cisco_acl_intp 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (54) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -0
  3. data/.rubocop.yml +2 -2
  4. data/.travis.yml +4 -2
  5. data/Gemfile +7 -6
  6. data/README.md +23 -18
  7. data/Rakefile +11 -13
  8. data/cisco_acl_intp.gemspec +7 -7
  9. data/lib/cisco_acl_intp/acc.rb +111 -0
  10. data/lib/cisco_acl_intp/{ace.rb → ace_base.rb} +9 -8
  11. data/lib/cisco_acl_intp/{extended_ace.rb → ace_extended.rb} +8 -10
  12. data/lib/cisco_acl_intp/{standard_ace.rb → ace_standard.rb} +5 -5
  13. data/lib/cisco_acl_intp/acespec_base.rb +15 -0
  14. data/lib/cisco_acl_intp/{ace_ip.rb → acespec_ip.rb} +14 -22
  15. data/lib/cisco_acl_intp/{ace_other_qualifiers.rb → acespec_other_qualifiers.rb} +7 -7
  16. data/lib/cisco_acl_intp/{ace_port.rb → acespec_port.rb} +10 -13
  17. data/lib/cisco_acl_intp/{ace_port_opr.rb → acespec_port_opr.rb} +75 -73
  18. data/lib/cisco_acl_intp/{ace_port_opr_base.rb → acespec_port_opr_base.rb} +49 -34
  19. data/lib/cisco_acl_intp/{ace_proto.rb → acespec_proto.rb} +4 -4
  20. data/lib/cisco_acl_intp/{ace_proto_base.rb → acespec_proto_base.rb} +8 -8
  21. data/lib/cisco_acl_intp/{ace_srcdst.rb → acespec_srcdst.rb} +9 -8
  22. data/lib/cisco_acl_intp/{ace_tcp_flags.rb → acespec_tcp_flags.rb} +4 -4
  23. data/lib/cisco_acl_intp/acl.rb +1 -1
  24. data/lib/cisco_acl_intp/acl_base.rb +108 -80
  25. data/lib/cisco_acl_intp/{mono_function_acl.rb → acl_category_base.rb} +5 -5
  26. data/lib/cisco_acl_intp/acl_utils.rb +1 -1
  27. data/lib/cisco_acl_intp/parser.rb +388 -406
  28. data/lib/cisco_acl_intp/parser.ry +8 -3
  29. data/lib/cisco_acl_intp/parser_api.rb +4 -4
  30. data/lib/cisco_acl_intp/scanner.rb +8 -10
  31. data/lib/cisco_acl_intp/scanner_special_token_handler.rb +3 -3
  32. data/lib/cisco_acl_intp/version.rb +1 -1
  33. data/spec/cisco_acl_intp/{extended_ace_spec.rb → ace_extended_spec.rb} +157 -128
  34. data/spec/cisco_acl_intp/ace_spec.rb +21 -19
  35. data/spec/cisco_acl_intp/{standard_ace_spec.rb → ace_standard_spec.rb} +7 -11
  36. data/spec/cisco_acl_intp/{ace_ip_spec.rb → acespec_ip_spec.rb} +34 -34
  37. data/spec/cisco_acl_intp/{ace_other_qualifier_spec.rb → acespec_other_qualifier_spec.rb} +18 -18
  38. data/spec/cisco_acl_intp/acespec_port_operator_spec.rb +331 -0
  39. data/spec/cisco_acl_intp/{ace_port_spec.rb → acespec_port_spec.rb} +33 -33
  40. data/spec/cisco_acl_intp/{ace_proto_spec.rb → acespec_proto_spec.rb} +61 -61
  41. data/spec/cisco_acl_intp/{ace_srcdst_spec.rb → acespec_srcdst_spec.rb} +113 -54
  42. data/spec/cisco_acl_intp/{ace_tcp_flags_spec.rb → acespec_tcp_flags_spec.rb} +10 -10
  43. data/spec/cisco_acl_intp/acl_base_spec.rb +14 -12
  44. data/spec/cisco_acl_intp/{extended_acl_spec.rb → acl_extended_spec.rb} +28 -28
  45. data/spec/cisco_acl_intp/{standard_acl_spec.rb → acl_standard_spec.rb} +24 -23
  46. data/spec/cisco_acl_intp/cisco_acl_intp_spec.rb +1 -1
  47. data/spec/cisco_acl_intp/parser_spec.rb +12 -12
  48. data/spec/cisco_acl_intp/scanner_spec.rb +31 -36
  49. data/spec/parser_fullfill_patterns.rb +6 -7
  50. data/spec/spec_helper.rb +6 -6
  51. data/tools/check_acl.rb +1 -1
  52. metadata +60 -59
  53. data/lib/cisco_acl_intp/single_acl_base.rb +0 -137
  54. data/spec/cisco_acl_intp/ace_port_operator_spec.rb +0 -340
data/spec/cisco_acl_intp/ace_spec.rb CHANGED
@@ -5,7 +5,7 @@ describe RemarkAce do
5
5
  describe '#to_s' do
6
6
  it 'should be remark string' do
7
7
  rmk = RemarkAce.new(' foo-bar _ baz @@ COMMENT')
8
- rmk.to_s.should eq 'remark foo-bar _ baz @@ COMMENT'
8
+ expect(rmk.to_s).to eq 'remark foo-bar _ baz @@ COMMENT'
9
9
  end
10
10
  end
11
11
 
@@ -17,23 +17,24 @@ describe RemarkAce do
17
17
  end
18
18
 
19
19
  it 'should be true when same comment' do
20
- (@rmk1 == @rmk2).should be_true
20
+ expect(@rmk1 == @rmk2).to be_truthy
21
21
  end
22
22
 
23
23
  it 'should be false when different comment' do
24
- (@rmk1 == @rmk3).should be_false
24
+ expect(@rmk1 == @rmk3).to be_falsey
25
25
  end
26
26
  end
27
27
 
28
28
  describe '#contains?' do
29
29
  it 'should be always false' do
30
30
  rmk = RemarkAce.new('asdfjklj;')
31
- rmk.contains?(
32
- src_ip: '192.168.4.4',
33
- dst_ip: '172.30.240.33'
34
- ).should be_false
31
+ expect(
32
+ rmk.contains?(
33
+ src_ip: '192.168.4.4',
34
+ dst_ip: '172.30.240.33'
35
+ )).to be_falsey
35
36
  # with empty argments
36
- rmk.contains?.should be_false
37
+ expect(rmk.contains?).to be_falsey
37
38
  end
38
39
  end
39
40
  end
@@ -44,15 +45,15 @@ describe EvaluateAce do
44
45
  evl = EvaluateAce.new(
45
46
  recursive_name: 'foobar_baz'
46
47
  )
47
- evl.to_s.should be_aclstr('evaluate foobar_baz')
48
+ expect(evl.to_s).to be_aclstr('evaluate foobar_baz')
48
49
  end
49
50
 
50
51
  it 'raise error if not specified recursive name' do
51
- lambda do
52
+ expect do
52
53
  EvaluateAce.new(
53
54
  number: 30
54
55
  )
55
- end.should raise_error(AclArgumentError)
56
+ end.to raise_error(AclArgumentError)
56
57
  end
57
58
  end
58
59
 
@@ -64,27 +65,28 @@ describe EvaluateAce do
64
65
  end
65
66
 
66
67
  it 'should be true when same evaluate name' do
67
- (@evl1 == @evl2).should be_true
68
+ expect(@evl1 == @evl2).to be_truthy
68
69
  end
69
70
 
70
71
  it 'should be false when different evaluate name' do
71
- (@evl1 == @evl3).should be_false
72
+ expect(@evl1 == @evl3).to be_falsey
72
73
  end
73
74
  end
74
75
 
75
76
  describe '#contains?' do
76
77
  it 'should be false' do
77
- pending('match by evaluate is not implemented yet')
78
+ skip('match by evaluate is not implemented yet')
78
79
 
79
80
  evl = EvaluateAce.new(
80
81
  recursive_name: 'asdf_0-98'
81
82
  )
82
- evl.contains?(
83
- src_ip: '192.168.4.4',
84
- dst_ip: '172.30.240.33'
85
- ).should be_false
83
+ expect(
84
+ evl.contains?(
85
+ src_ip: '192.168.4.4',
86
+ dst_ip: '172.30.240.33'
87
+ )).to be_falsey
86
88
  # with empty argments
87
- evl.contains?.should be_false
89
+ expect(evl.contains?).to be_falsey
88
90
  end
89
91
  end
90
92
  end
data/spec/cisco_acl_intp/{standard_ace_spec.rb → ace_standard_spec.rb} RENAMED
@@ -4,13 +4,12 @@ require 'spec_helper'
4
4
  describe StandardAce do
5
5
  describe '#to_s' do
6
6
  context 'Normal case' do
7
-
8
7
  it 'should be permit action and set ip/wildcard' do
9
8
  sa = StandardAce.new(
10
9
  action: 'permit',
11
10
  src: { ipaddr: '192.168.15.15', wildcard: '0.0.7.6' }
12
11
  )
13
- sa.to_s.should be_aclstr('permit 192.168.8.9 0.0.7.6')
12
+ expect(sa.to_s).to be_aclstr('permit 192.168.8.9 0.0.7.6')
14
13
  end
15
14
 
16
15
  it 'should be deny action and set ip/wildcard' do
@@ -18,7 +17,7 @@ describe StandardAce do
18
17
  action: 'deny',
19
18
  src: { ipaddr: '192.168.15.15', wildcard: '0.0.0.127' }
20
19
  )
21
- sa.to_s.should be_aclstr('deny 192.168.15.0 0.0.0.127')
20
+ expect(sa.to_s).to be_aclstr('deny 192.168.15.0 0.0.0.127')
22
21
  end
23
22
 
24
23
  it 'should be able set with AceSrcDstSpec object' do
@@ -26,21 +25,18 @@ describe StandardAce do
26
25
  ipaddr: '192.168.3.144', wildcard: '0.0.0.127'
27
26
  )
28
27
  sa = StandardAce.new(action: 'permit', src: asds)
29
- sa.to_s.should be_aclstr('permit 192.168.3.128 0.0.0.127')
28
+ expect(sa.to_s).to be_aclstr('permit 192.168.3.128 0.0.0.127')
30
29
  end
31
-
32
30
  end
33
31
 
34
32
  context 'Argument error case' do
35
-
36
33
  it 'should be rased exception when :action not specified' do
37
- lambda do
34
+ expect do
38
35
  StandardAce.new(
39
36
  src: { ipaddr: '192.168.3.3', wildcard: '0.0.0.127' }
40
37
  )
41
- end.should raise_error(AclArgumentError)
38
+ end.to raise_error(AclArgumentError)
42
39
  end
43
-
44
40
  end
45
41
  end
46
42
 
@@ -61,11 +57,11 @@ describe StandardAce do
61
57
  end
62
58
 
63
59
  it 'shoud be true with match ip addr' do
64
- @sa.contains?(@ip_match).should be_true
60
+ expect(@sa.contains?(@ip_match)).to be_truthy
65
61
  end
66
62
 
67
63
  it 'should be false with unmatch ip addr' do
68
- @sa.contains?(@ip_unmatch).should be_false
64
+ expect(@sa.contains?(@ip_unmatch)).to be_falsey
69
65
  end
70
66
  end
71
67
  end
data/spec/cisco_acl_intp/{ace_ip_spec.rb → acespec_ip_spec.rb} RENAMED
@@ -31,32 +31,32 @@ describe AceIpSpec do
31
31
  end
32
32
 
33
33
  it 'should be true same ip and same wildcard' do
34
- (@ip == @ip1).should be_true
34
+ expect(@ip == @ip1).to be_truthy
35
35
  end
36
36
 
37
37
  it 'should be true same ip and same wildcard/netmask' do
38
- (@ip1 == @ip2).should be_true
38
+ expect(@ip1 == @ip2).to be_truthy
39
39
  end
40
40
 
41
41
  it 'should be false different ip and same netmask' do
42
- (@ip2 == @ip3).should be_false
42
+ expect(@ip2 == @ip3).to be_falsey
43
43
  end
44
44
 
45
45
  it 'should be false different ip and same wildcard' do
46
- (@ip1 == @ip4).should be_false
46
+ expect(@ip1 == @ip4).to be_falsey
47
47
  end
48
48
 
49
49
  it 'should be false same ip and different wildcard' do
50
- (@ip1 == @ip5).should be_false
50
+ expect(@ip1 == @ip5).to be_falsey
51
51
  end
52
52
 
53
53
  it 'should be true ANY object' do
54
54
  ip1 = AceIpSpec.new(ipaddr: 'any')
55
55
  ip2 = AceIpSpec.new(ipaddr: '0.0.0.0', wildcard: '255.255.255.255')
56
56
  ip3 = AceIpSpec.new(ipaddr: '0.0.0.0', netmask: 0)
57
- (ip1 == ip2).should be_true
58
- (ip2 == ip3).should be_true
59
- (ip3 == ip1).should be_true
57
+ expect(ip1 == ip2).to be_truthy
58
+ expect(ip2 == ip3).to be_truthy
59
+ expect(ip3 == ip1).to be_truthy
60
60
  end
61
61
  end
62
62
 
@@ -66,8 +66,8 @@ describe AceIpSpec do
66
66
  ipaddr: '192.168.15.15',
67
67
  wildcard: '0.0.31.255'
68
68
  )
69
- ip.netmask.should eq 19
70
- ip.wildcard.should eq '0.0.31.255'
69
+ expect(ip.netmask).to eq 19
70
+ expect(ip.wildcard).to eq '0.0.31.255'
71
71
  end
72
72
 
73
73
  it 'should not be converted wildcard/netmask' do
@@ -75,8 +75,8 @@ describe AceIpSpec do
75
75
  ipaddr: '192.168.15.15',
76
76
  wildcard: '0.3.5.0'
77
77
  )
78
- ip.netmask.should be_nil
79
- ip.wildcard.should eq '0.3.5.0'
78
+ expect(ip.netmask).to be_nil
79
+ expect(ip.wildcard).to eq '0.3.5.0'
80
80
  end
81
81
  end
82
82
 
@@ -89,19 +89,19 @@ describe AceIpSpec do
89
89
  end
90
90
 
91
91
  it 'should be true when subnet is contained' do
92
- @ip.contains?('192.168.15.3/25').should be_true
92
+ expect(@ip.contains?('192.168.15.3/25')).to be_truthy
93
93
  end
94
94
 
95
95
  it 'should be true when same subnet' do
96
- @ip.contains?('192.168.15.3/24').should be_true
96
+ expect(@ip.contains?('192.168.15.3/24')).to be_truthy
97
97
  end
98
98
 
99
99
  it 'should be false when larger subnet' do
100
- @ip.contains?('192.168.15.3/23').should be_false
100
+ expect(@ip.contains?('192.168.15.3/23')).to be_falsey
101
101
  end
102
102
 
103
103
  it 'should be false with not related block' do
104
- @ip.contains?('192.168.16.3/24').should be_false
104
+ expect(@ip.contains?('192.168.16.3/24')).to be_falsey
105
105
  end
106
106
  end
107
107
 
@@ -111,12 +111,12 @@ describe AceIpSpec do
111
111
  ipaddr: '192.168.15.15',
112
112
  wildcard: '0.0.7.6'
113
113
  )
114
- ip.to_s.should be_aclstr('192.168.8.9 0.0.7.6')
114
+ expect(ip.to_s).to be_aclstr('192.168.8.9 0.0.7.6')
115
115
  end
116
116
 
117
117
  it 'should be "any" with any alias' do
118
118
  ip = AceIpSpec.new(ipaddr: 'any')
119
- ip.to_s.should be_aclstr('any')
119
+ expect(ip.to_s).to be_aclstr('any')
120
120
  end
121
121
 
122
122
  it 'should be "any"' do
@@ -124,7 +124,7 @@ describe AceIpSpec do
124
124
  ipaddr: '0.0.0.0',
125
125
  wildcard: '255.255.255.255'
126
126
  )
127
- ip.to_s.should be_aclstr('any')
127
+ expect(ip.to_s).to be_aclstr('any')
128
128
  end
129
129
 
130
130
  it 'should be "any" with full-bit wildcard mask' do
@@ -132,7 +132,7 @@ describe AceIpSpec do
132
132
  ipaddr: '192.168.15.15',
133
133
  wildcard: '255.255.255.255'
134
134
  )
135
- ip.to_s.should be_aclstr('any')
135
+ expect(ip.to_s).to be_aclstr('any')
136
136
  end
137
137
 
138
138
  it 'should be "any" with zero-ip' do
@@ -140,7 +140,7 @@ describe AceIpSpec do
140
140
  ipaddr: '0.0.0.0',
141
141
  wildcard: '0.0.7.6'
142
142
  )
143
- ip.to_s.should be_aclstr('any')
143
+ expect(ip.to_s).to be_aclstr('any')
144
144
  end
145
145
 
146
146
  it 'should be "host 192.168.15.15"' do
@@ -148,7 +148,7 @@ describe AceIpSpec do
148
148
  ipaddr: '192.168.15.15',
149
149
  wildcard: '0.0.0.0'
150
150
  )
151
- ip.to_s.should be_aclstr('host 192.168.15.15')
151
+ expect(ip.to_s).to be_aclstr('host 192.168.15.15')
152
152
  end
153
153
 
154
154
  it 'should be "192.168.14.0 0.0.1.255" with netmask /23' do
@@ -156,7 +156,7 @@ describe AceIpSpec do
156
156
  ipaddr: '192.168.15.15',
157
157
  netmask: 23
158
158
  )
159
- ip.to_s.should be_aclstr('192.168.14.0 0.0.1.255')
159
+ expect(ip.to_s).to be_aclstr('192.168.14.0 0.0.1.255')
160
160
  end
161
161
 
162
162
  it 'should be "any" with netmask /0' do
@@ -164,7 +164,7 @@ describe AceIpSpec do
164
164
  ipaddr: '192.168.15.15',
165
165
  netmask: 0
166
166
  )
167
- ip.to_s.should be_aclstr('any')
167
+ expect(ip.to_s).to be_aclstr('any')
168
168
  end
169
169
 
170
170
  it 'should be "host 192.168.15.15" with netmask /32' do
@@ -172,41 +172,41 @@ describe AceIpSpec do
172
172
  ipaddr: '192.168.15.15',
173
173
  netmask: 32
174
174
  )
175
- ip.to_s.should be_aclstr('host 192.168.15.15')
175
+ expect(ip.to_s).to be_aclstr('host 192.168.15.15')
176
176
  end
177
177
 
178
178
  it 'should be "host 192.168.15.15" in default' do
179
179
  ip = AceIpSpec.new(
180
180
  ipaddr: '192.168.15.15'
181
181
  )
182
- ip.to_s.should be_aclstr('host 192.168.15.15')
182
+ expect(ip.to_s).to be_aclstr('host 192.168.15.15')
183
183
  end
184
184
 
185
185
  context 'Argument Error Case' do
186
186
  it 'raise error without ipaddr' do
187
- lambda do
187
+ expect do
188
188
  AceIpSpec.new(
189
189
  netmask: 32
190
190
  )
191
- end.should raise_error(AclArgumentError)
191
+ end.to raise_error(AclArgumentError)
192
192
  end
193
193
 
194
194
  it 'raise error with invalid ipaddr' do
195
- lambda do
195
+ expect do
196
196
  AceIpSpec.new(
197
197
  ipaddr: '192.168.15.256'
198
198
  )
199
- end.should raise_error
200
- lambda do
199
+ end.to raise_error
200
+ expect do
201
201
  AceIpSpec.new(
202
202
  ipaddr: '192.168.250.3.3'
203
203
  )
204
- end.should raise_error
205
- lambda do
204
+ end.to raise_error
205
+ expect do
206
206
  AceIpSpec.new(
207
207
  ipaddr: '192,168.250.3'
208
208
  )
209
- end.should raise_error
209
+ end.to raise_error
210
210
  end
211
211
  end
212
212
  end
data/spec/cisco_acl_intp/{ace_other_qualifier_spec.rb → acespec_other_qualifier_spec.rb} RENAMED
@@ -10,33 +10,33 @@ describe AceLogSpec do
10
10
  end
11
11
 
12
12
  it 'should be true when same cookie' do
13
- (@log2 == @log3).should be_true
13
+ expect(@log2 == @log3).to be_truthy
14
14
  end
15
15
 
16
16
  it 'should be false when different cookie' do
17
- (@log2 == @log1).should be_false
17
+ expect(@log2 == @log1).to be_falsey
18
18
  end
19
19
  end
20
20
 
21
21
  describe '#to_s' do
22
22
  it 'should be log without cookie' do
23
23
  log = AceLogSpec.new
24
- log.to_s.should be_aclstr('log')
24
+ expect(log.to_s).to be_aclstr('log')
25
25
  end
26
26
 
27
27
  it 'should be log-input without cookie string' do
28
28
  log = AceLogSpec.new('', true)
29
- log.to_s.should be_aclstr('log-input')
29
+ expect(log.to_s).to be_aclstr('log-input')
30
30
  end
31
31
 
32
32
  it 'should be log with cookie' do
33
33
  log = AceLogSpec.new('Cookie0123')
34
- log.to_s.should be_aclstr('log Cookie0123')
34
+ expect(log.to_s).to be_aclstr('log Cookie0123')
35
35
  end
36
36
 
37
37
  it 'should be log-input with cookie string' do
38
38
  log = AceLogSpec.new('log', true)
39
- log.to_s.should be_aclstr('log-input log')
39
+ expect(log.to_s).to be_aclstr('log-input log')
40
40
  end
41
41
  end
42
42
  end
@@ -50,24 +50,24 @@ describe AceRecursiveQualifier do
50
50
  end
51
51
 
52
52
  it 'should be true when same recursive-name' do
53
- (@rcsv2 == @rcsv3).should be_true
53
+ expect(@rcsv2 == @rcsv3).to be_truthy
54
54
  end
55
55
 
56
56
  it 'should be false when different recursive-name' do
57
- (@rcsv2 == @rcsv1).should be_false
57
+ expect(@rcsv2 == @rcsv1).to be_falsey
58
58
  end
59
59
  end
60
60
 
61
61
  describe '#to_s' do
62
62
  it 'should be reflect spec string' do
63
63
  rcsv = AceRecursiveQualifier.new('established')
64
- rcsv.to_s.should be_aclstr('reflect established')
64
+ expect(rcsv.to_s).to be_aclstr('reflect established')
65
65
  end
66
66
 
67
67
  it 'should be raised error' do
68
- lambda do
68
+ expect do
69
69
  AceRecursiveQualifier.new('')
70
- end.should raise_error(AclArgumentError)
70
+ end.to raise_error(AclArgumentError)
71
71
  end
72
72
  end
73
73
  end
@@ -80,16 +80,16 @@ describe AceOtherQualifierList do
80
80
  @list = AceOtherQualifierList.new
81
81
  end
82
82
 
83
- it 'should be size 0 when empty list'do
84
- @list.size.should be_zero
83
+ it 'should be size 0 when empty list' do
84
+ expect(@list.size).to be_zero
85
85
  end
86
86
 
87
87
  it 'should count-up size when added AceTcpFlag objects' do
88
88
  @list.push @oq1
89
- @list.size.should eq 1
89
+ expect(@list.size).to eq 1
90
90
  @list.push @oq2
91
- @list.size.should eq 2
92
- @list.to_s.should be_aclstr('log reflect iptraffic')
91
+ expect(@list.size).to eq 2
92
+ expect(@list.to_s).to be_aclstr('log reflect iptraffic')
93
93
  end
94
94
  end
95
95
 
@@ -104,11 +104,11 @@ describe AceOtherQualifierList do
104
104
  end
105
105
 
106
106
  it 'should be true when same other qualifier elements' do
107
- (@list1 == @list2).should be_true
107
+ expect(@list1 == @list2).to be_truthy
108
108
  end
109
109
 
110
110
  it 'should be false when different other qualifier elements' do
111
- (@list1 == @list3).should be_false
111
+ expect(@list1 == @list3).to be_falsey
112
112
  end
113
113
  end
114
114
  end