Converted from YANG file 'netconfd.yang' by yangdump version 2.2.1737 Module: netconfd Organization: Netconf Central Version: 2011-12-15 Contact: Andy Bierman <support@netconfcentral.org>. Configuration Parameters for netconfd; This module is not advertised by the server. It contains only CLI parameters. /usr/share/yuma/modules/netconfcentral/netconfd.yang Netconf Central Andy Bierman <support@netconfcentral.org>. 2011-12-15 Add --running-error parameter. 2011-10-08 Add --home parameter. 2011-08-27 Add --runpath parameter. Add --factory-startup parameter. 2011-07-20 Add --audit-log and --audit-log-append CLI parameters. Add --system-sorted CLI parameter. Make with-defaults enum local to prevent report-all-tagged from being accepted as a basic mode. 2011-05-29 Removed superuser YANG default to disable by default, to make sure an admin has to explicitly enable this feature. 2011-04-24 Added --protocols parameter via uses ProtocolsParm. Not available in yuma v1 branch. 2011-04-02 Added --delete-np-containers parameter. 2010-05-13 Added --with-url to enable :url capability. 2010-01-14 Initial version for 0.9.9 release. select startup config for boot load start no-startup If present, do not load the startup config file. Use the factory default settings but do not overwrite the NV-storage startup unless it is altered. This option does not delete the startup config file if it exists. factory-startup Force the system to use the factory configuration and delete the startup config file if it exists. Force the NV-storage startup to contain the factory default configuration. startup The full or relative filespec of the startup config file to use. If present, overrides the default startup config file name 'startup-cfg.xml', This will also override the YUMA_DATAPATH environment variable and the datapath CLI parameter, if the first character is the forward slash '/', indicating an absolute file path. Server CLI for the NETCONF protocol. Usage: netconfd [parameters] true Controls how access control is initially enforced by the server. All configured access control rules will be enforced. 0 All configured access control rules will be enforced for write and execute requests. All read requests will be allowed, unless the requested object contains the 'nacm:very-secure' extension. In that case, all configured access control rules will be enforced. 1 All read, write, and execute requests will be allowed, unless the object contains the 'nacm:secure' or 'nacm:very-secure' extension. If the 'nacm:secure' extension is in effect, then all configured access control rules will be enforced for write and execute requests. If the 'nacm:very-secure' extension is in effect, then all configured access control rules will be enforced for all requests. Use this mode with caution. 2 All access control enforcement is disabled. Use this mode with extreme caution. 3 Filespec for the server audit log file to use in addition to the normal log file or STDOUT. If present, the audit log will be appended not over-written. If not, the audit log will be over-written. Only meaningful if the 'audit-log' parameter is also present. Selects the type of filtering behavior the server will advertise as the 'basic' behavior in the 'with-defaults' capability. The server will use this default handling behavior if the 'with-defaults' parameter is not explicitly set. Also, when saving a configuration to NV-storage, this value will be used for filtering defaults from the saved configuration. See wd:with-defaults leaf for enumeration details. 0 1 2 An empty non-presence container has no meaning in NETCONF/YANG so it may be deleted by the server. This takes non-trivial processing time for large databases, but uses less memory. Disabling this parameter will result in a larger database in both memory and NV-save. Specifies the maximum number of notification events that will be saved in the notification replay buffer. The oldest entries will be deleted first. Specifies the number of seconds that a session may exist before the hello PDU is received. A session will be dropped if no hello PDU is received before this number of seconds elapses. If this parameter is set to zero, then the server will wait forever for a hello message, and not drop any sessions stuck in 'hello-wait' state. Setting this parameter to zero may permit denial of service attacks, since only a limited number of concurrent sessions are supported by the server. seconds Specifies the number of seconds that a session may remain idle without issuing any RPC requests. A session will be dropped if it is idle for an interval longer than this number of seconds. Sessions that have a notification subscription active are never dropped. If this parameter is set to zero, then the server will never drop a session because it is idle. seconds Specifies the maximum number of notifications that should be sent to one session, within a one second time interval. The value 0 indicates that the server should not limit notification bursts at all. Specifies the TCP ports that the server will accept connections from. These ports must also be configured in the /etc/ssh/sshd_config file for the SSH master server to accept the connection and invoke the netconf subsystem. Up to 4 port numbers can be configured. If any ports are configured, then only those values will be accepted by the server. If no ports are configured, then the server will accept connections on the netconf-ssh port (tcp/830). system Controls the server behavior if any errors are encountered while validating the running database during the initial load of the running configuration at boot-time. Terminate the program if any errors are encountered in the running configuration. 0 Continue the program if any errors are encountered in the running configuration. Altering the running configuration will fail until the commit validation tests succeed. 1 select startup config for boot load start factory-startup Force the system to use the factory configuration and delete the startup config file if it exists. Force the NV-storage startup to contain the factory default configuration. no-startup If present, do not load the startup config file. Use the factory default settings but do not overwrite the NV-storage startup unless it is altered. This option does not delete the startup config file if it exists. startup The full or relative filespec of the startup config file to use. If present, overrides the default startup config file name 'startup-cfg.xml', This will also override the YUMA_DATAPATH environment variable and the datapath CLI parameter, if the first character is the forward slash '/', indicating an absolute file path. Controls the server behavior if any errors are encountered while loading the startup configuration file into the running configuration at boot-time. It is possible for the startup configuration to contain errors within optional nodes. If this parameter is set to 'continue', then the validation tests on the running config (controlled by running-error) should not fail due to missing optional nodes. Terminate the program if any errors are encountered in the startup configuration. 0 Continue the program if any errors are encountered in the startup configuration. The entire module-specific data structure(s) containing the error node(s) will not be added to the running configuration at boot-time. 1 The user name to use as the superuser account. Any session associated with this user name will bypass all access control enforcement. See yuma-nacm.yang for more details. To disable the superuser account completely, set this parameter to the empty string or do not set it at all. The default mode is to disable superuser access. Indicates whether ordered-by system leaf-lists and lists will be kept in sorted order. The database to use as the target of edit-config operations. Write to the running config and support the :writable-running capability. 0 Write to the candidate config and support the :candidate and :confirmed-commit capabilities. 1 If present, then XML element order will be enforced. Otherwise, XML element order errors will not be generated if possible. Default is no enforcement of strict XML order. If set to 'true', then the :startup capability will be enabled. Otherwise, the :startup capability will not be enabled. This capability makes the NV-save operation an explicit operation instead of an automatic save. If set to 'true', then the :url capability will be enabled. Otherwise, the :url capability will not be enabled. This capability requires a file system and may introduce security risks because internal files such as startup-cfg.xml and backup-cfg.xml will be exposed. If set to 'true', then the :validate capability will be enabled. Otherwise, the :validate capability will not be enabled. This capability requires extensive memory resources.