def decodeToken(self, dc): try: util.log_info( 'BgpNeighborTokenDecoder: Decode token for Bgp neighbor ip-address leaf value' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) block = decoderhandler.getCurrentBlock() command_block = block.toString().split('\n') commands = [] for cmds in command_block: commands.append(str(cmds.strip())) util.log_info("Commands: ", commands) for i in commands: commands_1 = i.split() util.log_info("Commands1: ", commands_1) if "bfd" and "fall-over" in commands_1: decoderhandler.addTokenValue("bfd-fall-over", "true") elif "no" and "bfd" and "fall-over" in commands_1: decoderhandler.addTokenValue("bfd-fall-over", "false") tokenText = decoderhandler.getTokenText() util.log_info('Token text = %s' % (tokenText)) value = decoderhandler.getValueAtCurrentIndex() util.log_info('Value = %s' % (value)) if value is not None and InetAddressUtils.isIPv4Address(value): decoderhandler.addTokenValue(tokenText, value) bgp_boolean = [ "send-community", "next-hop-self", "soft-reconfiguration", "allowas-in", "next-hop-unchanged", "route-reflector-client", "as-override", "weight" ] for bgp_b in bgp_boolean: if bgp_b == "weight": if "weight" in commands_1: decoderhandler.addTokenValue( "weight", commands_1[-1]) elif bgp_b in commands_1: decoderhandler.addTokenValue(bgp_b, "true") return 1 else: return -1 except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info( 'EEMActionStatementTokenDecoder: Decode token for action-statement and label leaf' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() currenttokenText = decoderhandler.getCurrentBlockTokens() value = decoderhandler.getValueAtCurrentIndex() decoderhandler.addTokenValue(tokenText, value) decoderhandler.addTokenValue("action-statement", currenttokenText[2]) if currenttokenText[2] == "syslog": decoderhandler.addTokenValue("syslog", currenttokenText[3]) except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info( 'NatStaticTokenDecoder: Decode token for inside-global-ip leaf value' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() util.log_debug('Token text = %s' % (tokenText)) value = decoderhandler.getValueAtCurrentIndex() util.log_debug('Value = %s' % (value)) if value is not None and InetAddressUtils.isIPv4Address(value): decoderhandler.addTokenValue(tokenText, value) return 1 else: return -1 except Exception: traceback.print_exc()
def parseNetwork(self, dc, cursor): util.log_debug('CiscoStaticRouterVariableDecoder: parseNetwork') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return util.log_debug( 'CiscoStaticRouterVariableDecoder(parseNetwork): next token is = %s' % (cursor.getNextToken())) decoderhandler.addTokenValue("dest-ip-address", cursor.getNextToken()) cursor.advance() if not cursor.hasNext(): return util.log_debug( 'CiscoStaticRouterVariableDecoder(parseNetwork): dest-mask next token is = %s' % (cursor.getNextToken())) decoderhandler.addTokenValue("dest-mask", cursor.getNextToken()) cursor.advance()
def decodeVariables(self, cpc, dc, context): try: util.log_info( 'VtyVariableDecoder: Decoding variables for complete line vty configurations block' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 0) self.parseName(dc, cursor) self.parseAcl(dc, cursor) self.parseAuthType(dc, cursor) self.parseTimeOut(dc, cursor) self.parseLogging(dc, cursor) self.parseHistorySize(dc, cursor) self.parsePrivilegeLevel(dc, cursor) self.parseTransportType(dc, cursor) except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('SlaDestinationPortTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) token = dc.getToken() value = decoderhandler.getValueAtCurrentIndex() util.log_debug('Value = %s' % (value)) dest_port_pattern = '^\d+$' dest_port_match = re.search(dest_port_pattern, value) if InetAddressUtils.isIPv4Address( value) or dest_port_match is None: return 1 dc.addTokenValue(token.getText(), value) return 1 except Exception: traceback.print_exc()
def parseAAAServerGroup(self, dc, cursor): util.log_debug('AAAServerGroupDecoder: Parse AAA TACACS Server Group') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return if "aaa" == cursor.getNextToken(): cursor.advance() if "group" == cursor.getNextToken(): cursor.advance() if "server" == cursor.getNextToken(): cursor.advance() if "tacacs+" == cursor.getNextToken(): cursor.advance() decoderhandler.addTokenValue('tacacs-server-group', cursor.getNextToken()) else: return else: return
def decodeToken(self, dc): try: util.log_info('CryptoPeerTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() value = decoderhandler.getValueAtCurrentIndex() decoderhandler.addTokenValue(tokenText, value) block = decoderhandler.getCurrentBlock() lines = block.toString().split("\n") lines = [line.strip(' ') for line in lines] util.log_info("Crypto Block Line: " + str(lines)) iskamp_match = re.search('isakmp', lines[0]) if iskamp_match is not None: decoderhandler.addTokenValue("ike-version", "IKEV1") decoderhandler.addTokenValue("id", lines[0]) except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('CryptoProfileNameTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) ike_profile_name = decoderhandler.getValueAtCurrentIndex() util.log_debug('Ike Profile Name = %s' % (ike_profile_name)) decoderhandler.addTokenValue("ike-profile-name", ike_profile_name) block = decoderhandler.getCurrentBlock() lines = block.toString().split("\n") lines = [line.strip(' ') for line in lines] iskamp_match = re.search('isakmp', lines[0]) if iskamp_match is not None: decoderhandler.addTokenValue("ike-version", "IKEV1") ikev2_match = re.search('ikev2', lines[0]) if ikev2_match is not None: decoderhandler.addTokenValue("ike-version", "IKEV2") except Exception: traceback.print_exc()
def parseTransformset(self, dc, cursor): util.log_debug('TransformSetVariableDecoder: parseTransformset') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return if "crypto" == cursor.getNextToken(): cursor.advance() cursor.advance() cursor.advance() transformSet = cursor.getNextToken() decoderhandler.addTokenValue("transform-set", transformSet) cursor.advance() if "mode" == cursor.getNextToken(): cursor.advance() mode = cursor.getNextToken() decoderhandler.addTokenValue("mode", mode) cursor.advance()
def decodeToken(self, dc): try: util.log_info('CryptoPolicyIkeVersionTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) policy = decoderhandler.getValueAtCurrentIndex() util.log_debug('Policy = %s' % (policy)) decoderhandler.addTokenValue("policy-number", policy) block = decoderhandler.getCurrentBlock() lines = block.toString().split("\n") lines = [line.strip(' ') for line in lines] iskamp_match = re.search('isakmp', lines[0]) if iskamp_match is not None: decoderhandler.addTokenValue("ike-version", "IKEV1") ikev2_match = re.search('ikev2', lines[0]) if ikev2_match is not None: decoderhandler.addTokenValue("ike-version", "IKEV2") except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('CiscoInterfaceNumberTokenDecoder decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() util.log_debug('Token text = %s' % (tokenText)) name = decoderhandler.getValueAtCurrentIndex() util.log_debug('Name1 = %s' % (name)) name = decoderhandler.getMatchingToken(".*[^\\d](\\d+)", name) util.log_debug('Name2 = %s' % (name)) if name is not None: decoderhandler.addTokenValue(tokenText, name) else: raise Exception('Can not find number from %s' % (name)) return 1 except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('RouterOspfRedistributeTokenDecoder decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() searchTokens = decoderhandler.getSearchTokens() util.log_debug('Token text = %s' % (tokenText)) value = decoderhandler.getValueAtCurrentIndex() protocol = util.safe_get(searchTokens, decoderhandler.getCurrentIndex() - 1) if protocol is not None: decoderhandler.addTokenValue( decoderutil.DecoderUtil().makeSiblingToken( tokenText, "protocol"), protocol) decoderhandler.addTokenValue(tokenText, value) util.log_debug('value = %s' % (value)) return 1 except Exception: traceback.print_exc()
def parseMatchValue(self, dc, cursor): util.log_debug('ClassMapVariableTokenDecoder: parseMatchValue') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return if conditiontype == "ip dscp": matchvalue = [] while cursor.getNextToken() is not None: matchvalue.append(cursor.getNextToken()) cursor.advance() matchvalue1 = " ".join(matchvalue) decoderhandler.addTokenValue("match-value", matchvalue1) if conditiontype == "dscp": matchvalue = [] while cursor.getNextToken() is not None: matchvalue.append(cursor.getNextToken()) cursor.advance() matchvalue1 = " ".join(matchvalue) decoderhandler.addTokenValue("match-value", matchvalue1) else: part1 = cursor.getNextToken() if not cursor.hasNext(): return cursor.advance() part2 = cursor.getNextToken() if not cursor.hasNext(): decoderhandler.addTokenValue("match-value", part1) return cursor.advance() if "traffic-class" == part2: decoderhandler.addTokenValue("match-value", part1) decoderhandler.addTokenValue("traffic-class", cursor.getNextToken()) elif "business-relevance" == part2: decoderhandler.addTokenValue("match-value", part1) decoderhandler.addTokenValue("business-relevance", cursor.getNextToken()) else: if part2 is not None: part1 = part1 + " " + part2 decoderhandler.addTokenValue("match-value", part1) else: decoderhandler.addTokenValue("match-value", part1)
def decodeToken(self, dc): try: util.log_info('IpSLAResponderTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) value = decoderhandler.getValueAtCurrentIndex() util.log_info('ResponderValue = %s' % (value)) block = decoderhandler.getCurrentBlock() util.log_info('ResponderBlock = %s' % (block)) lines = block.toString().split("\n") lines = [line.strip(' ') for line in lines] for line in lines: next_value = line.split(value) if len(next_value) >= 2: if value == "logging" and next_value[1] == " traps": decoderhandler.addTokenValue("is-logging-traps", "true") if value == "enable" and next_value[ 1] == " reaction-alerts": decoderhandler.addTokenValue("is-enable-reaction", "true") if value == "server" and next_value[1] == " twamp": decoderhandler.addTokenValue("is-server-twamp", "true") if re.search('^port ', line): next_value = line.split('port ') decoderhandler.addTokenValue("port", next_value[1]) if re.search('^timer inactivity ', line): next_value = line.split('timer inactivity ') decoderhandler.addTokenValue("timer-inactivity", next_value[1]) if value == "responder" or value == "logging" or value == "enable" or value == "server": decoderhandler.addTokenValue("key-chain", "") if value == "responder": decoderhandler.addTokenValue("is-responder", "true") return 1 except Exception: traceback.print_exc()
def parseAcl(self, dc, cursor): util.log_debug( 'VtyVariableDecoder: parseAcl will parse the ACL deatils') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return if "access-class" == cursor.getNextToken(): cursor.advance() decoderhandler.addTokenValue("acl-rule-number", cursor.getNextToken()) cursor.advance() cursor.advance() if cursor.hasNext(): cursor.advance() decoderhandler.addTokenValue("vrf", "vrf-also") else: return else: return
def decodeVariables(self, cpc, dc, context): try: util.log_info( 'TacacsServerPrivateVariableDecoder: Decoding Variable') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) command_block = decoderhandler.getCurrentBlockTokens() util.log_info("command_block : ", command_block) decoderhandler.addTokenValue('$server-private', command_block[1]) if command_block[3] == "7": decoderhandler.addTokenValue('$privilege-level', '7') priv_key = " ".join(command_block[4:len(command_block)]) util.log_info("1 : ", priv_key) decoderhandler.addTokenValue('$privilege-key', str(priv_key)) else: priv_key = " ".join(command_block[3:len(command_block)]) util.log_info("2 : ", priv_key) decoderhandler.addTokenValue('$privilege-key', str(priv_key)) except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('TrafficEngTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) token = dc.getToken() value = decoderhandler.getValueAtCurrentIndex() util.log_debug('Value = %s' % (value)) dc.addTokenValue(token.getText(), value) if value == 'path-option': cursor = util.TokenCursor(None, 0, dc) path_number = cursor.getNextToken(1) dc.addTokenValue("/path-config/path-number", path_number) path_type = cursor.getNextToken(2) dc.addTokenValue("/path-config/path-type", path_type) else: return 1 except Exception: traceback.print_exc()
def parseAuthType(self, dc, cursor): util.log_debug( 'VtyVariableDecoder: parseAuthType will parse the Authentication Type' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return if "login" == cursor.getNextToken(): cursor.advance() #if "local" == cursor.getNextToken() or "synchronous" == cursor.getNextToken(): if "local" == cursor.getNextToken(): decoderhandler.addTokenValue("login-local", "true") else: cursor.advance() decoderhandler.addTokenValue("auth-type", cursor.getNextToken()) cursor.advance() else: return
def decodeToken(self, dc): try: util.log_info('NtpServerPreferTokenDecoder: ') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() print 'Token text = %s' % (tokenText) value = decoderhandler.getValueAtCurrentIndex() print 'Value1 = %s' % (value) decoderhandler.addTokenValue(tokenText, value) current_block = decoderhandler.getCurrentBlock() block = str(current_block) util.log_info("current_block:" + str(block.split())) if "prefer" in block: decoderhandler.addTokenValue("../prefer", "true") else: decoderhandler.addTokenValue("../prefer", "false") except Exception: traceback.print_exc()
def parseIpsecEncryptionType(self, dc, cursor): util.log_debug('TransformSetVariableDecoder: parseIpsecEncryptionType') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return part1 = cursor.getNextToken() cursor.advance() part2 = cursor.getNextToken() cursor.advance() if "128" == part2: if part1 == 'esp-aes': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-aes 128") elif part1 == 'esp-gcm': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-gcm 128") if cursor.getNextToken() is not None: decoderhandler.addTokenValue("ipsec-authentication-type", cursor.getNextToken()) elif "192" == part2: if part1 == 'esp-aes': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-aes 192") elif part1 == 'esp-gcm': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-gcm 192") if cursor.getNextToken() is not None: decoderhandler.addTokenValue("ipsec-authentication-type", cursor.getNextToken()) elif "256" == part2: if part1 == 'esp-aes': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-aes 256") elif part1 == 'esp-gcm': decoderhandler.addTokenValue("ipsec-encryption-type", "esp-gcm 256") if cursor.getNextToken() is not None: decoderhandler.addTokenValue("ipsec-authentication-type", cursor.getNextToken()) else: decoderhandler.addTokenValue("ipsec-encryption-type", part1) decoderhandler.addTokenValue("ipsec-authentication-type", part2)
def decodeVariables(self, cpc, dc, context): try: util.log_info('NewRouteVariableDecoder: Decoding variable') ROUTE_VRF = ["ip", "route", "vrf"] decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if AnutaStringUtils.startsWith( decoderhandler.getCurrentBlockTokens(), ROUTE_VRF): return cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2, None) self.parseNetwork(dc, cursor) self.parseInterfaceName(dc, cursor) self.parseNextHop(dc, cursor) self.parseName(dc, cursor) decoderhandler.addTokenValue( "options/id", Joiner.on(" ").join( decoderhandler.getCurrentBlock().getTokens())) except Exception: traceback.print_exc()
def parseNetwork(self, dc, cursor): util.log_debug('NewRouteVariableDecoder: parseNetwork') if not cursor.hasNext(): return tokenvalue = cursor.getNextToken() decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if "/" in tokenvalue: decoderhandler.addTokenValue( "../dest-ip-address", CidrUtils.getNetworkAddress(tokenvalue)) decoderhandler.addTokenValue( "../dest-mask", CidrUtils.getNetmaskFromCidr(tokenvalue)) cursor.advance() return decoderhandler.addTokenValue("../dest-ip-address", cursor.getNextToken()) cursor.advance() if not cursor.hasNext(): return decoderhandler.addTokenValue("../dest-mask", cursor.getNextToken()) cursor.advance()
def decodeToken(self, dc): try: util.log_info( 'VrfDefTokenDecoder: Decode token for Vrf-Definition-mode') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) value = decoderhandler.getValueAtCurrentIndex() decoderhandler.addTokenValue(dc.getToken().getText(), value) if 'definition' in decoderhandler.getSearchTokens(): decoderhandler.addTokenValue( decoderutil.DecoderUtil().makeSiblingToken( dc.getToken().getText(), "vrf-definition-mode"), "true") else: decoderhandler.addTokenValue( decoderutil.DecoderUtil().makeSiblingToken( dc.getToken().getText(), "vrf-definition-mode"), "false") return 1 except Exception: traceback.print_exc()
def decodeToken(self, dc): try: print 'RouterBgpRouterIdTokenDecoder: Decode token' decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2, None) tokenText = decoderhandler.getTokenText() print 'Token text = %s' % (tokenText) value1 = decoderhandler.getValueAtCurrentIndex() print 'Value1 = %s' % (value1) cursor.advance() value2 = cursor.getNextToken() print 'Value2 = %s' % (value2) if value2 == None: decoderhandler.addTokenValue(tokenText, value1) else: decoderhandler.addTokenValue(tokenText, ("%s %s" % (value1, value2))) except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info('RouterEigrpTokenDecoder: Decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() util.log_info('Token text = %s' % (tokenText)) value = decoderhandler.getValueAtCurrentIndex() util.log_info('Value = %s' % (value)) match = re.search(pattern, value) util.log_info("match is:", match) if match is not None: util.log_info('inside if condition') util.log_info( "eigrp-name Data type is String, given other data type") return -1 else: util.log_info('inside else condition') decoderhandler.addTokenValue("$eigrp-name", value) return 1 except Exception: traceback.print_exc()
def parseIpHttp(self, dc, cursor): util.log_info('IpHttpTokenDecoder: parseIpHttp') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) if not cursor.hasNext(): return command = Joiner.on(" ").join(decoderhandler.getCurrentBlock().getTokens()) util.log_info('IpHttpTokenDecoder(parseIpHttp): command is %s' % (command)) if command == "no ip http secure-server": util.log_info("Making no-ip-http-secure-server as 'true'") decoderhandler.addTokenValue("no-ip-http-secure-server", 'true') if command == "no ip http server": util.log_info("Making no-ip-http-server as 'true'") decoderhandler.addTokenValue("no-ip-http-server", 'true') if command == "ip http secure-server": util.log_info("Making no-ip-http-secure-server as 'false'") decoderhandler.addTokenValue("no-ip-http-secure-server", 'false') if command == "ip http server": util.log_info("Making no-ip-http-server as 'false'") decoderhandler.addTokenValue("no-ip-http-server", 'false') util.log_info("IpHttpTokenDecoder(parseIpHttp):Exiting")
def processNetwork(self, cpc, dc, context, block): util.log_debug('ObjectGroupVariableDecoder: processNetwork') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) cursor = util.TokenCursor(block.getTokens(), 0, None) host = cursor.getNextToken() cursor.advance() ip = cursor.getNextToken() cursor.advance() if "host" == host: decoderhandler.addTokenValue("host", ip) decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens())) return if InetAddressUtils.isIPv4Address(host): decoderhandler.addTokenValue("ip-address", host) decoderhandler.addTokenValue("netmask", ip) decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens())) return if "group-object" == host: decoderhandler.addTokenValue("group-object", ip) decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens())) return
def decodeToken(self, dc): try: util.log_info('ClassMapMatchValueTokenDecoder decode token') decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) tokenText = decoderhandler.getTokenText() util.log_debug('Token text = %s' %(tokenText)) name = decoderhandler.getValueAtCurrentIndex() util.log_debug('Name = %s' %(name)) decoderhandler.addTokenValue(tokenText, name) cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 1, None) conditionType = cursor.getNextToken() util.log_debug('Condition Type = %s' %(conditionType)) if ("ip" == conditionType and "dscp" == cursor.getNextToken(1)): conditionType = "ip-dscp" if conditionType is not None and conditionType in self.KNOWN_CONDITIONS: decoderhandler.addTokenValue(dc, self.replaceTokenName(tokenText, "condition-type"), conditionType) else: util.log_debug('Unknown condition type = %s'%(conditionType)) return 1 except Exception: traceback.print_exc()
def decodeToken(self, dc): try: util.log_info( 'RouterBgpAllowasinTokenDecoder: Decode token for Bgp neighbor ip-address leaf value' ) decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc) block = decoderhandler.getCurrentBlock() util.log_debug("Block : ", block.toString()) tokenText = decoderhandler.getTokenText() util.log_debug('Token text = %s' % (tokenText)) value = decoderhandler.getValueAtCurrentIndex() util.log_debug('Value = %s' % (value)) decoderhandler.addTokenValue(tokenText, value) if "allowas-in" in block.toString(): util.log_debug("Allowas-in Present") decoderhandler.addTokenValue("allowas-in", "true") else: util.log_debug("Allowas-in not Present") decoderhandler.addTokenValue("allowas-in", "false") except Exception: traceback.print_exc()