def __init__(self,
device=None,
interfaces=None,
include_shared_config=True):
'''
@param device: dict
to identify the ASA device, passed in from device_script APIs
@param interfaces: dict
physical interfaces names passed in from device_script APIs
@param include_shared_config: boolean
Flag to indicate if the function configuration should be modified.
'''
DMObject.__init__(self, ifc_key=DeviceModel.__name__)
self.device = device
self.interfaces = interfaces
self.sts_table = {}
self.label2nameif = {} #cache of label to nameif map
'All the stuff defined in vnsMDevCfg section of device_specification.xml'
self.register_child(Vifs())
self.register_child(DMList('VLAN', Vlan))
self.register_child(VxlanPort('vxlan_port'))
self.register_child(NVE('NVE'))
self.register_child(TVIs())
self.register_child(DMList('ENCAPASS', EncapAss))
self.register_child(DMList('InterfaceConfig', InterfaceConfig))
self.register_child(PortChannelMembers())
self.register_child(HostObjects())
self.register_child(SubnetObjects())
self.register_child(RangeObjects())
self.register_child(FQDNObjects())
self.register_child(ICMP4Objects())
self.register_child(ICMP6Objects())
self.register_child(ProtocolObjects())
self.register_child(TCPObjects())
self.register_child(UDPObjects())
self.register_child(NetworkObjectGroups())
self.register_child(ServiceObjectGroups())
self.register_child(AccessListList())
self.register_child(
AccessListDeployment()) # Must follow AccessListList
self.register_child(ClusterConfig())
self.register_child(LoggingConfig())
self.register_child(FailoverConfig())
self.register_child(AccessGroupGlobal())
self.register_child(Timeouts())
self.register_child(BasicThreatDetection())
self.register_child(AdvancedThreatDetection())
self.register_child(ScanningThreatDetection())
self.register_child(NetFlowObjects())
self.register_child(IPAudit())
self.register_child(NTP())
self.register_child(DNS())
self.register_child(SmartCallHome())
self.register_child(GlobalServicePolicyContainer())
'Child for vsnGrpCfg element'
if include_shared_config:
self.register_child(SharedConfig())
def __init__(self):
'''
Constructor
'''
DMObject.__init__(self, ifc_key = Timeouts.__name__, asa_key = 'timeout')
ifc_asa_keys = [# IFC Key ASA Key Default min max allow0
("Connection", "timeout conn", '1:0:0', '0:5:0', '1193:0:0', True),
("HalfClosedConnection", "timeout half-closed", '0:10:0', '0:0:30', '1193:0:0', True),
("Udp", "timeout udp", '0:2:0', '0:1:0', '1193:0:0', True),
("Icmp", "timeout icmp", '0:0:2', '0:0:2', '1193:0:0', False),
("H323", "timeout h323", '0:5:0', '0:0:0', '1193:0:0', False),
("H225", "timeout h225", '1:0:0', '0:0:0', '1193:0:0', False),
#Trailing space in the ASA key for Mgcp is to avoid collision with mgcp-pat
("Mgcp", "timeout mgcp ", '0:5:0', '0:0:0', '1193:0:0', True),
("MgcpPat", "timeout mgcp-pat", '0:5:0', '0:0:0', '1193:0:0', True),
("TcpProxyReassembly", "timeout tcp-proxy-reassembly", '0:1:0', '0:0:10', '1193:0:0', False),
("FloatingConn", "timeout floating-conn", '0:0:0', '0:0:30', '1193:0:0', True),
("SunRpc", "timeout sunrpc", '0:10:0', '0:1:0', '1193:0:0', True),
#Trailing space in the ASA key for Sip is to avoid collision with other sip-* command
("Sip", "timeout sip ", '0:30:0', '0:5:0', '1193:0:0', True),
("SipMedia", "timeout sip_media", '0:2:0', '0:1:0', '1193:0:0', True),
("SipProvisionalMedia", "timeout sip-provisional-media", '0:2:0', '0:1:0', '1193:0:0', False),
("SipInvite", "timeout sip-invite", '0:1:0', '0:0:30', '1193:0:0', False),
("SipDisconnect", "timeout sip-disconnect", '0:2:0', '0:0:1', '1193:0:0', False),
("Xlate", "timeout xlate", '3:0:0', '0:1:0', '1193:0:0', False),
("PatXlate", "timeout pat-xlate", '0:0:30', '0:0:30', '0:5:0', False)
]
for (ifc, asa, dflt, min, max, allow0) in ifc_asa_keys:
self.register_child(Timeout(ifc, asa, dflt, min, max, allow0))
self.register_child(AuthenticationTimeout("AuthenAbsolute", "absolute"))
self.register_child(AuthenticationTimeout("AuthenInactivity", "inactivity"))
def __init__(self):
'''
Constructor
'''
DMObject.__init__(self, ifc_key = IPAudit.__name__, asa_key = 'ip audit')
self.register_child(IPAuditObj(ifc_key='IPAuditAttack', asa_key='ip audit attack', asa_gen_template='ip audit attack action %s'))
self.register_child(IPAuditObj(ifc_key='IPAuditInfo', asa_key='ip audit info', asa_gen_template='ip audit info action %s'))
def __init__(self, device = None, interfaces = None, include_shared_config = True):
'''
@param device: dict
to identify the ASA device, passed in from device_script APIs
@param interfaces: dict
physical interfaces names passed in from device_script APIs
@param include_shared_config: boolean
Flag to indicate if the function configuration should be modified.
'''
DMObject.__init__(self, ifc_key = DeviceModel.__name__)
self.device = device
self.interfaces = interfaces
self.sts_table = {}
self.label2nameif = {} #cache of label to nameif map
'All the stuff defined in vnsMDevCfg section of device_specification.xml'
self.register_child(Vifs())
self.register_child(DMList('VLAN', Vlan))
self.register_child(VxlanPort('vxlan_port'))
self.register_child(NVE('NVE'))
self.register_child(TVIs())
self.register_child(DMList('ENCAPASS', EncapAss))
self.register_child(DMList('InterfaceConfig', InterfaceConfig))
self.register_child(PortChannelMembers())
self.register_child(HostObjects())
self.register_child(SubnetObjects())
self.register_child(RangeObjects())
self.register_child(FQDNObjects())
self.register_child(ICMP4Objects())
self.register_child(ICMP6Objects())
self.register_child(ProtocolObjects())
self.register_child(TCPObjects())
self.register_child(UDPObjects())
self.register_child(NetworkObjectGroups())
self.register_child(ServiceObjectGroups())
self.register_child(AccessListList())
self.register_child(AccessListDeployment()) # Must follow AccessListList
self.register_child(ClusterConfig())
self.register_child(LoggingConfig())
self.register_child(FailoverConfig())
self.register_child(AccessGroupGlobal())
self.register_child(Timeouts())
self.register_child(BasicThreatDetection())
self.register_child(AdvancedThreatDetection())
self.register_child(ScanningThreatDetection())
self.register_child(NetFlowObjects())
self.register_child(IPAudit())
self.register_child(NTP())
self.register_child(DNS())
self.register_child(SmartCallHome())
self.register_child(GlobalServicePolicyContainer())
'Child for vsnGrpCfg element'
if include_shared_config:
self.register_child(SharedConfig())
def __init__(self, instance):
DMObject.__init__(self, instance)
self.register_child(ExIntfConfigRelFolder())
self.register_child(InIntfConfigRelFolder())
self.register_child(Connectors('CONN', Connector))
self.register_child(BridgeGroupIntfs())
self.register_child(NATRuleList())
self.register_child(NATRuleDeployment()) # Must follow NATRuleList
self.register_child(AccessGroupList('ExtAccessGroup', 'external'))
self.register_child(AccessGroupList('IntAccessGroup', 'internal'))
self.register_child(IntStaticRoute())
self.register_child(ExtStaticRoute())
self.register_child(InIPv6EnforceEUI64())
self.register_child(ExIPv6EnforceEUI64())
self.register_child(IntConnectorServicePolicyContainer())
self.register_child(ExtConnectorServicePolicyContainer())
def __init__(self, instance):
DMObject.__init__(self, instance)
self.register_child(IPv4Addr('ipv4_address'))
self.register_child(SecurityLevel('security_level'))
self.register_child(IPv6AddrList())
self.register_child(IPv6AutoConfig('ipv6_autoconfig'))
self.register_child(IPv6Enable('ipv6_enable'))
self.register_child(IPv6NDDad('ipv6_nd_dad_attempts'))
self.register_child(IPv6NDNsInterval('ipv6_nd_ns_interval'))
self.register_child(IPv6NDReachable('ipv6_nd_reachable_time'))
self.register_child(IPv6NDRaInterval('ipv6_nd_ra_interval'))
self.register_child(IPv6NDRaLifetime('ipv6_nd_ra_lifetime'))
self.register_child(IPv6LinkLocal('ipv6_link_local_address'))
self.register_child(IPv6NeighborDiscoveryList())
'vxlan config below'
self.register_child(SegmentIDSecondarys())
self.register_child(SegmentIDOriginates())
def __init__(self, instance):
DMObject.__init__(self, instance)
self.register_child(IPv4Addr('ipv4_address'))
self.register_child(SecurityLevel('security_level'))
self.register_child(IPv6AddrList())
self.register_child(IPv6AutoConfig('ipv6_autoconfig'))
self.register_child(IPv6Enable('ipv6_enable'))
self.register_child(IPv6NDDad('ipv6_nd_dad_attempts'))
self.register_child(IPv6NDNsInterval('ipv6_nd_ns_interval'))
self.register_child(IPv6NDReachable('ipv6_nd_reachable_time'))
self.register_child(IPv6NDRaInterval('ipv6_nd_ra_interval'))
self.register_child(IPv6NDRaLifetime('ipv6_nd_ra_lifetime'))
self.register_child(IPv6LinkLocal('ipv6_link_local_address'))
self.register_child(IPv6NeighborDiscoveryList())
'vxlan config below'
self.register_child(SegmentIDSecondarys())
self.register_child(SegmentIDOriginates())
def __init__(self):
'''
Constructor
'''
DMObject.__init__(self, ifc_key=Timeouts.__name__, asa_key='timeout')
ifc_asa_keys = [ # IFC Key ASA Key Default min max allow0
("Connection", "timeout conn", '1:0:0', '0:5:0', '1193:0:0', True),
("HalfClosedConnection", "timeout half-closed", '0:10:0', '0:0:30',
'1193:0:0', True),
("Udp", "timeout udp", '0:2:0', '0:1:0', '1193:0:0', True),
("Icmp", "timeout icmp", '0:0:2', '0:0:2', '1193:0:0', False),
("H323", "timeout h323", '0:5:0', '0:0:0', '1193:0:0', False),
("H225", "timeout h225", '1:0:0', '0:0:0', '1193:0:0', False),
#Trailing space in the ASA key for Mgcp is to avoid collision with mgcp-pat
("Mgcp", "timeout mgcp ", '0:5:0', '0:0:0', '1193:0:0', True),
("MgcpPat", "timeout mgcp-pat", '0:5:0', '0:0:0', '1193:0:0',
True),
("TcpProxyReassembly", "timeout tcp-proxy-reassembly", '0:1:0',
'0:0:10', '1193:0:0', False),
("FloatingConn", "timeout floating-conn", '0:0:0', '0:0:30',
'1193:0:0', True),
("SunRpc", "timeout sunrpc", '0:10:0', '0:1:0', '1193:0:0', True),
#Trailing space in the ASA key for Sip is to avoid collision with other sip-* command
("Sip", "timeout sip ", '0:30:0', '0:5:0', '1193:0:0', True),
("SipMedia", "timeout sip_media", '0:2:0', '0:1:0', '1193:0:0',
True),
("SipProvisionalMedia", "timeout sip-provisional-media", '0:2:0',
'0:1:0', '1193:0:0', False),
("SipInvite", "timeout sip-invite", '0:1:0', '0:0:30', '1193:0:0',
False),
("SipDisconnect", "timeout sip-disconnect", '0:2:0', '0:0:1',
'1193:0:0', False),
("Xlate", "timeout xlate", '3:0:0', '0:1:0', '1193:0:0', False),
("PatXlate", "timeout pat-xlate", '0:0:30', '0:0:30', '0:5:0',
False)
]
for (ifc, asa, dflt, min, max, allow0) in ifc_asa_keys:
self.register_child(Timeout(ifc, asa, dflt, min, max, allow0))
self.register_child(AuthenticationTimeout("AuthenAbsolute",
"absolute"))
self.register_child(
AuthenticationTimeout("AuthenInactivity", "inactivity"))
def __init__(self):
DMObject.__init__(self, InIntfConfigRelFolder.__name__)
self.register_child(InIntfConfigRel())
def __init__(self):
DMObject.__init__(self, InIntfConfigRel.__name__)
def __init__(self):
DMObject.__init__(self, ifc_key = 'interface')
def __init__(self, name):
DMObject.__init__(self, name)
self.register_child(ChannelGroup())
self.register_child(InterfaceObject())
self.response_parser = cli_interaction.ignore_info_response_parser
def __init__(self):
DMObject.__init__(self, ifc_key = 'port_channel_id')
def __init__(self):
DMObject.__init__(self, ifc_key='port_channel_id')
def __init__(self):
DMObject.__init__(self, SharedConfig.__name__)
self.register_child(Firewalls())
def __init__(self, name):
DMObject.__init__(self, name)
self.register_child(ChannelGroup())
self.register_child(InterfaceObject())
self.response_parser = cli_interaction.ignore_info_response_parser
def __init__(self):
DMObject.__init__(self, ifc_key='interface')
def __init__(self, type):
DMObject.__init__(self, ifc_key = 'ipv6_enforce_eui64')
self.conn_type = type
def __init__(self):
DMObject.__init__(self, SharedConfig.__name__)
self.register_child(Firewalls())
def __init__(self):
DMObject.__init__(self, ExIPv6EnforceEUI64.__name__)
self.register_child(IPv6EnforceEUI64('external'))
def __init__(self, ifc_key = "GlobalServicePolicy", connector = None):
DMObject.__init__(self, ifc_key = ifc_key)
self.register_child(PolicyMap(connector))
self.register_child(ServicePolicy(connector))
