cisco_acl_intp 0.0.1

data/spec/cisco_acl_intp/acl_spec.rb

@@ -0,0 +1,523 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+
+describe NamedExtAcl do
+  describe '#add_entry' do
+    before do
+      @acl = NamedExtAcl.new 'test-ext-acl'
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      ea = ExtendedAce.new(
+        action: 'permit',
+        protocol: 'udp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+      @acl.add_entry ea
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+ip access-list extended test-ext-acl
+ permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before do
+      @acl = NamedExtAcl.new 'test-ext-acl2'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        protocol: 'udp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        protocol: 'tcp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.0'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255',
+          operator: 'gt',
+          port: AceUdpProtoSpec.new(
+            number: 32_768
+          )
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+ip access-list extended test-ext-acl2
+ permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+ deny tcp host 192.168.3.3 192.168.4.0 0.0.0.255 gt 32768
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+ip access-list extended test-ext-acl2
+ permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+ deny tcp host 192.168.3.3 192.168.4.0 0.0.0.255 gt 32768
+ remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+  end
+
+  describe '#search_ace' do
+    # for extended ace, it is same as named/numbered ace.
+    # so that, tests only named-extended-ace
+    # and omit numbered-extended-acl
+    before do
+      @acl = NamedExtAcl.new 'test-ext-acl2'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        protocol: 'udp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        protocol: 'tcp',
+        src: {
+          ipaddr: '192.168.10.3',
+          wildcard: '0.0.0.0'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255',
+          operator: 'gt',
+          port: AceUdpProtoSpec.new(
+            number: 32_768
+          )
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        protocol: 'ip',
+        src: {
+          ipaddr: '0.0.0.0',
+          wildcard: '255.255.255.255'
+        },
+        dst: {
+          ipaddr: '10.0.0.0',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be match 2nd entry' do
+      ace = @acl.search_ace(
+        protocol: 'tcp',
+        src_ip: '192.168.10.3',
+        src_port: 64_332,
+        dst_ip: '192.168.4.5',
+        dst_port: 32_889
+      )
+      ace.to_s.should be_aclstr(
+        'deny tcp host 192.168.10.3 192.168.4.0 0.0.0.255 gt 32768'
+      )
+    end
+
+    it 'should be last entry' do
+      ace = @acl.search_ace(
+        protocol: 'udp',
+        src_ip: '192.168.10.3',
+        src_port: 64_332,
+        dst_ip: '10.0.0.3',
+        dst_port: 33_890
+      )
+      ace.to_s.should be_aclstr('deny ip any 10.0.0.0 0.0.0.255')
+    end
+
+    it 'should be nil if not found match entry' do
+      @acl.search_ace(
+        protocol: 'udp',
+        src_ip: '192.168.10.3',
+        src_port: 62_223,
+        dst_ip: '11.0.0.3',
+        dst_port: 33_333
+      ).should be_nil
+    end
+  end
+end
+
+describe NumberedExtAcl do
+  describe '#add_entry' do
+    before do
+      @acl = NumberedExtAcl.new 102
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      ea = ExtendedAce.new(
+        action: 'permit',
+        protocol: 'udp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+      @acl.add_entry ea
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+access-list 102 permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before do
+      @acl = NumberedExtAcl.new 104
+      @acl.add_entry_by_params(
+        action: 'permit',
+        protocol: 'udp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        protocol: 'tcp',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.0'
+        },
+        dst: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255',
+          operator: 'gt',
+          port: AceUdpProtoSpec.new(
+            number: 32_768
+          )
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+access-list 104 permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+access-list 104 deny tcp host 192.168.3.3 192.168.4.0 0.0.0.255 gt 32768
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+access-list 104 permit udp 192.168.3.0 0.0.0.127 192.168.4.0 0.0.0.255
+access-list 104 deny tcp host 192.168.3.3 192.168.4.0 0.0.0.255 gt 32768
+access-list 104 remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+end
+
+describe NamedStdAcl do
+  describe '#add_entry' do
+    before do
+      @acl = NamedStdAcl.new 'test-std-acl'
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      sa = StandardAce.new(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry sa
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl
+ permit 192.168.3.0 0.0.0.127
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before do
+      @acl = NamedStdAcl.new 'test-std-acl2'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl2
+ permit 192.168.3.0 0.0.0.127
+ deny 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl2
+ permit 192.168.3.0 0.0.0.127
+ deny 192.168.4.0 0.0.0.255
+ remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#search_ace' do
+    # for standard ace, it is same as named/numbered ace.
+    # so that, tests only named-standard-ace
+    # and omit numbered-standard-acl
+    before do
+      @acl = NamedStdAcl.new 'test-stdacl3'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '192.168.10.3',
+          wildcard: '0.0.0.0'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '10.0.0.0',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be match 2nd entry' do
+      ace = @acl.search_ace(
+        src_ip: '192.168.10.3',
+        src_port: 64_332
+      )
+      ace.to_s.should be_aclstr('deny host 192.168.10.3')
+    end
+
+    it 'should be last entry' do
+      ace = @acl.search_ace(
+        src_ip: '10.0.0.3',
+        src_port: 33_890
+      )
+      ace.to_s.should be_aclstr('deny 10.0.0.0 0.0.0.255')
+    end
+
+    it 'should be nil if not found match entry' do
+      @acl.search_ace(
+        protocol: 'udp',
+        src_ip: '11.0.0.3',
+        src_port: 33_333
+      ).should be_nil
+    end
+
+  end
+
+end
+
+describe NumberedStdAcl do
+  describe '#add_entry' do
+    before do
+      @acl = NumberedStdAcl.new 10
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      sa = StandardAce.new(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry sa
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+access-list 10 permit 192.168.3.0 0.0.0.127
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before do
+      @acl = NumberedStdAcl.new 14
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+access-list 14 permit 192.168.3.0 0.0.0.127
+access-list 14 deny 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+access-list 14 permit 192.168.3.0 0.0.0.127
+access-list 14 deny 192.168.4.0 0.0.0.255
+access-list 14 remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  context 'list operations' do
+    before do
+      @acl = NumberedStdAcl.new 15
+      @acl.add_entry RemarkAce.new('entry 1')
+      @acl.add_entry RemarkAce.new('entry 2')
+      @acl.add_entry RemarkAce.new('entry 3')
+      @acl.add_entry RemarkAce.new('entry 4')
+    end
+
+    describe '#renumber' do
+      it 'should has seq number by add_entry' do
+        @acl.renumber
+        @acl.reduce(10) do |num, each|
+          each.seq_number.should eq num
+          num + 10
+        end
+      end
+    end
+
+    describe '#sort' do
+      it 'should be sorted by seq number' do
+        @acl.renumber # initialize seq number
+
+        last_ace = @acl.pop
+        last_ace.seq_number = 15
+        @acl.add_entry last_ace
+        acl_new = @acl.dup_with_list(@acl.sort)
+
+        aclstr = <<'EOL'
+access-list 15 remark entry 1
+access-list 15 remark entry 2
+access-list 15 remark entry 3
+access-list 15 remark entry 4
+EOL
+        aclstr_new = <<'EOL'
+access-list 15 remark entry 1
+access-list 15 remark entry 4
+access-list 15 remark entry 2
+access-list 15 remark entry 3
+EOL
+        @acl.name.should eq acl_new.name
+        @acl.acl_type.should eq acl_new.acl_type
+        @acl.to_s.should be_aclstr(aclstr)
+        acl_new.to_s.should be_aclstr(aclstr_new)
+      end
+    end
+  end
+end
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/spec/cisco_acl_intp/cisco_acl_intp_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe CiscoAclIntp do
+  it 'should have a version number' do
+    CiscoAclIntp::VERSION.should_not be_nil
+  end
+end

data/spec/cisco_acl_intp/parser_spec.rb

@@ -0,0 +1,53 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+require 'yaml'
+
+describe 'Parser' do
+  describe '#parse_file' do
+    before do
+      @parser = CiscoAclIntp::Parser.new(color: false)
+    end
+
+    # test data file
+    data_files = [
+      'extended_acl.yml',
+      # 'object_group.yml'
+    ]
+
+    data_files.each do |each_file|
+      tests = YAML.load_file(_spec_conf_dir(each_file))
+      # puts YAML.dump data
+
+      tests.each do |each_test|
+        # filename
+        acl_file_base = [each_test[:symbol], '.acl.yml'].join
+        acl_file = _spec_data_dir(acl_file_base)
+
+        # write acl to file
+        File.open(acl_file, 'w') do |file|
+          file.puts each_test[:acl]
+        end
+
+        if each_test[:correct]
+          it "should be parsed #{acl_file} with no error" do
+            @parser.parse_file(acl_file)
+            @parser.contains_error?.should be_false
+          end
+        else
+          it "should be parsed #{acl_file} with error" do
+            @parser.parse_file(acl_file)
+            @parser.contains_error?.should be_true
+          end
+        end
+      end
+
+    end
+
+  end # parse_file
+end # Parser
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/spec/cisco_acl_intp/scanner_spec.rb

@@ -0,0 +1,122 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+require 'yaml'
+
+describe 'Scanner' do
+  describe '#scan_line' do
+    before do
+      @s = Scanner.new
+    end
+
+    it 'should be parsed correct tokens as 1-line acl' do
+      acl = <<'EOL'
+ip access-list extended FA8-OUT
+    deny   udp any any eq bootpc
+    permit ip any any
+EOL
+      @s.scan_line(acl).should == [
+        [:NAMED_ACL, 'ip access-list'],
+        %w[extended extended],
+        [:STRING, 'FA8-OUT'],
+        [:EOS, nil],
+        %w[deny deny],
+        %w[udp udp],
+        %w[any any],
+        %w[any any],
+        %w[eq eq],
+        %w[bootpc bootpc],
+        [:EOS, nil],
+        %w[permit permit],
+        %w[ip ip],
+        %w[any any],
+        %w[any any],
+        [:EOS, nil],
+        [:EOS, nil], # last, empty line
+        [false, 'EOF']
+     ]
+    end
+
+    tokens = YAML.load_file(_spec_conf_dir('single_tokens.yml'))
+    tokens.each do |each|
+      # run test
+      it "should be parsed single token: #{each}" do
+        @s.scan_line(each).should
+        eq [
+          [each, each],
+          [:EOS, nil],
+          [:EOS, nil],
+          [false, 'EOF']
+        ]
+      end
+    end
+  end # scan_line
+
+  describe '#scan_file' do
+    before do
+      @s = Scanner.new
+    end
+
+    tests = YAML.load_file(_spec_conf_dir('scanner_spec_data.yml'))
+
+    # generate test data (yaml file)
+    tests.each do |each_test|
+      tokens = []
+      lines = each_test[:test_data]
+
+      # filename
+      acl_file_base = [each_test[:test_symbol], '.acl.yml'].join
+      acl_file = _spec_data_dir(acl_file_base)
+
+      # generate access list string data file
+      # (input for scanner)
+      File.open(acl_file, 'w') do |file|
+        lines.each do |each_line|
+          file.puts each_line[:line]
+
+          # make tokens data
+          if each_line[:tokens]
+            each_line[:tokens].each do |each_token|
+              case each_token
+              when Array
+                (symbstr, val) = each_token
+                tokens.push [symbstr.intern, val] # symbolize
+              when String
+                tokens.push [each_token, each_token]
+              end
+            end
+            tokens.push [:EOS, nil] # End of String
+          end
+        end
+        tokens.push [false, 'EOF'] # last token (End of File)
+      end
+
+      # filename
+      token_file_base = [each_test[:test_symbol], '.token.yml'].join
+      token_file = _spec_data_dir(token_file_base)
+
+      # generate access list token data file
+      # (expected output of scanner)
+      File.open(token_file, 'w') do |file|
+        YAML.dump(tokens, file)
+      end
+
+      # run test
+      it "should be parsed #{File.basename(acl_file)} as \
+#{File.basename(token_file)} in tests of \
+#{each_test[:test_description]}" do
+        tokens = YAML.load_file(token_file)
+        File.open(acl_file) do |file|
+          @s.scan_file(file).should eq tokens
+        end
+      end
+    end # tests.each
+
+  end # scan_file
+
+end # describe Scanner
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End: