cisco_acl_intp 0.0.2 → 0.0.3

data/spec/cisco_acl_intp/scanner_spec.rb

@@ -4,7 +4,7 @@ require 'yaml'
 
 describe 'Scanner' do
   describe '#scan_line' do
-    before do
+    before(:all) do
       @s = Scanner.new
     end
 
@@ -16,20 +16,20 @@ ip access-list extended FA8-OUT
 EOL
       @s.scan_line(acl).should == [
         [:NAMED_ACL, 'ip access-list'],
-        %w[extended extended],
+        %w(extended extended),
         [:STRING, 'FA8-OUT'],
         [:EOS, nil],
-        %w[deny deny],
-        %w[udp udp],
-        %w[any any],
-        %w[any any],
-        %w[eq eq],
-        %w[bootpc bootpc],
+        %w(deny deny),
+        %w(udp udp),
+        %w(any any),
+        %w(any any),
+        %w(eq eq),
+        %w(bootpc bootpc),
         [:EOS, nil],
-        %w[permit permit],
-        %w[ip ip],
-        %w[any any],
-        %w[any any],
+        %w(permit permit),
+        %w(ip ip),
+        %w(any any),
+        %w(any any),
         [:EOS, nil],
         [false, 'EOF']
      ]
@@ -48,6 +48,7 @@ EOL
         ]
       end
     end
+
   end # scan_line
 
   describe '#scan_file' do

data/spec/cisco_acl_intp/standard_ace_spec.rb

@@ -0,0 +1,77 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+
+describe StandardAce do
+  describe '#to_s' do
+    context 'Normal case' do
+
+      it 'should be permit action and set ip/wildcard' do
+        sa = StandardAce.new(
+          action: 'permit',
+          src: { ipaddr: '192.168.15.15', wildcard: '0.0.7.6' }
+        )
+        sa.to_s.should be_aclstr('permit 192.168.8.9 0.0.7.6')
+      end
+
+      it 'should be deny action and set ip/wildcard' do
+        sa = StandardAce.new(
+          action: 'deny',
+          src: { ipaddr: '192.168.15.15', wildcard: '0.0.0.127' }
+        )
+        sa.to_s.should be_aclstr('deny 192.168.15.0 0.0.0.127')
+      end
+
+      it 'should be able set with AceSrcDstSpec object' do
+        asds = AceSrcDstSpec.new(
+          ipaddr: '192.168.3.144', wildcard: '0.0.0.127'
+        )
+        sa = StandardAce.new(action: 'permit', src: asds)
+        sa.to_s.should be_aclstr('permit 192.168.3.128 0.0.0.127')
+      end
+
+    end
+
+    context 'Argument error case' do
+
+      it 'should be rased exception when :action not specified' do
+        lambda do
+          StandardAce.new(
+            src: { ipaddr: '192.168.3.3', wildcard: '0.0.0.127' }
+          )
+        end.should raise_error(AclArgumentError)
+      end
+
+    end
+  end
+
+  describe '#contains?' do
+    before do
+      @sa = StandardAce.new(
+        action: 'permit',
+        src: { ipaddr: '192.168.15.15', wildcard: '0.0.7.6' }
+      )
+      @ip_match = StandardAce.new(
+        action: 'permit',
+        src: { ipaddr: '192.168.9.11', netmask: 32 }
+      )
+      @ip_unmatch = StandardAce.new(
+        action: 'permit',
+        src: { ipaddr: '192.168.9.12', netmask: 32 }
+      )
+    end
+
+    it 'shoud be true with match ip addr' do
+      @sa.contains?(@ip_match).should be_true
+    end
+
+    it 'should be false with unmatch ip addr' do
+      @sa.contains?(@ip_unmatch).should be_false
+    end
+  end
+end
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/spec/cisco_acl_intp/standard_acl_spec.rb

@@ -0,0 +1,245 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+
+describe NamedStdAcl do
+  describe '#add_entry' do
+    before(:all) do
+      @acl = NamedStdAcl.new 'test-std-acl'
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      sa = StandardAce.new(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry sa
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl
+ permit 192.168.3.0 0.0.0.127
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before(:all) do
+      @acl = NamedStdAcl.new 'test-std-acl2'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl2
+ permit 192.168.3.0 0.0.0.127
+ deny 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+ip access-list standard test-std-acl2
+ permit 192.168.3.0 0.0.0.127
+ deny 192.168.4.0 0.0.0.255
+ remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#find_aces_contains' do
+    # for standard ace, it is same as named/numbered ace.
+    # so that, tests only named-standard-ace
+    # and omit numbered-standard-acl
+    before(:all) do
+      @acl = NamedStdAcl.new 'test-stdacl3'
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: { ipaddr: '192.168.3.3', wildcard: '0.0.0.127' }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: { ipaddr: '192.168.10.3', wildcard: '0.0.0.0' }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: { ipaddr: '10.0.0.0', wildcard: '0.0.0.255' }
+      )
+    end
+
+    it 'should be match 2nd entry' do
+      ace = @acl.find_aces_contains(
+        protocol: 'tcp',
+        src_operator: :eq, src_ip: '192.168.10.3', src_port: 64_332
+      )
+      ace.to_s.should be_aclstr('deny host 192.168.10.3')
+    end
+
+    it 'should be last entry' do
+      ace = @acl.find_aces_contains(
+        protocol: 'tcp',
+        src_operator: :eq, src_ip: '10.0.0.3', src_port: 33_890
+      )
+      ace.to_s.should be_aclstr('deny 10.0.0.0 0.0.0.255')
+    end
+
+    it 'should be nil if not found match entry' do
+      @acl.find_aces_contains(
+        protocol: 'udp',
+        src_operator: :eq, src_ip: '11.0.0.3', src_port: 33_333
+      ).should be_nil
+    end
+  end
+end
+
+describe NumberedStdAcl do
+  describe '#add_entry' do
+    before(:all) do
+      @acl = NumberedStdAcl.new 10
+    end
+
+    it 'should be zero when initialized' do
+      @acl.size.should be_zero
+    end
+
+    it 'should be size 1 and matches aclstr when added a acl entry' do
+      sa = StandardAce.new(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry sa
+      @acl.size.should eq 1
+      aclstr = <<'EOL'
+access-list 10 permit 192.168.3.0 0.0.0.127
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  describe '#add_entry_by_params' do
+    before do
+      @acl = NumberedStdAcl.new 14
+      @acl.add_entry_by_params(
+        action: 'permit',
+        src: {
+          ipaddr: '192.168.3.3',
+          wildcard: '0.0.0.127'
+        }
+      )
+      @acl.add_entry_by_params(
+        action: 'deny',
+        src: {
+          ipaddr: '192.168.4.4',
+          wildcard: '0.0.0.255'
+        }
+      )
+    end
+
+    it 'should be size 2' do
+      @acl.size.should eq 2
+    end
+
+    it 'mutches aclstr' do
+      aclstr = <<'EOL'
+access-list 14 permit 192.168.3.0 0.0.0.127
+access-list 14 deny 192.168.4.0 0.0.0.255
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+
+    it 'mutches aclstr with remark' do
+      rmk = RemarkAce.new ' this is remark!!'
+      @acl.add_entry rmk
+      aclstr = <<'EOL'
+access-list 14 permit 192.168.3.0 0.0.0.127
+access-list 14 deny 192.168.4.0 0.0.0.255
+access-list 14 remark this is remark!!
+EOL
+      @acl.to_s.should be_aclstr(aclstr)
+    end
+  end
+
+  context 'list operations' do
+    before do
+      @acl = NumberedStdAcl.new 15
+      @acl.add_entry RemarkAce.new('entry 1')
+      @acl.add_entry RemarkAce.new('entry 2')
+      @acl.add_entry RemarkAce.new('entry 3')
+      @acl.add_entry RemarkAce.new('entry 4')
+    end
+
+    describe '#renumber' do
+      it 'should has seq number by add_entry' do
+        @acl.renumber
+        @acl.reduce(10) do |num, each|
+          each.seq_number.should eq num
+          num + 10
+        end
+      end
+    end
+
+    describe '#sort' do
+      it 'should be sorted by seq number' do
+        @acl.renumber # initialize seq number
+
+        last_ace = @acl.pop
+        last_ace.seq_number = 15
+        @acl.add_entry last_ace
+        acl_new = @acl.dup_with_list(@acl.sort)
+
+        aclstr = <<'EOL'
+access-list 15 remark entry 1
+access-list 15 remark entry 2
+access-list 15 remark entry 3
+access-list 15 remark entry 4
+EOL
+        aclstr_new = <<'EOL'
+access-list 15 remark entry 1
+access-list 15 remark entry 4
+access-list 15 remark entry 2
+access-list 15 remark entry 3
+EOL
+        @acl.name.should eq acl_new.name
+        @acl.acl_type.should eq acl_new.acl_type
+        @acl.to_s.should be_aclstr(aclstr)
+        acl_new.to_s.should be_aclstr(aclstr_new)
+      end
+    end
+  end
+end
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/spec/conf/scanner_spec_data.yml

@@ -1,3 +1,13 @@
+- :test_description: "numbered std acl header"
+  :test_symbol: numbered_std_acl
+  :test_data:
+  - :line: "access-list 13 permit icmp host 192.168.3.3"
+    :tokens:
+      - [ NUMD_STD_ACL, 13 ]
+      - permit
+      - icmp
+      - host
+      - [ IPV4_ADDR, 192.168.3.3 ]
 - :test_description: "named std acl header"
   :test_symbol: named_std_acl
   :test_data:
@@ -22,6 +32,13 @@
 - :test_description: "named ext acl header"
   :test_symbol: named_ext_acl
   :test_data:
+  - :line: "access-list 133 permit tcp any any"
+    :tokens:
+      - [ NUMD_EXT_ACL, 133 ]
+      - permit
+      - tcp
+      - any
+      - any
   - :line: "ip access-list extended GI0-IN"
     :tokens:
       - [ NAMED_ACL, "ip access-list" ] # acl header
@@ -118,3 +135,18 @@
     :tokens:
       - group-object
       - [ STRING, nested-obj-name ]
+- :test_description: "unknown tokens"
+  :test_symbol: unknown_acl
+  :test_data:
+  - :line: "access-list 99999999 permit icmp host 192.168.3.3"
+    :tokens:
+      - [ UNKNOWN, 'access-list 99999999' ]
+      - permit
+      - icmp
+      - host
+      - [ IPV4_ADDR, 192.168.3.3 ]
+  - :line: "access-list 55 _pmit icmp host 192.168.3.3"
+    :tokens:
+      - [ NUMD_STD_ACL, 55 ]
+      - [ UNKNOWN, "_pmit icmp host 192.168.3.3" ]
+

data/spec/spec_helper.rb

@@ -33,9 +33,9 @@ def _pph(hash)
   hash.each do | k, v |
     case v
     when String
-      kv.push %Q{:#{k.to_s}=>"#{v.to_s}"}
+      kv.push %Q(:#{k}=>"#{v}")
     else
-      kv.push %Q{:#{k.to_s}=>#{v.to_s}}
+      kv.push %Q(:#{k}=>#{v})
     end
   end
   kv.join(',')

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cisco_acl_intp
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - stereocat
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-02-11 00:00:00.000000000 Z
+date: 2014-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: netaddr
@@ -79,29 +79,41 @@ files:
 - lib/cisco_acl_intp/ace_ip.rb
 - lib/cisco_acl_intp/ace_other_qualifiers.rb
 - lib/cisco_acl_intp/ace_port.rb
+- lib/cisco_acl_intp/ace_port_opr.rb
+- lib/cisco_acl_intp/ace_port_opr_base.rb
 - lib/cisco_acl_intp/ace_proto.rb
+- lib/cisco_acl_intp/ace_proto_base.rb
 - lib/cisco_acl_intp/ace_srcdst.rb
 - lib/cisco_acl_intp/ace_tcp_flags.rb
 - lib/cisco_acl_intp/acl.rb
 - lib/cisco_acl_intp/acl_base.rb
+- lib/cisco_acl_intp/acl_utils.rb
+- lib/cisco_acl_intp/extended_ace.rb
+- lib/cisco_acl_intp/mono_function_acl.rb
 - lib/cisco_acl_intp/parser.rb
 - lib/cisco_acl_intp/parser.ry
 - lib/cisco_acl_intp/parser_api.rb
 - lib/cisco_acl_intp/scanner.rb
 - lib/cisco_acl_intp/scanner_special_token_handler.rb
+- lib/cisco_acl_intp/single_acl_base.rb
+- lib/cisco_acl_intp/standard_ace.rb
 - lib/cisco_acl_intp/version.rb
 - spec/cisco_acl_intp/ace_ip_spec.rb
 - spec/cisco_acl_intp/ace_other_qualifier_spec.rb
+- spec/cisco_acl_intp/ace_port_operator_spec.rb
 - spec/cisco_acl_intp/ace_port_spec.rb
 - spec/cisco_acl_intp/ace_proto_spec.rb
 - spec/cisco_acl_intp/ace_spec.rb
 - spec/cisco_acl_intp/ace_srcdst_spec.rb
 - spec/cisco_acl_intp/ace_tcp_flags_spec.rb
 - spec/cisco_acl_intp/acl_base_spec.rb
-- spec/cisco_acl_intp/acl_spec.rb
 - spec/cisco_acl_intp/cisco_acl_intp_spec.rb
+- spec/cisco_acl_intp/extended_ace_spec.rb
+- spec/cisco_acl_intp/extended_acl_spec.rb
 - spec/cisco_acl_intp/parser_spec.rb
 - spec/cisco_acl_intp/scanner_spec.rb
+- spec/cisco_acl_intp/standard_ace_spec.rb
+- spec/cisco_acl_intp/standard_acl_spec.rb
 - spec/conf/extacl_objgrp_token_seq.yml
 - spec/conf/extacl_token_seq.yml
 - spec/conf/extended_acl.yml
@@ -140,16 +152,20 @@ summary: Cisco IOS Access Control List Interpreter
 test_files:
 - spec/cisco_acl_intp/ace_ip_spec.rb
 - spec/cisco_acl_intp/ace_other_qualifier_spec.rb
+- spec/cisco_acl_intp/ace_port_operator_spec.rb
 - spec/cisco_acl_intp/ace_port_spec.rb
 - spec/cisco_acl_intp/ace_proto_spec.rb
 - spec/cisco_acl_intp/ace_spec.rb
 - spec/cisco_acl_intp/ace_srcdst_spec.rb
 - spec/cisco_acl_intp/ace_tcp_flags_spec.rb
 - spec/cisco_acl_intp/acl_base_spec.rb
-- spec/cisco_acl_intp/acl_spec.rb
 - spec/cisco_acl_intp/cisco_acl_intp_spec.rb
+- spec/cisco_acl_intp/extended_ace_spec.rb
+- spec/cisco_acl_intp/extended_acl_spec.rb
 - spec/cisco_acl_intp/parser_spec.rb
 - spec/cisco_acl_intp/scanner_spec.rb
+- spec/cisco_acl_intp/standard_ace_spec.rb
+- spec/cisco_acl_intp/standard_acl_spec.rb
 - spec/conf/extacl_objgrp_token_seq.yml
 - spec/conf/extacl_token_seq.yml
 - spec/conf/extended_acl.yml