def __init__(self, device=None, interfaces=None, include_shared_config=True): ''' @param device: dict to identify the ASA device, passed in from device_script APIs @param interfaces: dict physical interfaces names passed in from device_script APIs @param include_shared_config: boolean Flag to indicate if the function configuration should be modified. ''' DMObject.__init__(self, ifc_key=DeviceModel.__name__) self.device = device self.interfaces = interfaces self.sts_table = {} self.label2nameif = {} #cache of label to nameif map 'All the stuff defined in vnsMDevCfg section of device_specification.xml' self.register_child(Vifs()) self.register_child(DMList('VLAN', Vlan)) self.register_child(VxlanPort('vxlan_port')) self.register_child(NVE('NVE')) self.register_child(TVIs()) self.register_child(DMList('ENCAPASS', EncapAss)) self.register_child(DMList('InterfaceConfig', InterfaceConfig)) self.register_child(PortChannelMembers()) self.register_child(HostObjects()) self.register_child(SubnetObjects()) self.register_child(RangeObjects()) self.register_child(FQDNObjects()) self.register_child(ICMP4Objects()) self.register_child(ICMP6Objects()) self.register_child(ProtocolObjects()) self.register_child(TCPObjects()) self.register_child(UDPObjects()) self.register_child(NetworkObjectGroups()) self.register_child(ServiceObjectGroups()) self.register_child(AccessListList()) self.register_child( AccessListDeployment()) # Must follow AccessListList self.register_child(ClusterConfig()) self.register_child(LoggingConfig()) self.register_child(FailoverConfig()) self.register_child(AccessGroupGlobal()) self.register_child(Timeouts()) self.register_child(BasicThreatDetection()) self.register_child(AdvancedThreatDetection()) self.register_child(ScanningThreatDetection()) self.register_child(NetFlowObjects()) self.register_child(IPAudit()) self.register_child(NTP()) self.register_child(DNS()) self.register_child(SmartCallHome()) self.register_child(GlobalServicePolicyContainer()) 'Child for vsnGrpCfg element' if include_shared_config: self.register_child(SharedConfig())
def __init__(self): ''' Constructor ''' DMObject.__init__(self, ifc_key = Timeouts.__name__, asa_key = 'timeout') ifc_asa_keys = [# IFC Key ASA Key Default min max allow0 ("Connection", "timeout conn", '1:0:0', '0:5:0', '1193:0:0', True), ("HalfClosedConnection", "timeout half-closed", '0:10:0', '0:0:30', '1193:0:0', True), ("Udp", "timeout udp", '0:2:0', '0:1:0', '1193:0:0', True), ("Icmp", "timeout icmp", '0:0:2', '0:0:2', '1193:0:0', False), ("H323", "timeout h323", '0:5:0', '0:0:0', '1193:0:0', False), ("H225", "timeout h225", '1:0:0', '0:0:0', '1193:0:0', False), #Trailing space in the ASA key for Mgcp is to avoid collision with mgcp-pat ("Mgcp", "timeout mgcp ", '0:5:0', '0:0:0', '1193:0:0', True), ("MgcpPat", "timeout mgcp-pat", '0:5:0', '0:0:0', '1193:0:0', True), ("TcpProxyReassembly", "timeout tcp-proxy-reassembly", '0:1:0', '0:0:10', '1193:0:0', False), ("FloatingConn", "timeout floating-conn", '0:0:0', '0:0:30', '1193:0:0', True), ("SunRpc", "timeout sunrpc", '0:10:0', '0:1:0', '1193:0:0', True), #Trailing space in the ASA key for Sip is to avoid collision with other sip-* command ("Sip", "timeout sip ", '0:30:0', '0:5:0', '1193:0:0', True), ("SipMedia", "timeout sip_media", '0:2:0', '0:1:0', '1193:0:0', True), ("SipProvisionalMedia", "timeout sip-provisional-media", '0:2:0', '0:1:0', '1193:0:0', False), ("SipInvite", "timeout sip-invite", '0:1:0', '0:0:30', '1193:0:0', False), ("SipDisconnect", "timeout sip-disconnect", '0:2:0', '0:0:1', '1193:0:0', False), ("Xlate", "timeout xlate", '3:0:0', '0:1:0', '1193:0:0', False), ("PatXlate", "timeout pat-xlate", '0:0:30', '0:0:30', '0:5:0', False) ] for (ifc, asa, dflt, min, max, allow0) in ifc_asa_keys: self.register_child(Timeout(ifc, asa, dflt, min, max, allow0)) self.register_child(AuthenticationTimeout("AuthenAbsolute", "absolute")) self.register_child(AuthenticationTimeout("AuthenInactivity", "inactivity"))
def __init__(self): ''' Constructor ''' DMObject.__init__(self, ifc_key = IPAudit.__name__, asa_key = 'ip audit') self.register_child(IPAuditObj(ifc_key='IPAuditAttack', asa_key='ip audit attack', asa_gen_template='ip audit attack action %s')) self.register_child(IPAuditObj(ifc_key='IPAuditInfo', asa_key='ip audit info', asa_gen_template='ip audit info action %s'))
def __init__(self, device = None, interfaces = None, include_shared_config = True): ''' @param device: dict to identify the ASA device, passed in from device_script APIs @param interfaces: dict physical interfaces names passed in from device_script APIs @param include_shared_config: boolean Flag to indicate if the function configuration should be modified. ''' DMObject.__init__(self, ifc_key = DeviceModel.__name__) self.device = device self.interfaces = interfaces self.sts_table = {} self.label2nameif = {} #cache of label to nameif map 'All the stuff defined in vnsMDevCfg section of device_specification.xml' self.register_child(Vifs()) self.register_child(DMList('VLAN', Vlan)) self.register_child(VxlanPort('vxlan_port')) self.register_child(NVE('NVE')) self.register_child(TVIs()) self.register_child(DMList('ENCAPASS', EncapAss)) self.register_child(DMList('InterfaceConfig', InterfaceConfig)) self.register_child(PortChannelMembers()) self.register_child(HostObjects()) self.register_child(SubnetObjects()) self.register_child(RangeObjects()) self.register_child(FQDNObjects()) self.register_child(ICMP4Objects()) self.register_child(ICMP6Objects()) self.register_child(ProtocolObjects()) self.register_child(TCPObjects()) self.register_child(UDPObjects()) self.register_child(NetworkObjectGroups()) self.register_child(ServiceObjectGroups()) self.register_child(AccessListList()) self.register_child(AccessListDeployment()) # Must follow AccessListList self.register_child(ClusterConfig()) self.register_child(LoggingConfig()) self.register_child(FailoverConfig()) self.register_child(AccessGroupGlobal()) self.register_child(Timeouts()) self.register_child(BasicThreatDetection()) self.register_child(AdvancedThreatDetection()) self.register_child(ScanningThreatDetection()) self.register_child(NetFlowObjects()) self.register_child(IPAudit()) self.register_child(NTP()) self.register_child(DNS()) self.register_child(SmartCallHome()) self.register_child(GlobalServicePolicyContainer()) 'Child for vsnGrpCfg element' if include_shared_config: self.register_child(SharedConfig())
def __init__(self, instance): DMObject.__init__(self, instance) self.register_child(ExIntfConfigRelFolder()) self.register_child(InIntfConfigRelFolder()) self.register_child(Connectors('CONN', Connector)) self.register_child(BridgeGroupIntfs()) self.register_child(NATRuleList()) self.register_child(NATRuleDeployment()) # Must follow NATRuleList self.register_child(AccessGroupList('ExtAccessGroup', 'external')) self.register_child(AccessGroupList('IntAccessGroup', 'internal')) self.register_child(IntStaticRoute()) self.register_child(ExtStaticRoute()) self.register_child(InIPv6EnforceEUI64()) self.register_child(ExIPv6EnforceEUI64()) self.register_child(IntConnectorServicePolicyContainer()) self.register_child(ExtConnectorServicePolicyContainer())
def __init__(self, instance): DMObject.__init__(self, instance) self.register_child(IPv4Addr('ipv4_address')) self.register_child(SecurityLevel('security_level')) self.register_child(IPv6AddrList()) self.register_child(IPv6AutoConfig('ipv6_autoconfig')) self.register_child(IPv6Enable('ipv6_enable')) self.register_child(IPv6NDDad('ipv6_nd_dad_attempts')) self.register_child(IPv6NDNsInterval('ipv6_nd_ns_interval')) self.register_child(IPv6NDReachable('ipv6_nd_reachable_time')) self.register_child(IPv6NDRaInterval('ipv6_nd_ra_interval')) self.register_child(IPv6NDRaLifetime('ipv6_nd_ra_lifetime')) self.register_child(IPv6LinkLocal('ipv6_link_local_address')) self.register_child(IPv6NeighborDiscoveryList()) 'vxlan config below' self.register_child(SegmentIDSecondarys()) self.register_child(SegmentIDOriginates())
def __init__(self): ''' Constructor ''' DMObject.__init__(self, ifc_key=Timeouts.__name__, asa_key='timeout') ifc_asa_keys = [ # IFC Key ASA Key Default min max allow0 ("Connection", "timeout conn", '1:0:0', '0:5:0', '1193:0:0', True), ("HalfClosedConnection", "timeout half-closed", '0:10:0', '0:0:30', '1193:0:0', True), ("Udp", "timeout udp", '0:2:0', '0:1:0', '1193:0:0', True), ("Icmp", "timeout icmp", '0:0:2', '0:0:2', '1193:0:0', False), ("H323", "timeout h323", '0:5:0', '0:0:0', '1193:0:0', False), ("H225", "timeout h225", '1:0:0', '0:0:0', '1193:0:0', False), #Trailing space in the ASA key for Mgcp is to avoid collision with mgcp-pat ("Mgcp", "timeout mgcp ", '0:5:0', '0:0:0', '1193:0:0', True), ("MgcpPat", "timeout mgcp-pat", '0:5:0', '0:0:0', '1193:0:0', True), ("TcpProxyReassembly", "timeout tcp-proxy-reassembly", '0:1:0', '0:0:10', '1193:0:0', False), ("FloatingConn", "timeout floating-conn", '0:0:0', '0:0:30', '1193:0:0', True), ("SunRpc", "timeout sunrpc", '0:10:0', '0:1:0', '1193:0:0', True), #Trailing space in the ASA key for Sip is to avoid collision with other sip-* command ("Sip", "timeout sip ", '0:30:0', '0:5:0', '1193:0:0', True), ("SipMedia", "timeout sip_media", '0:2:0', '0:1:0', '1193:0:0', True), ("SipProvisionalMedia", "timeout sip-provisional-media", '0:2:0', '0:1:0', '1193:0:0', False), ("SipInvite", "timeout sip-invite", '0:1:0', '0:0:30', '1193:0:0', False), ("SipDisconnect", "timeout sip-disconnect", '0:2:0', '0:0:1', '1193:0:0', False), ("Xlate", "timeout xlate", '3:0:0', '0:1:0', '1193:0:0', False), ("PatXlate", "timeout pat-xlate", '0:0:30', '0:0:30', '0:5:0', False) ] for (ifc, asa, dflt, min, max, allow0) in ifc_asa_keys: self.register_child(Timeout(ifc, asa, dflt, min, max, allow0)) self.register_child(AuthenticationTimeout("AuthenAbsolute", "absolute")) self.register_child( AuthenticationTimeout("AuthenInactivity", "inactivity"))
def __init__(self): DMObject.__init__(self, InIntfConfigRelFolder.__name__) self.register_child(InIntfConfigRel())
def __init__(self): DMObject.__init__(self, InIntfConfigRel.__name__)
def __init__(self): DMObject.__init__(self, ifc_key = 'interface')
def __init__(self, name): DMObject.__init__(self, name) self.register_child(ChannelGroup()) self.register_child(InterfaceObject()) self.response_parser = cli_interaction.ignore_info_response_parser
def __init__(self): DMObject.__init__(self, ifc_key = 'port_channel_id')
def __init__(self): DMObject.__init__(self, ifc_key='port_channel_id')
def __init__(self): DMObject.__init__(self, SharedConfig.__name__) self.register_child(Firewalls())
def __init__(self): DMObject.__init__(self, ifc_key='interface')
def __init__(self, type): DMObject.__init__(self, ifc_key = 'ipv6_enforce_eui64') self.conn_type = type
def __init__(self): DMObject.__init__(self, ExIPv6EnforceEUI64.__name__) self.register_child(IPv6EnforceEUI64('external'))
def __init__(self, ifc_key = "GlobalServicePolicy", connector = None): DMObject.__init__(self, ifc_key = ifc_key) self.register_child(PolicyMap(connector)) self.register_child(ServicePolicy(connector))