cisco_acl_intp 0.0.2 → 0.0.3

data/lib/cisco_acl_intp/single_acl_base.rb

@@ -0,0 +1,137 @@
+# -*- coding: utf-8 -*-
+require 'forwardable'
+require 'cisco_acl_intp/extended_ace'
+require 'cisco_acl_intp/acl_utils'
+
+module CiscoAclIntp
+  # Single access-list container base
+  class SingleAclBase < AclContainerBase
+    extend Forwardable
+    include Enumerable
+    include AceSearchUtility
+
+    # @return [String] name ACL name,
+    #   when numbered acl, /\d+/ string
+    attr_reader :name
+    # Some Enumerable included methods returns Array of ACE objects
+    # (e.g. sort),the returned Array was used as ACE object by
+    # overwrite accessor 'list'.
+    # @return [Array<AceBase>] list ACE object Array
+    attr_accessor :list
+    # @return [String, Symbol] acl_type ACL type
+    attr_reader :acl_type
+    # @return [String, Symbol] name_type ACL name type
+    attr_reader :name_type
+
+    def_delegators :@list, :each # for Enumerable
+    def_delegators :@list, :push, :pop, :shift, :unshift
+    def_delegators :@list, :size, :length
+
+    # Increment number of ACL sequence number
+    SEQ_NUM_DIV = 10
+
+    # Constructor
+    # @param [String] name ACL name
+    # @return [SingleAclBase]
+    def initialize(name)
+      @name = name
+      @list = []
+      @seq_number = 0
+
+      @acl_type = nil # :standard or :extended
+      @name_type = nil # :named or :numbered
+    end
+
+    # duplicate ACE list
+    # @param [Array<AceBase>] list List of ACE
+    # @return [SingleAclBase]
+    def dup_with_list(list)
+      acl = dup
+      acl.list = list.dup
+      acl
+    end
+
+    # Add ACE to ACL (push with sequence number)
+    # @param [AceBase] ace ACE object
+    def add_entry(ace)
+      # 'ace' is AceBase Object
+      # it will be ExtendedAce/StandardAce/RemarkAce/EvaluateAce
+      ace.seq_number? ||
+        ace.seq_number = (@list.length + 1) * SEQ_NUM_DIV
+      @list.push ace
+    end
+
+    # Renumber ACL by list sequence
+    def renumber
+      # re-numbering seq_number of each entry
+      @list.reduce(SEQ_NUM_DIV) do |number, each|
+        each.seq_number = number
+        number + SEQ_NUM_DIV
+      end
+    end
+
+    # Check equality
+    # @return [Boolean]
+    def ==(other)
+      if @acl_type &&
+          @name_type &&
+          @acl_type == other.acl_type &&
+          @name_type == other.name_type
+        @list == other.list
+      end
+    end
+
+    # Find lists of ACEs that contains flow by options
+    # @param [Hash] opts Options (target packet info)
+    #   options are same as #find_aces_with
+    # @see #find_aces_with
+    # @return [Array<AceBase>] List of ACEs or nil(not found)
+    def find_aces_contains(opts)
+      find_aces_with(opts) { |ace, target_ace| ace.contains?(target_ace) }
+    end
+
+    # Find lists of ACEs that is contained flow by options
+    # @param [Hash] opts Options (target packet info)
+    #   options are same as #find_aces_with
+    # @see #find_aces_with
+    # @return [Array<AceBase>] List of ACEs or nil(not found)
+    def find_aces_contained(opts)
+      find_aces_with(opts) { |ace, target_ace| target_ace.contains?(ace) }
+    end
+
+    # Find lists of ACEs
+    # @note In Standard ACL, only src_ip option is used and another
+    #   conditions are ignored (if specified).
+    # @param [Hash] opts Options (target flow info),
+    # @option opts [Integer,String] protocol L3 protocol No./Name
+    # @option opts [String] src_ip Source IP Address
+    # @option opts [String] src_operator Source port operator.
+    # @option opts [Integer,String] src_begin_port Source Port No./Name
+    # @option opts [Integer,String] src_end_port Source Port No./Name
+    # @option opts [String] dst_ip Destination IP Address
+    # @option opts [Integer,String] dst_begin_port Destination Port No./Name
+    # @option opts [Integer,String] dst_end_port Destination Port No./Name
+    # @yield Find lists of ACEs
+    # @yieldparam [ExtendedAce] ace ACE
+    # @yieldparam [ExtendedAce] target_ace Target ACE
+    # @yieldreturn [Boolean] Condition to find
+    # @return [Array<AceBase>] List of ACEs or nil(not found)
+    def find_aces_with(opts)
+      target_ace = target_ace(opts)
+      @list.find { |ace| yield(ace, target_ace) }
+    end
+
+    # acl string clean-up (override)
+    # @param [String] str ACL string.
+    # @return [String]
+    def clean_acl_string(str)
+      str =~ /remark/ ? str : super
+    end
+  end
+end # module
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/lib/cisco_acl_intp/standard_ace.rb

@@ -0,0 +1,105 @@
+# -*- coding: utf-8 -*-
+require 'cisco_acl_intp/ace'
+
+module CiscoAclIntp
+  # ACE for standard access list
+  class StandardAce < AceBase
+    # @param [String] value Action
+    # @return [String]
+    attr_accessor :action
+
+    # @param [AceSrcDstSpec] value Source spec object
+    # @return [AceSrcDstSpec]
+    attr_accessor :src_spec
+
+    # @param [AceLogSpec] value Log spec object
+    # @return [AceLogSpec]
+    attr_accessor :log_spec
+
+    # Constructor
+    # @param [Hash] opts Options
+    # @option opts [Integer] :number Sequence number
+    # @option opts [String] :action Action (permit/deny)
+    # @option opts [AceSrcDstSpec] :src Source spec object
+    # @option opts [Hash] :src Source spec parmeters
+    # @option opts [AceLogSpec] :log Log spec object
+    # @return [StandardAce]
+    # @raise [AclArgumentError]
+    def initialize(opts)
+      super
+      @options = opts
+      @action = define_action
+      @src_spec = define_src_spec
+      @log_spec = define_log_spec
+    end
+
+    # @return [Boolean]
+    def ==(other)
+      @action == other.action && @src_spec == other.src_spec
+    end
+
+    # Generate string for Cisco IOS access list
+    # @return [String]
+    def to_s
+      format(
+        '%s %s %s',
+        tag_action(@action.to_s),
+        @src_spec,
+        tag_other_qualifier(@log_spec ? @log_spec : '')
+      )
+    end
+
+    # Search matched ACE
+    # @param [StandardAce] other Target ACE
+    # @return [Boolean] Matched or not
+    def contains?(other)
+      other.kind_of?(StandardAce) &&
+        @src_spec.contains?(other.src_spec)
+    end
+
+    private
+
+    # Set instance variables
+    # @return [String] Action string
+    # @raise [AclArgumentError]
+    def define_action
+      if @options.key?(:action)
+        @options[:action]
+      else
+        fail AclArgumentError, 'Not specified action'
+      end
+    end
+
+    # Set instance variables
+    # @return [AceSrcDstSpec] Source spec object
+    # @raise [AclArgumentError]
+    def define_src_spec
+      if @options.key?(:src)
+        src = @options[:src]
+        case src
+        when Hash
+          AceSrcDstSpec.new(src)
+        when AceSrcDstSpec
+          src
+        else
+          fail AclArgumentError, 'src spec: unknown class'
+        end
+      else
+        fail AclArgumentError, 'Not specified src spec'
+      end
+    end
+
+    # Set instance variables
+    # @return [String] Log spec object
+    # @raise [AclArgumentError]
+    def define_log_spec
+      @options[:log] || nil
+    end
+  end
+end # module
+
+### Local variables:
+### mode: Ruby
+### coding: utf-8-unix
+### indent-tabs-mode: nil
+### End:

data/lib/cisco_acl_intp/version.rb

@@ -3,7 +3,7 @@
 # CiscoAclIntp Module, version definition
 module CiscoAclIntp
   # Version number
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end
 
 ### Local variables:

data/spec/cisco_acl_intp/ace_ip_spec.rb

@@ -2,6 +2,64 @@
 require 'spec_helper'
 
 describe AceIpSpec do
+  describe '#==' do
+    before(:all) do
+      @ip = AceIpSpec.new(
+        ipaddr: '192.168.15.15',
+        wildcard: '0.0.3.255'
+      )
+      @ip1 = AceIpSpec.new(
+        ipaddr: '192.168.15.15',
+        wildcard: '0.0.3.255'
+      )
+      @ip2 = AceIpSpec.new(
+        ipaddr: '192.168.15.15',
+        netmask: 22
+      )
+      @ip3 = AceIpSpec.new(
+        ipaddr: '192.168.15.13',
+        netmask: 22
+      )
+      @ip4 = AceIpSpec.new(
+        ipaddr: '192.168.15.0',
+        wildcard: '0.0.3.255'
+      )
+      @ip5 = AceIpSpec.new(
+        ipaddr: '192.168.15.15',
+        wildcard: '0.0.1.255'
+      )
+    end
+
+    it 'should be true same ip and same wildcard' do
+      (@ip == @ip1).should be_true
+    end
+
+    it 'should be true same ip and same wildcard/netmask' do
+      (@ip1 == @ip2).should be_true
+    end
+
+    it 'should be false different ip and same netmask' do
+      (@ip2 == @ip3).should be_false
+    end
+
+    it 'should be false different ip and same wildcard' do
+      (@ip1 == @ip4).should be_false
+    end
+
+    it 'should be false same ip and different wildcard' do
+      (@ip1 == @ip5).should be_false
+    end
+
+    it 'should be true ANY object' do
+      ip1 = AceIpSpec.new(ipaddr: 'any')
+      ip2 = AceIpSpec.new(ipaddr: '0.0.0.0', wildcard: '255.255.255.255')
+      ip3 = AceIpSpec.new(ipaddr: '0.0.0.0', netmask: 0)
+      (ip1 == ip2).should be_true
+      (ip2 == ip3).should be_true
+      (ip3 == ip1).should be_true
+    end
+  end
+
   describe '#netmask, #wildcard' do
     it 'should be converted wildcard/netmask' do
       ip = AceIpSpec.new(
@@ -56,6 +114,11 @@ describe AceIpSpec do
       ip.to_s.should be_aclstr('192.168.8.9 0.0.7.6')
     end
 
+    it 'should be "any" with any alias' do
+      ip = AceIpSpec.new(ipaddr: 'any')
+      ip.to_s.should be_aclstr('any')
+    end
+
     it 'should be "any"' do
       ip = AceIpSpec.new(
         ipaddr: '0.0.0.0',

data/spec/cisco_acl_intp/ace_other_qualifier_spec.rb

@@ -2,6 +2,22 @@
 require 'spec_helper'
 
 describe AceLogSpec do
+  describe '#==' do
+    before(:all) do
+      @log1 = AceLogSpec.new
+      @log2 = AceLogSpec.new('hoge')
+      @log3 = AceLogSpec.new('hoge')
+    end
+
+    it 'should be true when same cookie' do
+      (@log2 == @log3).should be_true
+    end
+
+    it 'should be false when different cookie' do
+      (@log2 == @log1).should be_false
+    end
+  end
+
   describe '#to_s' do
     it 'should be log without cookie' do
       log = AceLogSpec.new
@@ -26,6 +42,22 @@ describe AceLogSpec do
 end
 
 describe AceRecursiveQualifier do
+  describe '#==' do
+    before(:all) do
+      @rcsv1 = AceLogSpec.new
+      @rcsv2 = AceLogSpec.new('hoge')
+      @rcsv3 = AceLogSpec.new('hoge')
+    end
+
+    it 'should be true when same recursive-name' do
+      (@rcsv2 == @rcsv3).should be_true
+    end
+
+    it 'should be false when different recursive-name' do
+      (@rcsv2 == @rcsv1).should be_false
+    end
+  end
+
   describe '#to_s' do
     it 'should be reflect spec string' do
       rcsv = AceRecursiveQualifier.new('established')
@@ -42,7 +74,7 @@ end
 
 describe AceOtherQualifierList do
   describe '#to_s' do
-    before do
+    before(:all) do
       @oq1 = AceLogSpec.new
       @oq2 = AceRecursiveQualifier.new('iptraffic')
       @list = AceOtherQualifierList.new
@@ -60,4 +92,23 @@ describe AceOtherQualifierList do
       @list.to_s.should be_aclstr('log reflect iptraffic')
     end
   end
+
+  describe '#==' do
+    before(:all) do
+      log1 = AceLogSpec.new
+      log2 = AceLogSpec.new('hoge')
+      rcsv1 = AceRecursiveQualifier.new('iptraffic')
+      @list1 = AceOtherQualifierList.new([log1, rcsv1])
+      @list2 = AceOtherQualifierList.new([rcsv1, log1])
+      @list3 = AceOtherQualifierList.new([log2, rcsv1])
+    end
+
+    it 'should be true when same other qualifier elements' do
+      (@list1 == @list2).should be_true
+    end
+
+    it 'should be false when different other qualifier elements' do
+      (@list1 == @list3).should be_false
+    end
+  end
 end