def router(self):
protocol = self.expect(Keyword)
protocol_tag = taglib.tag("routing protocol", protocol.upper())
protocol_tag.implied_by(taglib.env_tags.device, self.lineNum)
if protocol == "bgp":
local_as = self.expect(Literal)
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_lineNum = self.lineNum
local_as_tag.implies(taglib.as_number_tag(local_as), local_as_lineNum)
self.skipTo(EndOfCommand)
while True:
if self.accept(Token.EndOfMode) is not None:
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
if op:
pass
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "neighbor-group":
self.bgp_neighbor_group(self.expect(Literal))
elif cmd == "neighbor":
peer = self.expect(Literal)
peer_tag = taglib.ip_address_tag(peer, kind="%s peer" % protocol.upper())
peer_lineNum = self.lineNum
address_tag = taglib.ip_address_tag(peer)
peer_tag.implies(address_tag, self.lineNum)
self.expect(EndOfCommand)
self.bgp_neighbor(protocol_tag, peer, peer_tag, peer_lineNum, local_as, local_as_tag, local_as_lineNum)
elif cmd == "vrf":
self.expect(Literal)
self.expect(EndOfCommand)
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
elif protocol == "static":
self.static()
else:
self.skipToEndOfMode()
def tag_addresses(family_elem):
for address_elem in family_elem.xpath("address/name"):
ifa_tag = taglib.ip_address_tag(address_elem.text,
kind="interface address")
ifa_tag.implied_by(unit_tag, address_elem.sourceline)
t = taglib.ip_address_tag(address_elem.text)
t.implied_by(ifa_tag, address_elem.sourceline)
t.implies(taglib.ip_subnet_tag(address_elem.text),
address_elem.sourceline)
def tag_addresses(family_elem):
for address_elem in family_elem.xpath("address/name"):
ifa_tag = taglib.ip_address_tag(address_elem.text,
kind="interface address")
ifa_tag.implied_by(unit_tag, address_elem.sourceline)
t = taglib.ip_address_tag(address_elem.text)
t.implied_by(ifa_tag, address_elem.sourceline)
t.implies(taglib.ip_subnet_tag(address_elem.text),
address_elem.sourceline)
def test_ip_address_tag(self):
t = taglib.ip_address_tag("127.0.0.1")
eq_(t.kind, "IPv4 address")
eq_(t.name, "127.0.0.1")
eq_(t.sort_name, "v4 7f000001")
t = taglib.ip_address_tag("127.0.0.1", "interface address")
eq_(t.kind, "interface address")
eq_(t.name, "127.0.0.1")
eq_(t.sort_name, "v4 7f000001")
def test_ip_address_tag(self):
t = taglib.ip_address_tag("127.0.0.1")
eq_(t.kind, "IPv4 address")
eq_(t.name, "127.0.0.1")
eq_(t.sort_name, "v4 7f000001")
t = taglib.ip_address_tag("127.0.0.1", "interface address")
eq_(t.kind, "interface address")
eq_(t.name, "127.0.0.1")
eq_(t.sort_name, "v4 7f000001")
def ip(self, if_tag=None, if_name=None, version=None):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if if_name:
if version == 'IPv4':
if_addrs4.setdefault(if_name, ipaddress)
elif version == 'IPv6':
if_addrs6.setdefault(if_name, ipaddress)
ifaddr_tag = taglib.ip_address_tag(address,
kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6':
ipv6_addresses = True
if re.search(r"eth|fddi|port-channel", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'cef':
if not version:
version = "IPv4"
distributed = self.accept(Keyword)
if distributed == "distributed":
cef = " ".join((version, distributed))
else:
cef = version
t = taglib.tag("Cisco express forwarding", cef)
t.implied_by(device_tag, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'domain name' or cmd == 'domain-name':
t = taglib.tag("domain name", self.expect(String))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'name-server':
t = taglib.tag("name server", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
ra_line = self.lineNum
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_line = self.lineNum
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'ssh':
if self.sshEnabled == False:
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.sshEnabled = True
nextCmd = self.expect(Keyword)
if nextCmd == 'version':
version = self.expect(Literal)
if version == '2':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
t = taglib.tag("service", "SSHv2")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif version == '1':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
t = taglib.tag("service", "SSHv1")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'unicast-routing':
ipv6_unicast_routing = self.lineNum
self.expect(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def router(self):
protocol = self.expect(Keyword)
protocol_tag = taglib.tag("routing protocol", protocol.upper())
protocol_tag.implied_by(taglib.env_tags.device, self.lineNum)
if protocol == "bgp":
bgp_router_id = None
bgp_router_id_lineNum = None
local_as = self.expect(Literal)
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_lineNum = self.lineNum
local_as_tag.implies(taglib.as_number_tag(local_as), local_as_lineNum)
self.skipTo(EndOfCommand)
while True:
disable = False
if self.accept(Whitespace) is None:
for peer, peerdict in peer_dicts.items():
bgp_local_addr = None
bgp_local_addr_lineNum = None
peer_lineNum = peerdict.get("peer_lineNum", None)
peer_group = peerdict.get("peer_group", None)
if peer_group:
peer_group_dict = peer_groups.get(peer_group, None)
else:
peer_group_dict = None
peer_as = peerdict.get("peer_as", None)
if peer_as is not None:
peer_as_lineNum = peerdict.get("peer_as_lineNum", None)
elif peer_group_dict:
peer_as = peer_group_dict.get("peer_as", None);
peer_as_lineNum = peer_group_dict.get("peer_as_lineNum", None)
if peer_as is None:
continue
update_source = peerdict.get("update_source", None)
update_source_lineNum = peerdict.get("update_source_lineNum", None)
if update_source is None and peer_group_dict is not None:
update_source = peer_group_dict.get("update_source", None)
update_source_lineNum = peer_group_dict.get("update_source_lineNum", None)
peer_ip = IPy.IP(peer)
if update_source is None:
if peer_ip.version() == 4 and bgp_router_id:
bgp_local_addr = bgp_router_id
bgp_local_addr_lineNum = bgp_router_id_lineNum
else:
update_source = 'Loopback0'
update_source_lineNum = 0
if update_source is not None:
bgp_local_addr_lineNum = update_source_lineNum
if peer_ip.version() == 4:
bgp_local_addr = if_addrs4.get(update_source)
elif peer_ip.version() == 6:
bgp_local_addr = if_addrs6.get(update_source)
peer_tag = taglib.ip_address_tag(peer, kind="%s peer" % protocol.upper())
address_tag = taglib.ip_address_tag(peer)
peer_tag.implies(address_tag, peer_lineNum)
peer_as_tag = taglib.as_number_tag(peer_as, "remote AS")
peer_as_tag.implies(taglib.as_number_tag(peer_as), peer_as_lineNum)
if peer_as == local_as:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
peering_tag = taglib.tag("%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer),
sort_name="%s %s" % (device_tag.name, peer_tag.sort_name))
peering_tag.implies(protocol_tag, peer_lineNum)
peering_tag.implied_by(device_tag, peer_lineNum)
local_as_tag.implied_by(peering_tag, peer_lineNum)
peer_as_tag.implied_by(peering_tag, peer_lineNum)
if bgp_local_addr is not None:
peer2_tag = taglib.ip_address_tag(bgp_local_addr, kind="%s peer" % protocol.upper())
address2_tag = taglib.ip_address_tag(bgp_local_addr)
peer2_tag.implies(address2_tag, bgp_local_addr_lineNum)
local_peer_tag = taglib.ip_address_tag(bgp_local_addr, kind="local %s peer" % protocol.upper())
local_peer_tag.implied_by(peering_tag, bgp_local_addr_lineNum)
local_peer_tag.implies(peer2_tag, bgp_local_addr_lineNum)
remote_peer_tag = taglib.ip_address_tag(peer, kind="remote %s peer" % protocol.upper())
remote_peer_tag.implied_by(peering_tag, peer_lineNum)
remote_peer_tag.implies(peer_tag, peer_lineNum)
return
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
if op and op == "no":
disable = True
cmd = self.expect(Keyword)
if cmd == "neighbor":
peer_group = None
peer = self.accept(Number)
if peer is None:
# if no address, then its probably a peer group
peer_group = self.expect(String)
peerdict = peer_groups.get(peer_group, None)
if peerdict is None:
peerdict = {}
peer_groups[peer_group] = peerdict
else:
peerdict = peer_dicts.get(peer, None)
if peerdict is None:
peerdict = {}
peerdict["peer"] = peer
peerdict["peer_lineNum"] = self.lineNum
peerdict["disable"] = disable
peer_dicts[peer] = peerdict
subcmd = self.expect(Keyword)
if subcmd == "remote-as":
peerdict["peer_as"] = self.expect(Literal)
peerdict["peer_as_lineNum"] = self.lineNum
elif subcmd == "peer-group":
if peer is not None:
peerdict["peer_group"] = self.accept(Literal)
elif subcmd == "update-source":
peerdict["update_source"] = self.expect(Literal)
peerdict["update_source_lineNum"] = self.lineNum
elif cmd == "bgp":
subcmd = self.expect(Keyword)
if subcmd == "router-id":
bgp_router_id = self.accept(Literal)
bgp_router_id_lineNum = self.lineNum
else:
self.skipTo(EndOfCommand)
elif cmd == "router-id":
bgp_router_id = self.accept(Literal)
bgp_router_id_lineNum = self.lineNum
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
self.skipTo(EndOfCommand)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(r'-detail', '', filename)
main(filename)
return
# time
m = re.match(r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?', line)
if m:
which, server, vr = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
ignore, server, vr = m.groups()
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'create vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlanTag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlanTag.implied_by(taglib.env_tags.snapshot, line=n)
taglib.env_tags.device.implied_by(vlanTag, line=n)
continue
m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line)
if m:
vlan, vlan_id = m.group(1), int(m.group(2))
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_id_tag = taglib.tag("VLAN ID", vlan_id, sort_name="%05d" % vlan_id)
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(vlan_id_tag, line=n)
continue
m = re.match(r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+', line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
m = re.match(r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+', line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# dhcp/bootp
m = re.match(r'configure bootprelay add ([\w\d.-]+)', line)
if m:
relay = m.group(1)
taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device, line=n)
continue
# accounts
m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(2)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure account (admin|user).*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# protocols
m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line)
if m:
protocolTag = taglib.tag("routing protocol", taglib.protocol_name(m.group(1)))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'enable (igmp|MLD) snooping.*', line)
if m:
protocol = m.group(1)
protocolTag = taglib.tag("routing protocol", taglib.protocol_name(protocol))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n)
continue
m = re.match(r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)', line)
if m:
domain, vlan, instance, area = m.groups()
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPFv3 area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n)
continue
# services
serviceLabelDict = {'ssh':'SSHv1', 'ssh1':'SSHv1', 'ssh2':'SSHv2', 'telnet':'TELNET',
'web':'HTTP'}
m = re.match(r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?', line)
if m:
service = m.group(1)
taglib.tag("service", serviceLabelDict[service]).implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?', line)
if m:
taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device, n)
continue
def bgp_neighbor(self, protocol_tag, peer, peer_tag, peer_lineNum, top_local_as, top_local_as_tag, top_local_as_lineNum):
local_as = top_local_as
local_as_tag = top_local_as_tag
local_as_lineNum = top_local_as_lineNum
while True:
if self.accept(Token.EndOfMode) is not None:
if peer_as == local_as:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
peering_tag = taglib.tag("%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer),
sort_name="%s %s" % (device_tag.name, peer_tag.sort_name))
peering_tag.implies(protocol_tag, peer_lineNum)
peering_tag.implied_by(device_tag, peer_lineNum)
local_as_tag.implied_by(peering_tag, peer_lineNum)
peer_as_tag.implied_by(peering_tag, peer_lineNum)
remote_peer_tag = taglib.ip_address_tag(peer, kind="remote %s peer" % protocol_tag.name)
remote_peer_tag.implied_by(peering_tag, peer_lineNum)
remote_peer_tag.implies(peer_tag, peer_lineNum)
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
if op:
pass
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "local-as":
local_as = self.expect(Literal)
local_as_lineNum = self.lineNum
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_tag.implies(taglib.as_number_tag(local_as), local_as_lineNum)
self.expect(EndOfCommand)
elif cmd == "remote-as":
peer_as = self.expect(Literal)
peer_as_lineNum = self.lineNum
peer_as_tag = taglib.as_number_tag(peer_as, "remote AS")
peer_as_tag.implies(taglib.as_number_tag(peer_as), peer_as_lineNum)
self.expect(EndOfCommand)
elif cmd == "use":
subcmd = self.expect(Keyword)
if subcmd == "neighbor-group":
group = self.expect(Literal)
group_local_as = bgp_group_local_as.get(group, None)
if group_local_as is not None:
local_as = group_local_as
local_as_lineNum = bgp_group_local_as_lineNum.get(group, None)
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_tag.implies(taglib.as_number_tag(local_as), local_as_lineNum)
group_peer_as = bgp_group_remote_as.get(group, None)
if group_peer_as is not None:
peer_as = group_peer_as
peer_as_lineNum = bgp_group_remote_as_lineNum.get(group, None)
peer_as_tag = taglib.as_number_tag(peer_as, "remote AS")
peer_as_tag.implies(taglib.as_number_tag(peer_as), peer_as_lineNum)
self.skipTo(EndOfCommand)
elif cmd == "address-family":
self.bgp_neighbor_address_family()
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
def ip(self, if_tag=None, version=None, active=True):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(
Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(
IPy.IP(ipaddress).int()
| ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if active:
ifaddr_tag = taglib.ip_address_tag(
address, kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6' and re.search(
r"eth|srp", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
if self.accept(Keyword):
self.expect(Literal)
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(
Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def tag_protocols(top):
protocol = "BGP"
routing_options_local_as_list = top.xpath(
"routing-options/autonomous-system/as-number")
routing_options_router_id_list = top.xpath("routing-options/router-id")
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("neighbor/name"):
local_address_elem_list = peer_name_elem.xpath(
"ancestor::*/local-address")
if local_address_elem_list:
local_address_elem = local_address_elem_list[0]
elif routing_options_router_id_list:
local_address_elem = routing_options_router_id_list[0]
local_elem_list = peer_name_elem.xpath(
"ancestor::*/local-as/as-number")
if local_elem_list:
local_elem = local_elem_list[0]
elif routing_options_local_as_list:
local_elem = routing_options_local_as_list[0]
if local_elem is not None:
localasn_tag = taglib.as_number_tag(
local_elem.text, "local AS")
localasn_tag.implies(taglib.as_number_tag(local_elem.text),
local_elem.sourceline)
asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as")
if asn_elem_list:
asn_elem = asn_elem_list[0]
else:
asn_elem = local_elem
asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS")
asn_tag.implies(taglib.as_number_tag(asn_elem.text),
asn_elem.sourceline)
if asn_elem.text == local_elem.text:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peering_tag = taglib.tag(
"%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer_name_elem.text),
sort_name="%s %s" %
(device_tag.name, address_tag.sort_name))
peering_tag.implies(protocol_tag, peer_name_elem.sourceline)
peering_tag.implied_by(device_tag, peer_name_elem.sourceline)
peering_tag.implied_by(group_tag, peer_name_elem.sourceline)
asn_tag.implied_by(peering_tag, asn_elem.sourceline)
localasn_tag.implied_by(peering_tag, local_elem.sourceline)
peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="%s peer" % protocol)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
if local_address_elem is not None:
peer2_tag = taglib.ip_address_tag(local_address_elem.text,
kind="%s peer" %
protocol.upper())
address2_tag = taglib.ip_address_tag(
local_address_elem.text)
peer2_tag.implies(address2_tag,
local_address_elem.sourceline)
local_peer_tag = taglib.ip_address_tag(
local_address_elem.text,
kind="local %s peer" % protocol)
local_peer_tag.implied_by(peering_tag,
local_address_elem.sourceline)
local_peer_tag.implies(peer2_tag,
peer_name_elem.sourceline)
remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="remote %s peer" %
protocol)
remote_peer_tag.implied_by(peering_tag,
peer_name_elem.sourceline)
remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline)
protocol = "MSDP"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("peer/name"):
peer_tag = taglib.tag("%s peer" % protocol,
peer_name_elem.text)
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
peer_tag.implied_by(group_tag, peer_name_elem.sourceline)
peer_tag.implies(protocol_tag, peer_name_elem.sourceline)
ospf_version_dict = {'ospf': 'OSPF', 'ospf3': 'OSPFv3'}
for protocol_key, protocol in ospf_version_dict.items():
protocol_elem_list = top.xpath("protocols/%s" % protocol_key)
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for area_elem in protocol_elem.xpath("area"):
name_elem = area_elem.xpath("name")[0]
area_tag = taglib.tag("%s area" % protocol, name_elem.text)
area_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in area_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface", "%s %s" %
(device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(area_tag, interface_name_elem.sourceline)
protocol = "PIM"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_name_elem in protocol_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface",
"%s %s" % (device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(protocol_tag, interface_name_elem.sourceline)
for protocol in ("RIP", "RIPng"):
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol, name_elem.text)
group_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in group_elem.xpath("neighbor/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface", "%s %s" %
(device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
t.implies(group_tag, interface_name_elem.sourceline)
protocol = "router-advertisement"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_elem in protocol_elem.xpath("interface"):
interface_name_elem = interface_elem.xpath("name")[0]
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag(
"interface",
"%s %s" % (device_tag.name, interface_name_elem.text))
]
for t in interface_tags:
ratag = taglib.tag(
"ND router advertisement server",
"%s %s" % (device_tag.name, interface_name_elem.text))
ratag.implied_by(t, interface_name_elem.sourceline)
for prefix_name_elem in interface_elem.xpath("prefix/name"):
ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text),
prefix_name_elem.sourceline)
def main(filename):
lines = open(filename, 'rU')
n = 0
ssh_version = None
ssh_enable = False
for line in lines:
n += 1
# hostname
m = re.match(r'set hostname ([\w\d.-]+)', line)
if m:
host = m.group(1)
taglib.tag("hostname", host).implied_by(taglib.env_tags.device,
line=n)
continue
# time
m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line)
if m:
server = m.group(2)
if not server == '0.0.0.0':
taglib.tag("NTP server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name",
domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set dns host dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line)
if m:
server = m.group(2)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(
r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line)
if m:
name, ipaddress, plen, secondary = m.groups()
address = ipaddress + "/" + plen
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
name_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, name))
name_tag.implied_by(taglib.env_tags.snapshot, line=n)
name_tag.implies(taglib.env_tags.device, line=n)
name_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
# services
m = re.match(r'set ssh version ([\w\d]+)', line)
if m:
ssh_version = m.group(1)
ssh_version_line = n
continue
m = re.match(r'set ssh enable', line)
if m:
ssh_enable = True
taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'set scp enable', line)
if m:
taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n)
continue
# post parse phase
if ssh_enable:
if ssh_version:
taglib.tag("service",
'SSH' + ssh_version).implied_by(taglib.env_tags.device,
ssh_version_line)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(r'-detail', '', filename)
main(filename)
return
# time
m = re.match(r'set ntp server "?([\w\d.-]+)"?( key [\d]+)?', line)
if m:
server, key = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set ip dns domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set ip dns server ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(r'set radius server ([\w\d.-]+)\s+auth-port ([\d]+)( acct-port [\d]+)?( primary)?', line)
if m:
server, port, acct, which = m.groups()
taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(r'set tacacs server ([\w\d.-]+)( primary)?', line)
if m:
server, which = m.groups()
taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'set interface "?([\w\d]+)"? ([\d]+)\s+([\d.]+)/([\d.]+)\s+([\d.]+)', line)
if m:
vlan, vlan, ipaddress, mask, broadcast = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set localuser user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# services
m = re.match(r'set ip http server enable', line)
if m:
taglib.tag("service", 'HTTP').implied_by(taglib.env_tags.device, n)
continue
def ip(self, if_tag=None, version=None, active=True):
ra_line = None
ra_suppress = False
ra_prefix = []
if_prefix = []
cmd = self.expect(Keyword)
if False:
pass
elif cmd == 'address':
name = self.accept(String)
ipaddress = self.accept(Literal)
if ipaddress:
self.accept(Punctuation) # allow detection of address/prefix length
if name:
ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6)
address = ipaddress + "/" + self.expect(Literal)
if active:
ifaddr_tag = taglib.ip_address_tag(address,
kind="interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
ifaddr_tag.implied_by(if_tag, self.lineNum)
address_tag.implied_by(ifaddr_tag, self.lineNum)
subnet_tag.implied_by(address_tag, self.lineNum)
if version:
version_tag = taglib.tag("IP version", version)
version_tag.implied_by(if_tag, self.lineNum)
# add router advertisement by default on multi-access networks
if version == 'IPv6' and re.search(r"eth|srp", if_tag.name, re.I):
if_prefix.append(subnet_tag.name)
ra_line = self.lineNum
self.skipTo(EndOfCommand)
elif cmd == 'general-prefix':
name = self.expect(String)
ipaddress = self.expect(Literal)
self.expect(Punctuation)
address = ipaddress + "/" + self.expect(Literal)
ipv6_general_prefixes[name] = IPy.IP(address)
self.expect(EndOfCommand)
elif cmd == 'helper-address':
if self.accept(Keyword):
self.expect(Literal)
t = taglib.tag("BOOTP relay", self.expect(Literal))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.expect(EndOfCommand)
elif cmd == 'http':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
t = taglib.tag("service", "HTTP")
t.implied_by(taglib.env_tags.device, self.lineNum)
elif nextCmd == 'secure-server':
t = taglib.tag("service", "HTTPS")
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
elif cmd == 'nd':
nextCmd = self.expect(Keyword)
if nextCmd == 'prefix':
nd_prefix = None
default_prefix = self.accept(Keyword)
if not default_prefix:
nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal)
keyword = self.accept(Keyword)
if keyword is None or not 'no-ad' in keyword:
if nd_prefix:
ra_prefix.append(nd_prefix)
elif nextCmd == 'suppress-ra':
ra_suppress = True
self.skipTo(EndOfCommand)
elif cmd == 'scp':
nextCmd = self.expect(Keyword)
if nextCmd == 'server':
nextCmd = self.expect(Keyword)
if nextCmd == 'enable':
t = taglib.tag("service", taglib.protocol_name(cmd))
t.implied_by(taglib.env_tags.device, self.lineNum)
self.skipTo(EndOfCommand)
else:
self.skipTo(EndOfCommand)
return (ra_suppress, ra_line, if_prefix, ra_prefix)
def router(self):
protocol = self.expect(Keyword)
protocol_tag = taglib.tag("routing protocol", protocol.upper())
protocol_tag.implied_by(taglib.env_tags.device, self.lineNum)
if protocol == "bgp":
local_as = self.expect(Literal)
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_lineNum = self.lineNum
local_as_tag.implies(taglib.as_number_tag(local_as),
local_as_lineNum)
self.skipTo(EndOfCommand)
while True:
if self.accept(Token.EndOfMode) is not None:
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
if op:
pass
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "neighbor-group":
self.bgp_neighbor_group(self.expect(Literal))
elif cmd == "neighbor":
peer = self.expect(Literal)
peer_tag = taglib.ip_address_tag(peer,
kind="%s peer" %
protocol.upper())
peer_lineNum = self.lineNum
address_tag = taglib.ip_address_tag(peer)
peer_tag.implies(address_tag, self.lineNum)
self.expect(EndOfCommand)
self.bgp_neighbor(protocol_tag, peer, peer_tag,
peer_lineNum, local_as, local_as_tag,
local_as_lineNum)
elif cmd == "vrf":
self.expect(Literal)
self.expect(EndOfCommand)
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
elif protocol == "static":
self.static()
else:
self.skipToEndOfMode()
def bgp_neighbor(self, protocol_tag, peer, peer_tag, peer_lineNum,
top_local_as, top_local_as_tag, top_local_as_lineNum):
local_as = top_local_as
local_as_tag = top_local_as_tag
local_as_lineNum = top_local_as_lineNum
while True:
if self.accept(Token.EndOfMode) is not None:
if peer_as == local_as:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
peering_tag = taglib.tag("%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer),
sort_name="%s %s" %
(device_tag.name, peer_tag.sort_name))
peering_tag.implies(protocol_tag, peer_lineNum)
peering_tag.implied_by(device_tag, peer_lineNum)
local_as_tag.implied_by(peering_tag, peer_lineNum)
peer_as_tag.implied_by(peering_tag, peer_lineNum)
remote_peer_tag = taglib.ip_address_tag(peer,
kind="remote %s peer" %
protocol_tag.name)
remote_peer_tag.implied_by(peering_tag, peer_lineNum)
remote_peer_tag.implies(peer_tag, peer_lineNum)
return
if self.accept(Whitespace) is not None:
continue
if self.accept(Comment) is not None:
self.skipTo(EndOfCommand)
continue
try:
op = self.accept(Operator)
if op:
pass
cmd = self.expect(Keyword)
if False:
pass
elif cmd == "local-as":
local_as = self.expect(Literal)
local_as_lineNum = self.lineNum
local_as_tag = taglib.as_number_tag(local_as, "local AS")
local_as_tag.implies(taglib.as_number_tag(local_as),
local_as_lineNum)
self.expect(EndOfCommand)
elif cmd == "remote-as":
peer_as = self.expect(Literal)
peer_as_lineNum = self.lineNum
peer_as_tag = taglib.as_number_tag(peer_as, "remote AS")
peer_as_tag.implies(taglib.as_number_tag(peer_as),
peer_as_lineNum)
self.expect(EndOfCommand)
elif cmd == "use":
subcmd = self.expect(Keyword)
if subcmd == "neighbor-group":
group = self.expect(Literal)
group_local_as = bgp_group_local_as.get(group, None)
if group_local_as is not None:
local_as = group_local_as
local_as_lineNum = bgp_group_local_as_lineNum.get(
group, None)
local_as_tag = taglib.as_number_tag(
local_as, "local AS")
local_as_tag.implies(
taglib.as_number_tag(local_as),
local_as_lineNum)
group_peer_as = bgp_group_remote_as.get(group, None)
if group_peer_as is not None:
peer_as = group_peer_as
peer_as_lineNum = bgp_group_remote_as_lineNum.get(
group, None)
peer_as_tag = taglib.as_number_tag(
peer_as, "remote AS")
peer_as_tag.implies(taglib.as_number_tag(peer_as),
peer_as_lineNum)
self.skipTo(EndOfCommand)
elif cmd == "address-family":
self.bgp_neighbor_address_family()
else:
self.skipTo(EndOfCommand)
except UnexpectedToken:
self.skipTo(EndOfCommand)
def main(filename):
lines = open(filename, 'rU')
n = 0
for line in lines:
n += 1
if re.match(r'Syntax error at token detail', line):
lines.close()
taglib.default_filename = filename = re.sub(
r'-detail', '', filename)
main(filename)
return
# time
m = re.match(
r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?',
line)
if m:
which, server, vr = m.groups()
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device,
line=n)
continue
# dns
m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)',
line)
if m:
server = m.group(1)
taglib.tag("domain name",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(
r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
ignore, server, vr = m.groups()
taglib.tag("name server",
server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("domain name",
server).implied_by(taglib.env_tags.device, line=n)
continue
# radius
m = re.match(
r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("RADIUS server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# tacacs+
m = re.match(
r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?',
line)
if m:
which, server, port, client, vr = m.groups()
taglib.tag("TACACS+ server",
server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'create vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlanTag = taglib.tag("interface",
"%s %s" % (taglib.env_tags.device.name, vlan))
vlanTag.implied_by(taglib.env_tags.snapshot, line=n)
taglib.env_tags.device.implied_by(vlanTag, line=n)
continue
m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line)
if m:
vlan, vlan_id = m.group(1), int(m.group(2))
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_id_tag = taglib.tag("VLAN ID",
vlan_id,
sort_name="%05d" % vlan_id)
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(vlan_id_tag, line=n)
continue
m = re.match(
r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+',
line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
m = re.match(
r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+',
line)
if m:
vlan, ipaddress, mask = m.groups()
address = ipaddress + "/" + mask
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
vlan_tag.implied_by(taglib.env_tags.snapshot, line=n)
vlan_tag.implies(taglib.env_tags.device, line=n)
vlan_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# dhcp/bootp
m = re.match(r'configure bootprelay add ([\w\d.-]+)', line)
if m:
relay = m.group(1)
taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device,
line=n)
continue
# accounts
m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(2)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
m = re.match(r'configure account (admin|user).*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device,
line=n)
continue
# protocols
m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line)
if m:
protocolTag = taglib.tag("routing protocol",
taglib.protocol_name(m.group(1)))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'enable (igmp|MLD) snooping.*', line)
if m:
protocol = m.group(1)
protocolTag = taglib.tag("routing protocol",
taglib.protocol_name(protocol))
protocolTag.implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line)
if m:
vlan = m.group(1)
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n)
continue
m = re.match(
r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line)
if m:
vlan, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPF area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n)
continue
m = re.match(
r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)',
line)
if m:
domain, vlan, instance, area = m.groups()
vlan_tag = taglib.tag(
"interface", "%s %s" % (taglib.env_tags.device.name, vlan))
area_tag = taglib.tag("OSPFv3 area", area)
area_tag.implied_by(vlan_tag, line=n)
area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n)
continue
# services
serviceLabelDict = {
'ssh': 'SSHv1',
'ssh1': 'SSHv1',
'ssh2': 'SSHv2',
'telnet': 'TELNET',
'web': 'HTTP'
}
m = re.match(
r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?',
line)
if m:
service = m.group(1)
taglib.tag("service", serviceLabelDict[service]).implied_by(
taglib.env_tags.device, n)
continue
m = re.match(
r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?',
line)
if m:
taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device,
n)
continue
def main(filename):
lines = open(filename, 'rU')
n = 0
ssh_version = None
ssh_enable = False
for line in lines:
n += 1
# hostname
m = re.match(r'set hostname ([\w\d.-]+)', line)
if m:
host = m.group(1)
taglib.tag("hostname", host).implied_by(taglib.env_tags.device, line=n)
continue
# time
m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line)
if m:
server = m.group(2)
if not server == '0.0.0.0':
taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n)
continue
# dns
m = re.match(r'set domain ([\w\d.-]+)', line)
if m:
domain = m.group(1)
taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set dns host dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line)
if m:
server = m.group(2)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line)
if m:
server = m.group(1)
taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n)
continue
# interfaces
m = re.match(r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line)
if m:
name, ipaddress, plen, secondary = m.groups()
address = ipaddress + "/" + plen
ifaddr_tag = taglib.ip_address_tag(address, "interface address")
address_tag = taglib.ip_address_tag(address)
subnet_tag = taglib.ip_subnet_tag(address)
name_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name))
name_tag.implied_by(taglib.env_tags.snapshot, line=n)
name_tag.implies(taglib.env_tags.device, line=n)
name_tag.implies(ifaddr_tag, line=n)
ifaddr_tag.implies(address_tag, line=n)
address_tag.implies(subnet_tag, line=n)
continue
# accounts
m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line)
if m:
account = m.group(1)
taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n)
continue
# services
m = re.match(r'set ssh version ([\w\d]+)', line)
if m:
ssh_version = m.group(1)
ssh_version_line = n
continue
m = re.match(r'set ssh enable', line)
if m:
ssh_enable = True
taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n)
continue
m = re.match(r'set scp enable', line)
if m:
taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n)
continue
# post parse phase
if ssh_enable:
if ssh_version:
taglib.tag("service", 'SSH' + ssh_version).implied_by(taglib.env_tags.device, ssh_version_line)
def tag_protocols(top):
protocol = "BGP"
routing_options_local_as_list = top.xpath("routing-options/autonomous-system/as-number")
routing_options_router_id_list = top.xpath("routing-options/router-id")
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("neighbor/name"):
local_address_elem_list = peer_name_elem.xpath("ancestor::*/local-address")
if local_address_elem_list:
local_address_elem = local_address_elem_list[0]
elif routing_options_router_id_list:
local_address_elem = routing_options_router_id_list[0]
local_elem_list = peer_name_elem.xpath("ancestor::*/local-as/as-number")
if local_elem_list:
local_elem = local_elem_list[0]
elif routing_options_local_as_list:
local_elem = routing_options_local_as_list[0]
if local_elem is not None:
localasn_tag = taglib.as_number_tag(local_elem.text, "local AS")
localasn_tag.implies(taglib.as_number_tag(local_elem.text),
local_elem.sourceline)
asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as")
if asn_elem_list:
asn_elem = asn_elem_list[0]
else:
asn_elem = local_elem
asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS")
asn_tag.implies(taglib.as_number_tag(asn_elem.text),
asn_elem.sourceline)
if asn_elem.text == local_elem.text:
peering_relationship = "iBGP"
else:
peering_relationship = "eBGP"
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peering_tag = taglib.tag("%s peering" % peering_relationship,
"%s %s" % (device_tag.name, peer_name_elem.text),
sort_name="%s %s" % (device_tag.name, address_tag.sort_name))
peering_tag.implies(protocol_tag, peer_name_elem.sourceline)
peering_tag.implied_by(device_tag, peer_name_elem.sourceline)
peering_tag.implied_by(group_tag, peer_name_elem.sourceline)
asn_tag.implied_by(peering_tag, asn_elem.sourceline)
localasn_tag.implied_by(peering_tag, local_elem.sourceline)
peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="%s peer" % protocol)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
if local_address_elem is not None:
peer2_tag = taglib.ip_address_tag(local_address_elem.text, kind="%s peer" % protocol.upper())
address2_tag = taglib.ip_address_tag(local_address_elem.text)
peer2_tag.implies(address2_tag, local_address_elem.sourceline)
local_peer_tag = taglib.ip_address_tag(local_address_elem.text,
kind="local %s peer" % protocol)
local_peer_tag.implied_by(peering_tag, local_address_elem.sourceline)
local_peer_tag.implies(peer2_tag, peer_name_elem.sourceline)
remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text,
kind="remote %s peer" % protocol)
remote_peer_tag.implied_by(peering_tag, peer_name_elem.sourceline)
remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline)
protocol = "MSDP"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,
"%s %s" % (device_tag.name, name_elem.text))
group_tag.implied_by(device_tag, name_elem.sourceline)
for peer_name_elem in group_elem.xpath("peer/name"):
peer_tag = taglib.tag("%s peer" % protocol, peer_name_elem.text)
address_tag = taglib.ip_address_tag(peer_name_elem.text)
peer_tag.implies(address_tag, peer_name_elem.sourceline)
peer_tag.implied_by(group_tag, peer_name_elem.sourceline)
peer_tag.implies(protocol_tag, peer_name_elem.sourceline)
ospf_version_dict = {'ospf':'OSPF', 'ospf3':'OSPFv3'}
for protocol_key, protocol in ospf_version_dict.items():
protocol_elem_list = top.xpath("protocols/%s" % protocol_key)
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for area_elem in protocol_elem.xpath("area"):
name_elem = area_elem.xpath("name")[0]
area_tag = taglib.tag("%s area" % protocol, name_elem.text)
area_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in area_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(area_tag, interface_name_elem.sourceline)
protocol = "PIM"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_name_elem in protocol_elem.xpath("interface/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(protocol_tag, interface_name_elem.sourceline)
for protocol in ("RIP", "RIPng"):
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if not protocol_elem_list:
continue
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for group_elem in protocol_elem.xpath("group"):
name_elem = group_elem.xpath("name")[0]
group_tag = taglib.tag("%s group" % protocol,name_elem.text)
group_tag.implies(protocol_tag, name_elem.sourceline)
for interface_name_elem in group_elem.xpath("neighbor/name"):
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
t.implies(group_tag, interface_name_elem.sourceline)
protocol = "router-advertisement"
protocol_elem_list = top.xpath("protocols/%s" % protocol.lower())
if protocol_elem_list:
protocol_elem = protocol_elem_list[0]
protocol_tag = taglib.tag("routing protocol", protocol)
protocol_tag.used(protocol_elem.sourceline)
for interface_elem in protocol_elem.xpath("interface"):
interface_name_elem = interface_elem.xpath("name")[0]
if interface_name_elem.text == "all":
interface_tags = all_interface_tags
else:
interface_tags = [
taglib.tag("interface",
"%s %s" % (device_tag.name,
interface_name_elem.text))]
for t in interface_tags:
ratag = taglib.tag("ND router advertisement server",
"%s %s" % (device_tag.name, interface_name_elem.text))
ratag.implied_by(t, interface_name_elem.sourceline);
for prefix_name_elem in interface_elem.xpath("prefix/name"):
ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text),
prefix_name_elem.sourceline)
