..ab629a0cb2e 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json @@ -1545,6 +1545,76 @@ } } }, + "ACL_RULE_WITH_VALID_POLICER_ACTION": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "DATAACL", + "POLICER_ACTION": "test_policer", + "PRIORITY": 9999, + "RULE_NAME": "Rule_20", + "SRC_IP": "10.0.0.1/32" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "DATAACL", + "policy_desc": "DATAACL", + "ports": [ + "" + ], + "stage": "ingress", + "type": "L3" + } + ] + } + }, + "sonic-policer:sonic-policer": { + "sonic-policer:POLICER": { + "POLICER_LIST": [ + { + "name": "test_policer", + "meter_type": "packets", + "mode": "sr_tcm", + "cir": "5000", + "cbs": "5000", + "red_packet_action": "drop" + } + ] + } + } + }, + "ACL_RULE_WITH_INVALID_POLICER_ACTION": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "DATAACL", + "POLICER_ACTION": "non_existent_policer", + "PRIORITY": 9999, + "RULE_NAME": "Rule_20", + "SRC_IP": "10.0.0.1/32" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "DATAACL", + "policy_desc": "DATAACL", + "ports": [ + "" + ], + "stage": "ingress", + "type": "L3" + } + ] + } + } + }, "ACL_RULE_VALID_TCP_FLAGS": { "sonic-acl:sonic-acl": { "sonic-acl:ACL_RULE": { diff --git a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 index a0f099447c6..66730d4d2b3 100644 --- a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 +++ b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 @@ -41,6 +41,10 @@ module sonic-acl { prefix sms; } + import sonic-policer { + prefix policer; + } + description "ACL YANG Module for SONiC OS"; revision 2019-07-01 { @@ -96,6 +100,13 @@ module sonic-acl { type yang:mac-address; } + leaf POLICER_ACTION { + description "Policer to apply to matching packets, referencing a POLICER entry"; + type leafref { + path "/policer:sonic-policer/policer:POLICER/policer:POLICER_LIST/policer:name"; + } + } + leaf IP_TYPE { description "IP type to match (IPv4, IPv6, ARP, etc.)"; type stypes:ip_type;