def test_ip_subnet_tag(self):
t = taglib.ip_subnet_tag("127.0.0.0/8")
eq_(t.kind, "IPv4 subnet")
eq_(t.name, "127.0.0.0/8")
eq_(t.sort_name, "v4 7f000000/08")
t = taglib.ip_subnet_tag("127.0.0.0/8", "interface subnet")
eq_(t.kind, "interface subnet")
eq_(t.name, "127.0.0.0/8")
eq_(t.sort_name, "v4 7f000000/08")
def test_ip_subnet_tag(self):
t = taglib.ip_subnet_tag("127.0.0.0/8")
eq_(t.kind, "IPv4 subnet")
eq_(t.name, "127.0.0.0/8")
eq_(t.sort_name, "v4 7f000000/08")
t = taglib.ip_subnet_tag("127.0.0.0/8", "interface subnet")
eq_(t.kind, "interface subnet")
eq_(t.name, "127.0.0.0/8")
eq_(t.sort_name, "v4 7f000000/08")
def tag_addresses(family_elem):
for address_elem in family_elem.xpath("address/name"):
ifa_tag = taglib.ip_address_tag(address_elem.text,
kind="interface address")
ifa_tag.implied_by(unit_tag, address_elem.sourceline)
t = taglib.ip_address_tag(address_elem.text)
t.implied_by(ifa_tag, address_elem.sourceline)
t.implies(taglib.ip_subnet_tag(address_elem.text),
address_elem.sourceline)
def tag_addresses(family_elem):
for address_elem in family_elem.xpath("address/name"):
ifa_tag = taglib.ip_address_tag(address_elem.text,
kind="interface address")
ifa_tag.implied_by(unit_tag, address_elem.sourceline)
t = taglib.ip_address_tag(address_elem.text)
t.implied_by(ifa_tag, address_elem.sourceline)
t.implies(taglib.ip_subnet_tag(address_elem.text),
address_elem.sourceline)
def interface(self):
# preconfigure is inserted into the config before the interface name when the matching
# hardware isn't found. for now, lets just ignore these interfaces.
inactive = self.accept(Keyword)
name = self.expect(Name)
if_tag = None
if not inactive:
if_tag = taglib.tag("interface",
"%s %s" % (taglib.env_tags.device.name, name))
if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum)
if_tag.implies(taglib.env_tags.device, self.lineNum)
if_tag.implies(
taglib.tag("interface type", re.sub(r"[0-9/.]+$", "", name)),
self.lineNum)
self.expect(EndOfCommand)
while True:
if self.accept(Token.EndOfMode) is not None:
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "description":
description = self.expect(String)
if not inactive:
t = taglib.tag("interface description", description)
t.implied_by(if_tag, self.lineNum)
self.expect(EndOfCommand)
elif cmd == "ipv4":
self.ip(if_tag=if_tag, version="IPv4", active=not inactive)
elif cmd == "ipv6":
ra = self.ip(if_tag=if_tag,
version="IPv6",
active=not inactive)
# (ra_suppress, ra_line, if_prefix, ra_prefix)
if not ra[0] and ra[1]:
ratag = taglib.tag("ra server", if_tag.name)
if len(ra[3]):
for p in ra[3]:
ratag.implies(taglib.ip_subnet_tag(p), ra[1])
else:
for p in ra[2]:
ratag.implies(taglib.ip_subnet_tag(p), ra[1])
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
def ip(self, if_tag=None, if_name=None, version=None):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if if_name:
if version == 'IPv4':
if_addrs4.setdefault(if_name, ipaddress)
elif version == 'IPv6':
if_addrs6.setdefault(if_name, ipaddress)
ifaddr_tag = taglib.ip_address_tag(address,
kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6':
ipv6_addresses = True
if re.search(r"eth|fddi|port-channel", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'cef':
if not version:
version = "IPv4"
distributed = self.accept(Keyword)
if distributed == "distributed":
cef = " ".join((version, distributed))
else:
cef = version
t = taglib.tag("Cisco express forwarding", cef)
t.implied_by(device_tag, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'domain name' or cmd == 'domain-name':
t = taglib.tag("domain name", self.expect(String))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'name-server':
t = taglib.tag("name server", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
ra_line = self.lineNum
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_line = self.lineNum
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'ssh':
if self.sshEnabled == False:
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.sshEnabled = True
nextCmd = self.expect(Keyword)
if nextCmd == 'version':
version = self.expect(Literal)
if version == '2':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
t = taglib.tag("service", "SSHv2")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif version == '1':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
t = taglib.tag("service", "SSHv1")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'unicast-routing':
ipv6_unicast_routing = self.lineNum
self.expect(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def interface(self):
ra_list = []
name = self.expect(Name)
# TODO: make interface names sort in ascending numeric order
if_tag = taglib.tag("interface",
"%s %s" % (taglib.env_tags.device.name, name))
if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum)
if_tag.implies(taglib.env_tags.device, self.lineNum)
if_tag.implies(taglib.tag("interface type",
re.sub(r"[0-9/.]+$", "", name)),
self.lineNum)
m = re.match(r"(Dot11Radio[0-9]+)(\.)?([0-9]+)?$", name)
if m:
if not m.group(2):
ssidsForInterface[m.group(1)] = []
if_tag.implies(taglib.tag("interface type", "wireless"), self.lineNum)
if m.group(3):
t = taglib.tag("VLAN ID", m.group(3), sort_name="%05d" % int(m.group(3)))
t.implied_by(if_tag, self.lineNum)
if ssidDict[m.group(3)] in ssidsForInterface[m.group(1)]:
t = taglib.tag("SSID", ssidDict[m.group(3)])
t.implied_by(if_tag, ssidLineDict[m.group(3)])
self.expect(EndOfCommand)
while True:
if self.accept(Whitespace) is None:
ra_suppress = False
ra_prefix_line = None
ra_if_prefix_line = None
ra_prefix = []
if_prefix = []
# (ra_suppress, ra_line, if_prefix, ra_prefix)
for ra in ra_list:
ra_suppress |= ra[0]
if ra[0]:
admin = taglib.tag("admin disabled", "ND router advertisement server")
admin.implied_by(if_tag, ra[1])
if len(ra[2]):
if_prefix = ra[2]
ra_if_prefix_line = ra[1]
if len(ra[3]):
ra_prefix = intra[3]
ra_prefix_line = ra[1]
if ra_prefix_line or ra_if_prefix_line:
if not ra_suppress:
rp = taglib.tag("routing protocol", "router advertisement")
if ra_if_prefix_line:
rp.used(ra_if_prefix_line)
elif ra_prefix_line:
rp.used(ra_prefix_line)
ratag = taglib.tag("ND router advertisement server", if_tag.name)
if len(ra_prefix):
for p in ra_prefix:
ratag.implies(taglib.ip_subnet_tag(p), ra_prefix_line)
else:
for p in if_prefix:
ratag.implies(taglib.ip_subnet_tag(p), ra_if_prefix_line)
return
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "description":
description = self.expect(String)
t = taglib.tag("interface description", description)
t.implied_by(if_tag, self.lineNum)
self.expect(EndOfCommand)
elif cmd == "ip":
self.ip(if_tag=if_tag, if_name=name, version="IPv4")
elif cmd == "ipv6":
ra_list.append(self.ip(if_tag=if_tag, if_name=name, version="IPv6"))
elif cmd == "ssid":
if m and not m.group(2):
ssidsForInterface[m.group(1)].append(self.expect(Literal))
self.expect(EndOfCommand)
elif cmd == "tunnel":
self.skipTo(EndOfCommand)
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(r'-detail', '', filename)
main(filename)
return
# time
m = re.match(r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?', line)
if m:
which, server, vr = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
ignore, server, vr = m.groups()
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'create vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlanTag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlanTag.implied_by(taglib.env_tags.snapshot, line=n)
taglib.env_tags.device.implied_by(vlanTag, line=n)
continue
m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line)
if m:
vlan, vlan_id = m.group(1), int(m.group(2))
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_id_tag = taglib.tag("VLAN ID", vlan_id, sort_name="%05d" % vlan_id)
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(vlan_id_tag, line=n)
continue
m = re.match(r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+', line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
m = re.match(r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+', line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# dhcp/bootp
m = re.match(r'configure bootprelay add ([\w\d.-]+)', line)
if m:
relay = m.group(1)
taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device, line=n)
continue
# accounts
m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(2)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure account (admin|user).*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# protocols
m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line)
if m:
protocolTag = taglib.tag("routing protocol", taglib.protocol_name(m.group(1)))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'enable (igmp|MLD) snooping.*', line)
if m:
protocol = m.group(1)
protocolTag = taglib.tag("routing protocol", taglib.protocol_name(protocol))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n)
continue
m = re.match(r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)', line)
if m:
domain, vlan, instance, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPFv3 area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n)
continue
# services
serviceLabelDict = {'ssh':'SSHv1', 'ssh1':'SSHv1', 'ssh2':'SSHv2', 'telnet':'TELNET',
'web':'HTTP'}
m = re.match(r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?', line)
if m:
service = m.group(1)
taglib.tag("service", serviceLabelDict[service]).implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?', line)
if m:
taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device, n)
continue
def ip(self, if_tag=None, version=None, active=True):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if active:
ifaddr_tag = taglib.ip_address_tag(address,
kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6' and re.search(r"eth|srp", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
if self.accept(Keyword):
self.expect(Literal)
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(
r'-detail', '', filename)
main(filename)
return
# time
m = re.match(
r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?',
line)
if m:
which, server, vr = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device,
line=n)
continue
# dns
m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)',
line)
if m:
server = m.group(1)
taglib.tag("domain name",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(
r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
ignore, server, vr = m.groups()
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name",
server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(
r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("RADIUS server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(
r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("TACACS+ server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'create vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlanTag = taglib.tag("interface",
"%s %s" % (taglib.env_tags.device.name, vlan))
vlanTag.implied_by(taglib.env_tags.snapshot, line=n)
taglib.env_tags.device.implied_by(vlanTag, line=n)
continue
m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line)
if m:
vlan, vlan_id = m.group(1), int(m.group(2))
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_id_tag = taglib.tag("VLAN ID",
vlan_id,
sort_name="%05d" % vlan_id)
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(vlan_id_tag, line=n)
continue
m = re.match(
r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+',
line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
m = re.match(
r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+',
line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# dhcp/bootp
m = re.match(r'configure bootprelay add ([\w\d.-]+)', line)
if m:
relay = m.group(1)
taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device,
line=n)
continue
# accounts
m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(2)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
m = re.match(r'configure account (admin|user).*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
# protocols
m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line)
if m:
protocolTag = taglib.tag("routing protocol",
taglib.protocol_name(m.group(1)))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'enable (igmp|MLD) snooping.*', line)
if m:
protocol = m.group(1)
protocolTag = taglib.tag("routing protocol",
taglib.protocol_name(protocol))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n)
continue
m = re.match(
r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(
r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)',
line)
if m:
domain, vlan, instance, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPFv3 area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n)
continue
# services
serviceLabelDict = {
'ssh': 'SSHv1',
'ssh1': 'SSHv1',
'ssh2': 'SSHv2',
'telnet': 'TELNET',
'web': 'HTTP'
}
m = re.match(
r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?',
line)
if m:
service = m.group(1)
taglib.tag("service", serviceLabelDict[service]).implied_by(
taglib.env_tags.device, n)
continue
m = re.match(
r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?',
line)
if m:
taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device,
n)
continue
def tag_protocols(top):
protocol = "BGP"
routing_options_local_as_list = top.xpath(
"routing-options/autonomous-system/as-number")
routing_options_router_id_list = top.xpath("routing-options/router-id")
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("neighbor/name"):
local_address_elem_list = peer_name_elem.xpath(
"ancestor::*/local-address")
if local_address_elem_list:
local_address_elem = local_address_elem_list[0]
elif routing_options_router_id_list:
local_address_elem = routing_options_router_id_list[0]
local_elem_list = peer_name_elem.xpath(
"ancestor::*/local-as/as-number")
if local_elem_list:
local_elem = local_elem_list[0]
elif routing_options_local_as_list:
local_elem = routing_options_local_as_list[0]
if local_elem is not None:
localasn_tag = taglib.as_number_tag(
local_elem.text, "local AS")
localasn_tag.implies(taglib.as_number_tag(local_elem.text),
local_elem.sourceline)
asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as")
if asn_elem_list:
asn_elem = asn_elem_list[0]
else:
asn_elem = local_elem
asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS")
asn_tag.implies(taglib.as_number_tag(asn_elem.text),
asn_elem.sourceline)
if asn_elem.text == local_elem.text:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peering_tag = taglib.tag(
"%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer_name_elem.text),
sort_name="%s %s" %
(device_tag.name, address_tag.sort_name))
peering_tag.implies(protocol_tag, peer_name_elem.sourceline)
peering_tag.implied_by(device_tag, peer_name_elem.sourceline)
peering_tag.implied_by(group_tag, peer_name_elem.sourceline)
asn_tag.implied_by(peering_tag, asn_elem.sourceline)
localasn_tag.implied_by(peering_tag, local_elem.sourceline)
peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="%s peer" % protocol)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
if local_address_elem is not None:
peer2_tag = taglib.ip_address_tag(local_address_elem.text,
kind="%s peer" %
protocol.upper())
address2_tag = taglib.ip_address_tag(
local_address_elem.text)
peer2_tag.implies(address2_tag,
local_address_elem.sourceline)
local_peer_tag = taglib.ip_address_tag(
local_address_elem.text,
kind="local %s peer" % protocol)
local_peer_tag.implied_by(peering_tag,
local_address_elem.sourceline)
local_peer_tag.implies(peer2_tag,
peer_name_elem.sourceline)
remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="remote %s peer" %
protocol)
remote_peer_tag.implied_by(peering_tag,
peer_name_elem.sourceline)
remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline)
protocol = "MSDP"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("peer/name"):
peer_tag = taglib.tag("%s peer" % protocol,
peer_name_elem.text)
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
peer_tag.implied_by(group_tag, peer_name_elem.sourceline)
peer_tag.implies(protocol_tag, peer_name_elem.sourceline)
ospf_version_dict = {'ospf': 'OSPF', 'ospf3': 'OSPFv3'}
for protocol_key, protocol in ospf_version_dict.items():
protocol_elem_list = top.xpath("protocols/%s" % protocol_key)
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for area_elem in protocol_elem.xpath("area"):
name_elem = area_elem.xpath("name")[0]
area_tag = taglib.tag("%s area" % protocol, name_elem.text)
area_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in area_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface", "%s %s" %
(device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(area_tag, interface_name_elem.sourceline)
protocol = "PIM"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_name_elem in protocol_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface",
"%s %s" % (device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(protocol_tag, interface_name_elem.sourceline)
for protocol in ("RIP", "RIPng"):
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol, name_elem.text)
group_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in group_elem.xpath("neighbor/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface", "%s %s" %
(device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(group_tag, interface_name_elem.sourceline)
protocol = "router-advertisement"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_elem in protocol_elem.xpath("interface"):
interface_name_elem = interface_elem.xpath("name")[0]
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface",
"%s %s" % (device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
ratag = taglib.tag(
"ND router advertisement server",
"%s %s" % (device_tag.name, interface_name_elem.text))
ratag.implied_by(t, interface_name_elem.sourceline)
for prefix_name_elem in interface_elem.xpath("prefix/name"):
ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text),
prefix_name_elem.sourceline)
def main(filename):
lines = open(filename, 'rU')
n = 0
ssh_version = None
ssh_enable = False
for line in lines:
n += 1
# hostname
m = re.match(r'set hostname ([\w\d.-]+)', line)
if m:
host = m.group(1)
taglib.tag("hostname", host).implied_by(taglib.env_tags.device,
line=n)
continue
# time
m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line)
if m:
server = m.group(2)
if not server == '0.0.0.0':
taglib.tag("NTP server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name",
domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set dns host dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line)
if m:
server = m.group(2)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(
r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line)
if m:
name, ipaddress, plen, secondary = m.groups()
address = ipaddress + "/" + plen
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
name_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, name))
name_tag.implied_by(taglib.env_tags.snapshot, line=n)
name_tag.implies(taglib.env_tags.device, line=n)
name_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
# services
m = re.match(r'set ssh version ([\w\d]+)', line)
if m:
ssh_version = m.group(1)
ssh_version_line = n
continue
m = re.match(r'set ssh enable', line)
if m:
ssh_enable = True
taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'set scp enable', line)
if m:
taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n)
continue
# post parse phase
if ssh_enable:
if ssh_version:
taglib.tag("service",
'SSH' + ssh_version).implied_by(taglib.env_tags.device,
ssh_version_line)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(r'-detail', '', filename)
main(filename)
return
# time
m = re.match(r'set ntp server "?([\w\d.-]+)"?( key [\d]+)?', line)
if m:
server, key = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set ip dns domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set ip dns server ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(r'set radius server ([\w\d.-]+)\s+auth-port ([\d]+)( acct-port [\d]+)?( primary)?', line)
if m:
server, port, acct, which = m.groups()
taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(r'set tacacs server ([\w\d.-]+)( primary)?', line)
if m:
server, which = m.groups()
taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'set interface "?([\w\d]+)"? ([\d]+)\s+([\d.]+)/([\d.]+)\s+([\d.]+)', line)
if m:
vlan, vlan, ipaddress, mask, broadcast = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set localuser user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# services
m = re.match(r'set ip http server enable', line)
if m:
taglib.tag("service", 'HTTP').implied_by(taglib.env_tags.device, n)
continue
def ip(self, if_tag=None, version=None, active=True):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(
Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(
IPy.IP(ipaddress).int()
| ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if active:
ifaddr_tag = taglib.ip_address_tag(
address, kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6' and re.search(
r"eth|srp", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
if self.accept(Keyword):
self.expect(Literal)
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(
Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def tag_protocols(top):
protocol = "BGP"
routing_options_local_as_list = top.xpath("routing-options/autonomous-system/as-number")
routing_options_router_id_list = top.xpath("routing-options/router-id")
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("neighbor/name"):
local_address_elem_list = peer_name_elem.xpath("ancestor::*/local-address")
if local_address_elem_list:
local_address_elem = local_address_elem_list[0]
elif routing_options_router_id_list:
local_address_elem = routing_options_router_id_list[0]
local_elem_list = peer_name_elem.xpath("ancestor::*/local-as/as-number")
if local_elem_list:
local_elem = local_elem_list[0]
elif routing_options_local_as_list:
local_elem = routing_options_local_as_list[0]
if local_elem is not None:
localasn_tag = taglib.as_number_tag(local_elem.text, "local AS")
localasn_tag.implies(taglib.as_number_tag(local_elem.text),
local_elem.sourceline)
asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as")
if asn_elem_list:
asn_elem = asn_elem_list[0]
else:
asn_elem = local_elem
asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS")
asn_tag.implies(taglib.as_number_tag(asn_elem.text),
asn_elem.sourceline)
if asn_elem.text == local_elem.text:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peering_tag = taglib.tag("%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer_name_elem.text),
sort_name="%s %s" % (device_tag.name, address_tag.sort_name))
peering_tag.implies(protocol_tag, peer_name_elem.sourceline)
peering_tag.implied_by(device_tag, peer_name_elem.sourceline)
peering_tag.implied_by(group_tag, peer_name_elem.sourceline)
asn_tag.implied_by(peering_tag, asn_elem.sourceline)
localasn_tag.implied_by(peering_tag, local_elem.sourceline)
peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="%s peer" % protocol)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
if local_address_elem is not None:
peer2_tag = taglib.ip_address_tag(local_address_elem.text, kind="%s peer" % protocol.upper())
address2_tag = taglib.ip_address_tag(local_address_elem.text)
peer2_tag.implies(address2_tag, local_address_elem.sourceline)
local_peer_tag = taglib.ip_address_tag(local_address_elem.text,
kind="local %s peer" % protocol)
local_peer_tag.implied_by(peering_tag, local_address_elem.sourceline)
local_peer_tag.implies(peer2_tag, peer_name_elem.sourceline)
remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="remote %s peer" % protocol)
remote_peer_tag.implied_by(peering_tag, peer_name_elem.sourceline)
remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline)
protocol = "MSDP"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("peer/name"):
peer_tag = taglib.tag("%s peer" % protocol, peer_name_elem.text)
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
peer_tag.implied_by(group_tag, peer_name_elem.sourceline)
peer_tag.implies(protocol_tag, peer_name_elem.sourceline)
ospf_version_dict = {'ospf':'OSPF', 'ospf3':'OSPFv3'}
for protocol_key, protocol in ospf_version_dict.items():
protocol_elem_list = top.xpath("protocols/%s" % protocol_key)
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for area_elem in protocol_elem.xpath("area"):
name_elem = area_elem.xpath("name")[0]
area_tag = taglib.tag("%s area" % protocol, name_elem.text)
area_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in area_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(area_tag, interface_name_elem.sourceline)
protocol = "PIM"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_name_elem in protocol_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(protocol_tag, interface_name_elem.sourceline)
for protocol in ("RIP", "RIPng"):
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,name_elem.text)
group_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in group_elem.xpath("neighbor/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(group_tag, interface_name_elem.sourceline)
protocol = "router-advertisement"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_elem in protocol_elem.xpath("interface"):
interface_name_elem = interface_elem.xpath("name")[0]
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
ratag = taglib.tag("ND router advertisement server",
"%s %s" % (device_tag.name, interface_name_elem.text))
ratag.implied_by(t, interface_name_elem.sourceline);
for prefix_name_elem in interface_elem.xpath("prefix/name"):
ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text),
prefix_name_elem.sourceline)
def main(filename):
lines = open(filename, 'rU')
n = 0
ssh_version = None
ssh_enable = False
for line in lines:
n += 1
# hostname
m = re.match(r'set hostname ([\w\d.-]+)', line)
if m:
host = m.group(1)
taglib.tag("hostname", host).implied_by(taglib.env_tags.device, line=n)
continue
# time
m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line)
if m:
server = m.group(2)
if not server == '0.0.0.0':
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set dns host dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line)
if m:
server = m.group(2)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line)
if m:
name, ipaddress, plen, secondary = m.groups()
address = ipaddress + "/" + plen
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
name_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name))
name_tag.implied_by(taglib.env_tags.snapshot, line=n)
name_tag.implies(taglib.env_tags.device, line=n)
name_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# services
m = re.match(r'set ssh version ([\w\d]+)', line)
if m:
ssh_version = m.group(1)
ssh_version_line = n
continue
m = re.match(r'set ssh enable', line)
if m:
ssh_enable = True
taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'set scp enable', line)
if m:
taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n)
continue
# post parse phase
if ssh_enable:
if ssh_version:
taglib.tag("service", 'SSH' + ssh_version).implied_by(taglib.env_tags.device, ssh_version_line)
def interface(self):
# preconfigure is inserted into the config before the interface name when the matching
# hardware isn't found. for now, lets just ignore these interfaces.
inactive = self.accept(Keyword)
name = self.expect(Name)
if_tag = None
if not inactive:
if_tag = taglib.tag("interface",
"%s %s" % (taglib.env_tags.device.name, name))
if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum)
if_tag.implies(taglib.env_tags.device, self.lineNum)
if_tag.implies(taglib.tag("interface type",
re.sub(r"[0-9/.]+$", "", name)),
self.lineNum)
self.expect(EndOfCommand)
while True:
if self.accept(Token.EndOfMode) is not None:
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "description":
description = self.expect(String)
if not inactive:
t = taglib.tag("interface description", description)
t.implied_by(if_tag, self.lineNum)
self.expect(EndOfCommand)
elif cmd == "ipv4":
self.ip(if_tag=if_tag, version="IPv4", active=not inactive)
elif cmd == "ipv6":
ra = self.ip(if_tag=if_tag, version="IPv6", active=not inactive)
# (ra_suppress, ra_line, if_prefix, ra_prefix)
if not ra[0] and ra[1]:
ratag = taglib.tag("ra server", if_tag.name)
if len(ra[3]):
for p in ra[3]:
ratag.implies(taglib.ip_subnet_tag(p), ra[1])
else:
for p in ra[2]:
ratag.implies(taglib.ip_subnet_tag(p), ra[1])
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
