def testVal_object_group_network_01():
"""Test object group network results"""
conf = [
"!",
"name 1.1.2.20 loghost01",
"!",
"object-group network INSIDE_addrs",
" network-object host loghost01",
" network-object host 1.1.2.1",
" network-object 1.1.2.2 255.255.255.255",
" network-object 1.1.2.0 255.255.255.0",
"!",
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax="asa")
obj = cfg_factory.find_objects(r"object-group\snetwork")[0]
result_correct_01 = [
IPv4Obj("1.1.2.20/32"),
IPv4Obj("1.1.2.1/32"),
IPv4Obj("1.1.2.2/32"),
IPv4Obj("1.1.2.0/24"),
]
result_correct_02 = [
"1.1.2.20", "1.1.2.1", "1.1.2.2", "1.1.2.0/255.255.255.0"
]
# Ensure obj.name is set correctly
assert obj.name == "INSIDE_addrs"
assert obj.networks == result_correct_01
assert obj.network_strings == result_correct_02
## Test obj.networks again to test the result_cache
assert obj.networks == result_correct_01
def testVal_object_group_network_02():
"""Test recursion through a group object"""
conf = ['!',
'name 1.1.2.20 loghost01',
'name 1.2.2.20 loghost02',
'!',
'object-group network INSIDE_recurse',
' network-object host loghost02',
'object-group network INSIDE_addrs',
' network-object host loghost01',
' network-object host 1.1.2.1',
' network-object 1.1.2.2 255.255.255.255',
' network-object 1.1.2.0 255.255.255.0',
' group-object INSIDE_recurse',
'!',]
cfg_factory = CiscoConfParse(conf, factory=True, syntax='asa')
obj = cfg_factory.find_objects(r'object-group\snetwork')[1]
result_correct_01 = [IPv4Obj('1.1.2.20/32'), IPv4Obj('1.1.2.1/32'),
IPv4Obj('1.1.2.2/32'), IPv4Obj('1.1.2.0/24'), IPv4Obj('1.2.2.20/32')]
result_correct_02 = ['1.1.2.20', '1.1.2.1', '1.1.2.2',
'1.1.2.0/255.255.255.0', '1.2.2.20']
# Ensure obj.name is set correctly
assert obj.name=="INSIDE_addrs"
assert obj.networks==result_correct_01
assert obj.network_strings==result_correct_02
## Test obj.networks again to test the result_cache
assert obj.networks==result_correct_01
def testVal_ipv4_addr():
conf = ['!',
'interface Ethernet0/0',
' nameif OUTSIDE',
' ip address 198.101.172.106 255.255.255.128 standby 198.101.172.107',
'!',
'interface Ethernet0/1',
' nameif INSIDE',
' ip address 192.0.2.254 255.255.255.0',
'!',
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax='asa')
obj = cfg_factory.find_objects(r'^interface\sEthernet0\/0$')[0]
# Ensure obj.ipv4_addr is set correctly
assert obj.ipv4_addr=='198.101.172.106'
assert obj.ipv4_standby_addr=='198.101.172.107'
obj = cfg_factory.find_objects(r'^interface\sEthernet0\/1$')[0]
assert obj.ipv4_addr=='192.0.2.254'
def testVal_ipv4_addr():
conf = [
"!",
"interface Ethernet0/0",
" nameif OUTSIDE",
" ip address 198.101.172.106 255.255.255.128 standby 198.101.172.107",
"!",
"interface Ethernet0/1",
" nameif INSIDE",
" ip address 192.0.2.254 255.255.255.0",
"!",
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax="asa")
obj = cfg_factory.find_objects(r"^interface\sEthernet0\/0$")[0]
# Ensure obj.ipv4_addr is set correctly
assert obj.ipv4_addr == "198.101.172.106"
assert obj.ipv4_standby_addr == "198.101.172.107"
obj = cfg_factory.find_objects(r"^interface\sEthernet0\/1$")[0]
assert obj.ipv4_addr == "192.0.2.254"
def testVal_object_group_service_03():
## This can only be configured as an object group after a host / network
conf = ['!',
'object-group service APP03_svc tcp-udp',
' port-object eq domain',
'!',]
cfg_factory = CiscoConfParse(conf, factory=True, syntax='asa')
obj = cfg_factory.find_objects(r'object-group\sservice')[0]
## Test whether the proper port objects are returned
results_correct = [L4Object(port_spec='eq 53', protocol='tcp',
syntax='asa'),
L4Object(port_spec='eq 53', protocol='udp', syntax='asa')]
assert (obj.name=='APP03_svc')
assert (obj.ports==results_correct)
assert (obj.L4Objects_are_directional is False)
assert (obj.protocol_type=='tcp-udp')
def testVal_object_group_service_01():
## This can only be configured as protocol object-group
conf = ['!',
'object-group service APP01_svc',
' service-object tcp destination smtp',
' service-object tcp destination https',
'!',]
cfg_factory = CiscoConfParse(conf, factory=True, syntax='asa')
obj = cfg_factory.find_objects(r'object-group\sservice')[0]
result_correct = [L4Object(protocol='tcp', port_spec='eq 25',
syntax='asa'), L4Object(protocol='tcp', port_spec='eq 443',
syntax='asa')]
assert (obj.name=='APP01_svc')
assert (obj.ports==result_correct)
assert (obj.L4Objects_are_directional is True)
assert (obj.protocol_type=='')
def testVal_parse_F5():
"""Test for Github issue #49"""
config = [
'ltm virtual virtual1 {',
' profiles {',
' test1 { }',
' }',
'}',
'ltm virtual virtual2 {',
' profiles2 {',
' test2 { }',
' }',
'}',
]
parse = CiscoConfParse(config, syntax='junos')
retval = parse.find_objects('profiles2')[0].children
assert retval[0].text.strip() == 'test2'
def testVal_parse_F5():
"""Test for Github issue #49"""
config = [
'ltm virtual virtual1 {',
' profiles {',
' test1 { }',
' }',
'}',
'ltm virtual virtual2 {',
' profiles2 {',
' test2 { }',
' }',
'}',
]
parse = CiscoConfParse(config, syntax='junos')
retval = parse.find_objects('profiles2')[0].children
assert retval[0].text==' test2 '
def testVal_parse_F5():
"""Test for Github issue #49"""
config = [
"ltm virtual virtual1 {",
" profiles {",
" test1 { }",
" }",
"}",
"ltm virtual virtual2 {",
" profiles2 {",
" test2 { }",
" }",
"}",
]
parse = CiscoConfParse(config, syntax="junos")
retval = parse.find_objects("profiles2")[0].children
assert retval[0].text.strip() == "test2"
def testVal_object_group_service_02():
## This can only be configured as an object group after a host / network
conf = ['!',
'object-group service APP02_svc tcp',
' port-object eq smtp',
' port-object eq https',
' port-object range 8080 8081',
'!',]
cfg_factory = CiscoConfParse(conf, factory=True, syntax='asa')
obj = cfg_factory.find_objects(r'object-group\sservice')[0]
result_correct = [L4Object(protocol='tcp', port_spec='eq 25',
syntax='asa'), L4Object(protocol='tcp', port_spec='eq 443',
syntax='asa'), L4Object(protocol='tcp', port_spec='range 8080 8081',
syntax='asa')]
assert (obj.name=='APP02_svc')
assert (obj.ports==result_correct)
assert (obj.L4Objects_are_directional is False)
assert (obj.protocol_type=='tcp')
def testVal_object_group_service_03():
## This can only be configured as an object group after a host / network
conf = [
"!",
"object-group service APP03_svc tcp-udp",
" port-object eq domain",
"!",
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax="asa")
obj = cfg_factory.find_objects(r"object-group\sservice")[0]
## Test whether the proper port objects are returned
results_correct = [
L4Object(port_spec="eq 53", protocol="tcp", syntax="asa"),
L4Object(port_spec="eq 53", protocol="udp", syntax="asa"),
]
assert obj.name == "APP03_svc"
assert obj.ports == results_correct
assert obj.L4Objects_are_directional is False
assert obj.protocol_type == "tcp-udp"
def testVal_object_group_service_01():
## This can only be configured as protocol object-group
conf = [
"!",
"object-group service APP01_svc",
" service-object tcp destination smtp",
" service-object tcp destination https",
"!",
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax="asa")
obj = cfg_factory.find_objects(r"object-group\sservice")[0]
result_correct = [
L4Object(protocol="tcp", port_spec="eq 25", syntax="asa"),
L4Object(protocol="tcp", port_spec="eq 443", syntax="asa"),
]
assert obj.name == "APP01_svc"
assert obj.ports == result_correct
assert obj.L4Objects_are_directional is True
assert obj.protocol_type == ""
def testVal_object_group_service_02():
## This can only be configured as an object group after a host / network
conf = [
"!",
"object-group service APP02_svc tcp",
" port-object eq smtp",
" port-object eq https",
" port-object range 8080 8081",
"!",
]
cfg_factory = CiscoConfParse(conf, factory=True, syntax="asa")
obj = cfg_factory.find_objects(r"object-group\sservice")[0]
result_correct = [
L4Object(protocol="tcp", port_spec="eq 25", syntax="asa"),
L4Object(protocol="tcp", port_spec="eq 443", syntax="asa"),
L4Object(protocol="tcp", port_spec="range 8080 8081", syntax="asa"),
]
assert obj.name == "APP02_svc"
assert obj.ports == result_correct
assert obj.L4Objects_are_directional is False
assert obj.protocol_type == "tcp"
#!/usr/bin/env python
from ciscoconfparse.ciscoconfparse import CiscoConfParse as CCP
from pprint import pprint as pp
with open('cisco_config.txt') as file:
parse = CCP(file)
pp(parse.find_objects(r'crypto map CRYPTO'))
ff_parents = parse.find_objects(r'crypto map CRYPTO')
i = 0
while i < len(parents):
print i
print parents[i]
i += 1