def decodeToken(self, dc):
try:
util.log_info(
'CryptoProfileMatchIpAddressTokenDecoder: Decode token')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
tokenText = decoderhandler.getTokenText()
util.log_debug('Token text = %s' % (tokenText))
cursor = util.TokenCursor(None, -1, dc)
ipAddress = cursor.getNextToken()
util.log_debug('IpAddress = %s' % (ipAddress))
cursor.advance()
decoderhandler.addTokenValue(
decoderutil.DecoderUtil().makeSiblingToken(
tokenText, "ip-address"), ipAddress)
value = cursor.getNextToken()
util.log_debug('Value = %s' % (value))
if value is None:
return decoderhandler.getSearchTokens().size(
) - decoderhandler.getCurrentIndex()
if (InetAddressUtils.isIPv4Address(value)):
decoderhandler.addTokenValue(
decoderutil.DecoderUtil().makeSiblingToken(
tokenText, "netmask"), value)
cursor.advance()
value = cursor.getNextToken()
if value is not None:
decoderhandler.addTokenValue(
decoderutil.DecoderUtil().makeSiblingToken(
tokenText, "vrf-name"), value)
return decoderhandler.getSearchTokensSize(
) - decoderhandler.getCurrentIndex()
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
util.log_info('CryptoIkeEncryptionTypeTokenDecoder: Decode token')
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
tokenText = decoderhandler.getTokenText()
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 1)
util.log_debug(
'CryptoIkeEncryptionTypeTokenDecoder Token text = %s' %
(tokenText))
types = {
"AES128": ["AES128", "aes", "aes 128"],
"AES256": ["AES256", "aes 256"],
"AES192": ["AES192", "aes 192"],
"DES": ["DES", "des"],
"3DES": ["3DES", "3des"]
}
value_1 = decoderhandler.getValueAtCurrentIndex()
util.log_debug("value_1 is : ", value_1)
cursor.advance()
value_2 = cursor.getNextToken()
util.log_debug("Value_2 is : ", value_2)
if value_2 is not None:
value = "%s %s" % (value_1, value_2)
util.log_debug("Value is : ", value)
else:
value = value_1
util.log_debug("Value is : ", value)
for k, v in types.iteritems():
if value in v:
util.log_debug("Key is : ", k)
break
decoderhandler.addTokenValue(tokenText, k)
util.log_debug("Key is : ", k)
except Exception:
traceback.print_exc()
def decodeVariables(self,cpc,dc,context):
try:
util.log_info('TacacsServerGroupVariableDecoder: Decode token for TACACS Server Group leaf value')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
self.parseAAAServerGroup(dc, cursor);
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('SnmpViewNameVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
self.parseSnmpViewName(dc, cursor)
except Exception:
traceback.print_exc()
def decodeVariables(self,cpc,dc,context):
try:
util.log_info('IpHttpTokenDecoder: Entering Variable Token Decoder for ip http server and ip http secure-server commands.')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
self.parseIpHttp(dc, cursor)
except Exception:
traceback.print_exc()
def decodeVariables(self,cpc,dc,context):
try:
util.log_info('CiscoRouterBGPAddressFamily: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
self.parseAddressFamily(dc,cursor)
except Exception:
traceback.print_exc()
def parseDescription(self,dc,cursor):
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0, None)
cursor.advance()
if "description" in decoderhandler.getCurrentBlockTokens():
decoderhandler.addTokenValue("description",cursor.getNextToken())
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('TransformSetVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0,
None)
self.parseTransformset(dc, cursor)
self.parseIpsecEncryptionType(dc, cursor)
except Exception:
traceback.print_exc()
def parseName(self,dc,cursor):
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0, None)
cursor.advance()
if "interface" in decoderhandler.getCurrentBlockTokens():
tokennumber = cursor.getNextToken().split('Port-channel')[-1]
decoderhandler.addTokenValue("name",tokennumber)
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('ServiceTimeStampsVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
parse = parseServiceTimestamps(dc, cursor)
parse.is_false()
parse.field_value()
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('ClassMapVariableTokenDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0, None)
self.parseName(dc,cursor)
self.parseDescription(dc,cursor)
self.parseotherbooleans(dc,cursor)
except Exception:
traceback.print_exc()
def processAccessList(self, cpc, dc, context, block):
util.log_debug('ObjectGroupVariableDecoder: processAccessList')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 1, None)
objectType = ''
objectName = ''
objectType = cursor.getNextToken()
cursor.advance()
objectName = cursor.getNextToken()
decoderhandler.addTokenValue("../../type", objectType)
decoderhandler.addTokenValue("../../name", objectName)
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('ClassMapHttpUrlVariableTokenDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0, None)
self. parseMatchTypeandName(dc, cursor)
self.parseConditionType(dc, cursor)
self.parseMatchValue(dc, cursor)
self.parseUrl(dc, cursor)
except Exception:
traceback.print_exc()
def parseotherbooleans(self,dc,cursor):
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0, None)
if decoderhandler.getCurrentBlockTokens()[-1] in ['address','redirects','unreachables','proxy-arp','enabled','transmit','receive'] and "no" in decoderhandler.getCurrentBlockTokens():
token = '-'.join(decoderhandler.getCurrentBlockTokens()[1:])
decoderhandler.addTokenValue(token, "false")
elif decoderhandler.getCurrentBlockTokens()[-1] in ['address','redirects','unreachables','proxy-arp','enabled','transmit','receive']:
token = '-'.join(decoderhandler.getCurrentBlockTokens())
decoderhandler.addTokenValue(token, "true")
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
try:
util.log_info(
'Entering into RouteMapMatchConditionTokenDecoder: Decode token'
)
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
ret = super(RouteMapMatchConditionTokenDecoder,
self).decodeToken(dc)
util.log_debug(
'The return value(RouteMapMatchConditionTokenDecoder): = %s' %
(ret))
if ret <= 0:
return ret
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 1,
None)
tok = cursor.getNextToken()
util.log_debug(
'The Token(RouteMapMatchConditionTokenDecoder) value is : = %s'
% (tok))
if "ip" == tok:
cursor.advance()
if "address" == cursor.getNextToken():
cursor.advance()
if "prefix-list" == cursor.getNextToken():
decoderhandler.addTokenValue("condition-type",
"prefix-list")
cursor.advance()
util.log_debug(
'The return value under "prefix-list" if block is: = %s'
% (ret))
return ret
decoderhandler.addTokenValue("condition-type", "address")
cursor.advance()
util.log_debug(
'The final return value under "address" if block is: = %s'
% (ret))
return ret
conditionType = cursor.getNextToken()
if conditionType is not None:
tokenName = decoderutil.DecoderUtil().makeSiblingToken(
decoderhandler.getTokenText(), "condition-type")
util.log_debug('The tokenName under if block is: = %s' %
(tokenName))
util.log_debug(
'The value under if block for conditionType is: = %s' %
(conditionType))
decoderhandler.addTokenValue(tokenName, conditionType)
util.log_debug('The final return value is: = %s' % (ret))
return ret
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
util.log_info('AclTokenDecoder: decodeToken')
cursor = util.TokenCursor(None, -1, dc)
action = cursor.getNextToken(-3)
self.setToken(dc, "action", action)
src = self.parseSourceCondition(dc, cursor)
util.log_debug('The source condition')
util.log_debug('src', src)
dest = self.parseDestCondition(dc, cursor)
util.log_debug('The destination condition')
util.log_debug('dest', dest)
util.log_debug('paramMap = %s' % (dc.getMap()))
#LOGGER.info("[{}] ==> {}, {}", dc.getSearchTokens(), src, dest)
return tokendecoderhandler.TokenDecoderHandler(dc).getSearchTokensSize(
) - tokendecoderhandler.TokenDecoderHandler(dc).getCurrentIndex()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('NewRouteVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
self.parseNetwork(dc, cursor)
self.parseInterfaceName(dc, cursor)
self.parseNextHop(dc, cursor)
self.parseName(dc, cursor)
decoderhandler.addTokenValue(
"id",
Joiner.on(" ").join(
decoderhandler.getCurrentBlock().getTokens()))
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info(
'CiscoStaticRouterVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
self.parseVrf(dc, cursor)
self.parseNetwork(dc, cursor)
self.parseInterfaceName(dc, cursor)
self.parseNextHop(dc, cursor)
self.parseName(dc, cursor)
self.parseTag(dc, cursor)
self.parseMetric(dc, cursor)
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info(
'VtyVariableDecoder: Decoding variables for complete line vty configurations block'
)
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0)
self.parseName(dc, cursor)
self.parseAcl(dc, cursor)
self.parseAuthType(dc, cursor)
self.parseTimeOut(dc, cursor)
self.parseLogging(dc, cursor)
self.parseHistorySize(dc, cursor)
self.parsePrivilegeLevel(dc, cursor)
self.parseTransportType(dc, cursor)
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
try:
util.log_info('TrafficEngTokenDecoder: Decode token')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
token = dc.getToken()
value = decoderhandler.getValueAtCurrentIndex()
util.log_debug('Value = %s' % (value))
dc.addTokenValue(token.getText(), value)
if value == 'path-option':
cursor = util.TokenCursor(None, 0, dc)
path_number = cursor.getNextToken(1)
dc.addTokenValue("/path-config/path-number", path_number)
path_type = cursor.getNextToken(2)
dc.addTokenValue("/path-config/path-type", path_type)
else:
return 1
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
try:
print 'RouterBgpRouterIdTokenDecoder: Decode token'
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
tokenText = decoderhandler.getTokenText()
print 'Token text = %s' % (tokenText)
value1 = decoderhandler.getValueAtCurrentIndex()
print 'Value1 = %s' % (value1)
cursor.advance()
value2 = cursor.getNextToken()
print 'Value2 = %s' % (value2)
if value2 == None:
decoderhandler.addTokenValue(tokenText, value1)
else:
decoderhandler.addTokenValue(tokenText,
("%s %s" % (value1, value2)))
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('NewRouteVariableDecoder: Decoding variable')
ROUTE_VRF = ["ip", "route", "vrf"]
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
if AnutaStringUtils.startsWith(
decoderhandler.getCurrentBlockTokens(), ROUTE_VRF):
return
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
self.parseNetwork(dc, cursor)
self.parseInterfaceName(dc, cursor)
self.parseNextHop(dc, cursor)
self.parseName(dc, cursor)
decoderhandler.addTokenValue(
"options/id",
Joiner.on(" ").join(
decoderhandler.getCurrentBlock().getTokens()))
except Exception:
traceback.print_exc()
def processNetwork(self, cpc, dc, context, block):
util.log_debug('ObjectGroupVariableDecoder: processNetwork')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 0, None)
host = cursor.getNextToken()
cursor.advance()
ip = cursor.getNextToken()
cursor.advance()
if "host" == host:
decoderhandler.addTokenValue("host", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
if InetAddressUtils.isIPv4Address(host):
decoderhandler.addTokenValue("ip-address", host)
decoderhandler.addTokenValue("netmask", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
if "group-object" == host:
decoderhandler.addTokenValue("group-object", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
def processAccessList(self, cpc, dc, context, block):
util.log_info('AclRuleVariableDecoder: processAccessList')
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 2, None)
aclType = ''
aclName = ''
aclType = cursor.getNextToken()
cursor.advance()
aclName = cursor.getNextToken()
util.log_debug('The aclType: %s' % (aclType))
util.log_debug('The aclName: %s' % (aclName))
print aclType
if aclType in ACCESS_TYPE:
decoderhandler.addTokenValue("../../acl-type", aclType)
else:
decoderhandler.addTokenValue("../../name", aclType)
decoderhandler.addTokenValue("../../name", aclName)
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
try:
util.log_info('ClassMapMatchValueTokenDecoder decode token')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
tokenText = decoderhandler.getTokenText()
util.log_debug('Token text = %s' %(tokenText))
name = decoderhandler.getValueAtCurrentIndex()
util.log_debug('Name = %s' %(name))
decoderhandler.addTokenValue(tokenText, name)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 1, None)
conditionType = cursor.getNextToken()
util.log_debug('Condition Type = %s' %(conditionType))
if ("ip" == conditionType and "dscp" == cursor.getNextToken(1)):
conditionType = "ip-dscp"
if conditionType is not None and conditionType in self.KNOWN_CONDITIONS:
decoderhandler.addTokenValue(dc, self.replaceTokenName(tokenText, "condition-type"), conditionType)
else:
util.log_debug('Unknown condition type = %s'%(conditionType))
return 1
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info(
'RoutePolicyEntriesVariableDecoder : Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0,
None)
value = decoderhandler.getCurrentBlockTokens()
util.log_info("BLOCK : ", value)
if not cursor.hasNext():
return
util.log_info(cursor.getNextToken())
if cursor.getNextToken() == "route-policy":
cursor.advance()
util.log_info(cursor.getNextToken())
decoderhandler.addTokenValue("../name", cursor.getNextToken())
if cursor.getNextToken() == "if":
cursor.advance()
util.log_info(cursor.getNextToken())
if cursor.getNextToken() == "destination":
cursor.advance()
util.log_info(cursor.getNextToken())
if cursor.getNextToken() == "in":
cursor.advance()
util.log_info(cursor.getNextToken())
decoderhandler.addTokenValue("prefix-set",
cursor.getNextToken())
if cursor.getNextToken() == "set":
cursor.advance()
util.log_info(cursor.getNextToken())
if cursor.getNextToken() == "med":
cursor.advance()
util.log_info(cursor.getNextToken())
decoderhandler.addTokenValue("med", cursor.getNextToken())
except Exception:
traceback.print_exc()
def decodeToken(self, dc):
try:
util.log_info('RouterBgpAsnumberTokenDecoder(): Decode token')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
current_block = decoderhandler.getCurrentBlock()
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
tokenText = decoderhandler.getTokenText()
print 'Token text = %s' % (tokenText)
value = decoderhandler.getValueAtCurrentIndex()
print 'Value1 = %s' % (value)
decoderhandler.addTokenValue(tokenText, value)
block = decoderhandler.getCurrentBlock()
util.log_info('BLOCK for BGP:', block)
lines_noformat = block.toString().split("\n")
lines = []
for line in lines_noformat:
if re.search('bgp redistribute-internal', line) is None:
line = line.strip(' ')
lines.append(line)
else:
lines.append(line)
log_neighbor = '^bgp log-neighbor-changes$'
redis_internal = '.*bgp redistribute-internal$'
redis_internal_vrf = '.*bgp redistribute-internal$'
def_inf = '^default-information originate$'
router_id = '^bgp router-id'
asoverride = 'as-override$'
redistribute_connected = 'redistribute connected$'
log_neighbor_found = False
redis_internal_found = False
redis_internal_found_vrf = False
def_inf_found = False
asoverride_found = False
redistribute_connected_found = False
for line in lines:
if re.search(' vrf ', block.toString()) is None:
log_neighbor_match = re.search(log_neighbor, line)
if log_neighbor_match is not None:
decoderhandler.addTokenValue("log-neighbor-changes",
"true")
log_neighbor_found = True
if re.search(' vrf ', block.toString()) is None:
router_id_match = re.search(router_id, line)
if router_id_match is not None:
decoderhandler.addTokenValue(
"router-id",
line.split('bgp router-id ')[1])
if re.search(' vrf ', block.toString()) is None:
redis_internal_match = re.search(redis_internal, line)
if redis_internal_match is not None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("redistribute-internal",
"true")
redis_internal_found = True
else:
vrf = ''
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
redis_internal_match = re.search(redis_internal_vrf, line)
if redis_internal_match is not None:
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("redistribute-internal",
"true")
redis_internal_found_vrf = True
if re.search(' vrf ', block.toString()) is None:
def_inf_match = re.search(def_inf, line)
if def_inf_match is not None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue(
"default-information-originate", "true")
def_inf_found = True
else:
vrf = ''
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
def_inf_match = re.search(def_inf, line)
if def_inf_match is not None:
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue(
"default-information-originate", "true")
def_inf_found = True
if re.search(' vrf ', block.toString()) is None:
asoverride_match = re.search(asoverride, line)
if asoverride_match is not None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("$neighbor/as-override",
"true")
asoverride_found = True
else:
vrf = ''
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
asoverride_match = re.search(asoverride, line)
if asoverride_match is not None:
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("$neighbor/as-override",
"true")
asoverride_found = True
if re.search(' vrf ', block.toString()) is None:
redistribute_connected_match = re.search(
redistribute_connected, line)
if redistribute_connected_match is not None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("$redistribute/protocol",
"connected")
redistribute_connected_found = True
else:
vrf = ''
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
redistribute_connected_match = re.search(
redistribute_connected, line)
if redistribute_connected_match is not None:
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("$redistribute/protocol",
"connected")
redistribute_connected_found = True
if not log_neighbor_found:
decoderhandler.addTokenValue("log-neighbor-changes", "false")
if not redis_internal_found and re.search(
' vrf ', block.toString()) is None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("redistribute-internal", "false")
elif not redis_internal_found_vrf and re.search(
' vrf ', block.toString()) is not None:
vrf = ''
for line in lines:
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("redistribute-internal", "false")
if not def_inf_found and re.search(' vrf ',
block.toString()) is None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("default-information-originate",
"false")
elif not def_inf_found and re.search(' vrf ',
block.toString()) is not None:
vrf = ''
for line in lines:
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("default-information-originate",
"false")
if not asoverride_found and re.search(' vrf ',
block.toString()) is None:
decoderhandler.addTokenValue("../../name", "GLOBAL")
decoderhandler.addTokenValue("$neighbor/as-override", "false")
elif not asoverride_found and re.search(
' vrf ', block.toString()) is not None:
vrf = ''
for line in lines:
if re.search(' vrf ', line) is not None:
vrf = line.split(' vrf ')[1]
decoderhandler.addTokenValue("../../name", vrf)
decoderhandler.addTokenValue("$neighbor/as-override", "false")
for i in lines:
if "bgp default ipv4-unicast" == i:
decoderhandler.addTokenValue("$bgp-default-ipv4-unicast",
"true")
elif "no bgp default ipv4-unicast" == i:
decoderhandler.addTokenValue("$bgp-default-ipv4-unicast",
"false")
except Exception:
traceback.print_exc()
def processAclRule(self, cpc, dc, context, block):
util.log_info('AclRuleVariableDecoder: processAclRule')
acl_dict = [
'linenumber,INT', 'action,ACTION', 'layer4protocol,PROTOCOL',
'service_obj_name,STRING',
'source_condition_type,SOURCE_CONDITION', 'source_ip,CIDR',
'source_mask,IP', 'source_obj_name,STRING',
'source_port_operator,PORT_OPERATORS', 'source_port,STRING',
'dest_condition_type,DEST_CONDITION', 'dest_ip,CIDR',
'dest_mask,IP', 'dest_obj_name,STRING',
'dest_port_operator,PORT_OPERATORS', 'dest_port,STRING',
'match_packets,MATCH_PKTS', 'precedence,STRING',
'extra_options,EXTRA_OPTIONS'
]
ACTION = ["permit", "deny"]
SOURCE_CONDITION = ["any", "host", "object-group", "addrgroup"]
DEST_CONDITION = ["any", "host", "object-group", "addrgroup"]
PORT_OPERATORS = ["eq", "gt", "lt", "neq", "range"]
MATCH_PKTS = [
"dscp", "fragments", "log-input", "option", "precedence",
"time-range", "tos", "ttl", "echo", "echo-reply", "tracked",
"ttl-exceeded", "port-unreachable", "established"
]
PROTOCOL = [
"object-group", "ahp", "eigrp", "esp", "gre", "icmp", "igmp", "ip",
"ipinip", "nos", "ospf", "pcp", "pim", "tcp", "tcp-udp", "udp"
]
EXTRA_OPTIONS = ["log"]
PORT = [
"bgp", "chargen", "cmd", "daytime", "discard", "domain", "drip",
"echo", "exec", "finger", "ftp", "ftp-data", "gopher", "hostname",
"ident", "irc", "klogin", "kshell", "login", "lpd", "nntp",
"onep-plain", "onep-tls", "pim-auto-rp", "pop2", "pop3", "smtp",
"sunrpc", "tacacs", "talk", "telnet", "time", "uucp", "whois",
"www", "msrpc", "biff", "bootpc", "bootps", "dnsix", "isakmp",
"msrpc", "mobile-ip", "nameserver", "netbios-dgm", "netbios-ns",
"netbios-ss", "non500-isakmp", "ntp", "rip", "snmp", "snmptrap",
"syslog", "tftp", "who", "xdmcp"
]
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 0, None)
tokens = block.getTokens()
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
print tokens
found = False
for token in tokens:
for acl_action in ACTION:
if token == acl_action:
found = True
if not found:
util.log_debug(
'Does not look like a valid acl rule. rule = %s' %
(tokens))
return
i = 1
for j in range(i, len(tokens)):
if j > 0 and j == len(tokens) - 1:
if tokens[j -
1] in ACTION and InetAddressUtils.isIPv4Address(
tokens[j]):
tokens.insert(j, 'host')
break
else:
if tokens[j -
1] in ACTION and InetAddressUtils.isIPv4Address(
tokens[j]
) and not InetAddressUtils.isIPv4Address(
tokens[j + 1]):
tokens.insert(j, 'host')
break
util.log_info(tokens)
decoderhandler.addTokenValue("$name", Joiner.on(" ").join(tokens))
i = 0
cidr_pattern = '^(\d{1,3}\.){3}\d{1,3}(/\d\d)$'
host = False
host_dest = False
len_token = 0
for token in range(len_token, len(tokens)):
if len_token == token:
len_token += 1
for j in range(i, len(acl_dict)):
options = acl_dict[j].split(',')
yang_entity = options[0].replace('_', '-')
i += 1
if options[1] == 'INT':
if decoderhandler.isValidInteger(tokens[token]):
util.log_info("1" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'ACTION':
if tokens[token] in ACTION:
util.log_info("2" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'PROTOCOL':
if tokens[token] in PROTOCOL:
util.log_info("3" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if tokens[token] != 'object-group':
i += 1
break
elif options[1] == 'STRING':
if not InetAddressUtils.isIPv4Address(
tokens[token]
) and tokens[token] not in SOURCE_CONDITION and tokens[
token] not in PORT_OPERATORS and tokens[
token] not in MATCH_PKTS and tokens[
token] not in PROTOCOL and tokens[
token] not in EXTRA_OPTIONS and re.search(
cidr_pattern,
tokens[token]) is None:
util.log_info("4" + yang_entity + ":" +
tokens[token])
if tokens[token].isdigit(
) or tokens[token] in PORT:
all_ports = tokens[token]
for custom_port in range(
len_token, len(tokens)):
if tokens[custom_port].isdigit(
) or tokens[custom_port] in PORT:
all_ports += ' ' + tokens[
custom_port]
len_token += 1
else:
break
util.log_info("4_1" + yang_entity + ":" +
all_ports)
decoderhandler.addTokenValue(
yang_entity, all_ports)
else:
util.log_info("4_2" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'SOURCE_CONDITION':
if tokens[token] in SOURCE_CONDITION:
util.log_info("5" + yang_entity + ":" +
tokens[token])
if tokens[token] == 'any':
i += 2
elif tokens[token] == 'host':
host = True
elif tokens[token] == 'object-group':
tokens[token] = 'objectgroup'
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'CIDR':
if InetAddressUtils.isIPv4Address(tokens[token]):
util.log_info("13" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif re.search(cidr_pattern,
tokens[token]) is not None:
util.log_info("14" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
i += 1
break
elif options[1] == 'IP':
prev_yang_entity = acl_dict[j - 1].split(
',')[0].replace('_', '-')
if InetAddressUtils.isIPv4Address(
tokens[token]
) and not host and prev_yang_entity == 'source-ip':
util.log_info("6" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if yang_entity == 'source-mask':
util.log_info("7" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
'source-condition-type', 'cidr')
break
elif InetAddressUtils.isIPv4Address(
tokens[token]
) and not host_dest and prev_yang_entity == 'dest-ip':
util.log_info("6_1" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if yang_entity == 'dest-mask':
util.log_info("8" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
'dest-condition-type', 'cidr')
break
elif options[1] == 'PORT_OPERATORS':
if tokens[token] in PORT_OPERATORS:
util.log_info("9" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'DEST_CONDITION':
if tokens[token] in DEST_CONDITION:
util.log_info("10" + yang_entity + ":" +
tokens[token])
if tokens[token] == 'any':
i += 2
elif tokens[token] == 'host':
host_dest = True
elif tokens[token] == 'object-group':
tokens[token] = 'objectgroup'
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'MATCH_PKTS':
if tokens[token] in MATCH_PKTS:
util.log_info("11" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'EXTRA_OPTIONS':
if tokens[token] in EXTRA_OPTIONS:
util.log_info("12" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
except Exception:
traceback.print_exc()
