cisco_acl_intp 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.rubocop.yml +2 -2
- data/.travis.yml +4 -2
- data/Gemfile +7 -6
- data/README.md +23 -18
- data/Rakefile +11 -13
- data/cisco_acl_intp.gemspec +7 -7
- data/lib/cisco_acl_intp/acc.rb +111 -0
- data/lib/cisco_acl_intp/{ace.rb → ace_base.rb} +9 -8
- data/lib/cisco_acl_intp/{extended_ace.rb → ace_extended.rb} +8 -10
- data/lib/cisco_acl_intp/{standard_ace.rb → ace_standard.rb} +5 -5
- data/lib/cisco_acl_intp/acespec_base.rb +15 -0
- data/lib/cisco_acl_intp/{ace_ip.rb → acespec_ip.rb} +14 -22
- data/lib/cisco_acl_intp/{ace_other_qualifiers.rb → acespec_other_qualifiers.rb} +7 -7
- data/lib/cisco_acl_intp/{ace_port.rb → acespec_port.rb} +10 -13
- data/lib/cisco_acl_intp/{ace_port_opr.rb → acespec_port_opr.rb} +75 -73
- data/lib/cisco_acl_intp/{ace_port_opr_base.rb → acespec_port_opr_base.rb} +49 -34
- data/lib/cisco_acl_intp/{ace_proto.rb → acespec_proto.rb} +4 -4
- data/lib/cisco_acl_intp/{ace_proto_base.rb → acespec_proto_base.rb} +8 -8
- data/lib/cisco_acl_intp/{ace_srcdst.rb → acespec_srcdst.rb} +9 -8
- data/lib/cisco_acl_intp/{ace_tcp_flags.rb → acespec_tcp_flags.rb} +4 -4
- data/lib/cisco_acl_intp/acl.rb +1 -1
- data/lib/cisco_acl_intp/acl_base.rb +108 -80
- data/lib/cisco_acl_intp/{mono_function_acl.rb → acl_category_base.rb} +5 -5
- data/lib/cisco_acl_intp/acl_utils.rb +1 -1
- data/lib/cisco_acl_intp/parser.rb +388 -406
- data/lib/cisco_acl_intp/parser.ry +8 -3
- data/lib/cisco_acl_intp/parser_api.rb +4 -4
- data/lib/cisco_acl_intp/scanner.rb +8 -10
- data/lib/cisco_acl_intp/scanner_special_token_handler.rb +3 -3
- data/lib/cisco_acl_intp/version.rb +1 -1
- data/spec/cisco_acl_intp/{extended_ace_spec.rb → ace_extended_spec.rb} +157 -128
- data/spec/cisco_acl_intp/ace_spec.rb +21 -19
- data/spec/cisco_acl_intp/{standard_ace_spec.rb → ace_standard_spec.rb} +7 -11
- data/spec/cisco_acl_intp/{ace_ip_spec.rb → acespec_ip_spec.rb} +34 -34
- data/spec/cisco_acl_intp/{ace_other_qualifier_spec.rb → acespec_other_qualifier_spec.rb} +18 -18
- data/spec/cisco_acl_intp/acespec_port_operator_spec.rb +331 -0
- data/spec/cisco_acl_intp/{ace_port_spec.rb → acespec_port_spec.rb} +33 -33
- data/spec/cisco_acl_intp/{ace_proto_spec.rb → acespec_proto_spec.rb} +61 -61
- data/spec/cisco_acl_intp/{ace_srcdst_spec.rb → acespec_srcdst_spec.rb} +113 -54
- data/spec/cisco_acl_intp/{ace_tcp_flags_spec.rb → acespec_tcp_flags_spec.rb} +10 -10
- data/spec/cisco_acl_intp/acl_base_spec.rb +14 -12
- data/spec/cisco_acl_intp/{extended_acl_spec.rb → acl_extended_spec.rb} +28 -28
- data/spec/cisco_acl_intp/{standard_acl_spec.rb → acl_standard_spec.rb} +24 -23
- data/spec/cisco_acl_intp/cisco_acl_intp_spec.rb +1 -1
- data/spec/cisco_acl_intp/parser_spec.rb +12 -12
- data/spec/cisco_acl_intp/scanner_spec.rb +31 -36
- data/spec/parser_fullfill_patterns.rb +6 -7
- data/spec/spec_helper.rb +6 -6
- data/tools/check_acl.rb +1 -1
- metadata +60 -59
- data/lib/cisco_acl_intp/single_acl_base.rb +0 -137
- data/spec/cisco_acl_intp/ace_port_operator_spec.rb +0 -340
@@ -0,0 +1,331 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe 'AcePortOpAny' do
|
5
|
+
describe '#contains' do
|
6
|
+
before(:all) do
|
7
|
+
@aclop = AcePortOpAny.new
|
8
|
+
@port1 = AceTcpProtoSpec.new(10)
|
9
|
+
@port2 = AceTcpProtoSpec.new('www')
|
10
|
+
end
|
11
|
+
|
12
|
+
it 'should be true all conditions' do
|
13
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_truthy
|
14
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_truthy
|
15
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_truthy
|
16
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_truthy
|
17
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_truthy
|
18
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_truthy
|
19
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_truthy
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
describe 'AcePortOpStrictAny' do
|
25
|
+
describe '#contains' do
|
26
|
+
before(:all) do
|
27
|
+
@aclop = AcePortOpStrictAny.new
|
28
|
+
@port1 = AceTcpProtoSpec.new(10)
|
29
|
+
@port2 = AceTcpProtoSpec.new('www')
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should be true when only ANY conditions' do
|
33
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_truthy
|
34
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_truthy
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'should be false with other operators' do
|
38
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_falsey
|
39
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
40
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_falsey
|
41
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
42
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe 'AcePortOpEq' do
|
48
|
+
describe '#contains' do
|
49
|
+
before(:all) do
|
50
|
+
@port1 = AceTcpProtoSpec.new(10)
|
51
|
+
@port2 = AceTcpProtoSpec.new('www')
|
52
|
+
@aclop = AcePortOpEq.new(@port1)
|
53
|
+
end
|
54
|
+
|
55
|
+
it 'should be false with (STRICT_)ANY' do
|
56
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_falsey
|
57
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_falsey
|
58
|
+
end
|
59
|
+
|
60
|
+
it 'should be true when same eq/port operator' do
|
61
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_truthy
|
62
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port2))).to be_falsey
|
63
|
+
end
|
64
|
+
|
65
|
+
it 'should be false with other operator' do
|
66
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
67
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_falsey
|
68
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
69
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
describe 'AcePortOpNeq' do
|
75
|
+
describe '#contains' do
|
76
|
+
before(:all) do
|
77
|
+
@port1 = AceTcpProtoSpec.new(10)
|
78
|
+
@port2 = AceTcpProtoSpec.new('www')
|
79
|
+
@port3 = AceTcpProtoSpec.new(443)
|
80
|
+
@aclop = AcePortOpNeq.new(@port2)
|
81
|
+
end
|
82
|
+
|
83
|
+
it 'should be false with (STRICT_)ANY' do
|
84
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_falsey
|
85
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_falsey
|
86
|
+
end
|
87
|
+
|
88
|
+
it 'should be checked with EQUAL' do
|
89
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_truthy
|
90
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port2))).to be_falsey
|
91
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port3))).to be_truthy
|
92
|
+
end
|
93
|
+
|
94
|
+
it 'should be checked with NOT_EQUAL' do
|
95
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
96
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port2))).to be_truthy
|
97
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port3))).to be_falsey
|
98
|
+
end
|
99
|
+
|
100
|
+
it 'should be checked with LOWER_THAN' do
|
101
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_truthy
|
102
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port2))).to be_truthy
|
103
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port3))).to be_falsey
|
104
|
+
end
|
105
|
+
|
106
|
+
it 'should be checked with GRATER_THAN' do
|
107
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
108
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port2))).to be_truthy
|
109
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port3))).to be_truthy
|
110
|
+
end
|
111
|
+
|
112
|
+
it 'should be checked with RANGE' do
|
113
|
+
port2a = AceTcpProtoSpec.new(79)
|
114
|
+
port2b = AceTcpProtoSpec.new(81)
|
115
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, port2a))).to be_truthy
|
116
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
117
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3))).to be_falsey
|
118
|
+
expect(@aclop.contains?(AcePortOpRange.new(port2b, @port3))).to be_truthy
|
119
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port3))).to be_falsey
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
describe 'AcePortOpLt' do
|
125
|
+
describe '#contains' do
|
126
|
+
before(:all) do
|
127
|
+
@port1 = AceTcpProtoSpec.new(10)
|
128
|
+
@port2 = AceTcpProtoSpec.new('www')
|
129
|
+
@port3 = AceTcpProtoSpec.new(443)
|
130
|
+
@port_max = AceTcpProtoSpec.new(65_535)
|
131
|
+
@aclop = AcePortOpLt.new(@port2)
|
132
|
+
end
|
133
|
+
|
134
|
+
it 'should be false with (STRICT_)ANY' do
|
135
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_falsey
|
136
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_falsey
|
137
|
+
end
|
138
|
+
|
139
|
+
it 'should be checked with EQUAL' do
|
140
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_truthy
|
141
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port2))).to be_falsey
|
142
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port3))).to be_falsey
|
143
|
+
end
|
144
|
+
|
145
|
+
it 'should be checked with NOT_EQUAL(1)' do
|
146
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
147
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port2))).to be_falsey
|
148
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port3))).to be_falsey
|
149
|
+
end
|
150
|
+
|
151
|
+
it 'should be checked with NOT_EQUAL(2)' do
|
152
|
+
aclop = AcePortOpLt.new(@port_max)
|
153
|
+
expect(aclop.contains?(AcePortOpNeq.new(@port_max))).to be_truthy
|
154
|
+
end
|
155
|
+
|
156
|
+
it 'should be checked with LOWER_THAN' do
|
157
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_truthy
|
158
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port2))).to be_truthy
|
159
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port3))).to be_falsey
|
160
|
+
end
|
161
|
+
|
162
|
+
it 'should be checked with GRATER_THAN' do
|
163
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
164
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port2))).to be_falsey
|
165
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port3))).to be_falsey
|
166
|
+
end
|
167
|
+
|
168
|
+
it 'should be checked with RANGE' do
|
169
|
+
port2a = AceTcpProtoSpec.new(79)
|
170
|
+
port2b = AceTcpProtoSpec.new(81)
|
171
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, port2a))).to be_truthy
|
172
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
173
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3))).to be_falsey
|
174
|
+
expect(@aclop.contains?(AcePortOpRange.new(port2b, @port3))).to be_falsey
|
175
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port3))).to be_falsey
|
176
|
+
end
|
177
|
+
end
|
178
|
+
end
|
179
|
+
|
180
|
+
describe 'AcePortOpGt' do
|
181
|
+
describe '#contains' do
|
182
|
+
before(:all) do
|
183
|
+
@port1 = AceTcpProtoSpec.new(10)
|
184
|
+
@port2 = AceTcpProtoSpec.new('www')
|
185
|
+
@port3 = AceTcpProtoSpec.new(443)
|
186
|
+
@port_min = AceTcpProtoSpec.new(0)
|
187
|
+
@aclop = AcePortOpGt.new(@port2)
|
188
|
+
end
|
189
|
+
|
190
|
+
it 'should be false with (STRICT_)ANY' do
|
191
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_falsey
|
192
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_falsey
|
193
|
+
end
|
194
|
+
|
195
|
+
it 'should be checked with EQUAL' do
|
196
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_falsey
|
197
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port2))).to be_falsey
|
198
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port3))).to be_truthy
|
199
|
+
end
|
200
|
+
|
201
|
+
it 'should be checked with NOT_EQUAL(1)' do
|
202
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
203
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port2))).to be_falsey
|
204
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port3))).to be_falsey
|
205
|
+
end
|
206
|
+
|
207
|
+
it 'should be checked with NOT_EQUAL(2)' do
|
208
|
+
aclop = AcePortOpGt.new(@port_min)
|
209
|
+
expect(aclop.contains?(AcePortOpNeq.new(@port_min))).to be_truthy
|
210
|
+
end
|
211
|
+
|
212
|
+
it 'should be checked with LOWER_THAN' do
|
213
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_falsey
|
214
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port2))).to be_falsey
|
215
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port3))).to be_falsey
|
216
|
+
end
|
217
|
+
|
218
|
+
it 'should be checked with GRATER_THAN' do
|
219
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
220
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port2))).to be_truthy
|
221
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port3))).to be_truthy
|
222
|
+
end
|
223
|
+
|
224
|
+
it 'should be checked with RANGE' do
|
225
|
+
port2a = AceTcpProtoSpec.new(79)
|
226
|
+
port2b = AceTcpProtoSpec.new(81)
|
227
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, port2a))).to be_falsey
|
228
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
229
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3))).to be_falsey
|
230
|
+
expect(@aclop.contains?(AcePortOpRange.new(port2b, @port3))).to be_truthy
|
231
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port3))).to be_falsey
|
232
|
+
end
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
describe 'AcePortOpRange' do
|
237
|
+
describe '#contains' do
|
238
|
+
before(:all) do
|
239
|
+
@port1 = AceTcpProtoSpec.new(10)
|
240
|
+
@port2 = AceTcpProtoSpec.new('www')
|
241
|
+
@port3 = AceTcpProtoSpec.new(443)
|
242
|
+
@port4 = AceTcpProtoSpec.new(8080)
|
243
|
+
|
244
|
+
@port2a = AceTcpProtoSpec.new(79)
|
245
|
+
@port2b = AceTcpProtoSpec.new(81)
|
246
|
+
@port3a = AceTcpProtoSpec.new(442)
|
247
|
+
@port3b = AceTcpProtoSpec.new(444)
|
248
|
+
|
249
|
+
@port_max = AceTcpProtoSpec.new(65_535)
|
250
|
+
@port_min = AceTcpProtoSpec.new(0)
|
251
|
+
|
252
|
+
@aclop = AcePortOpRange.new(@port2, @port3)
|
253
|
+
@aclop_any = AcePortOpRange.new(@port_min, @port_max)
|
254
|
+
end
|
255
|
+
|
256
|
+
it 'should be checked with ANY' do
|
257
|
+
expect(@aclop.contains?(AcePortOpAny.new)).to be_falsey
|
258
|
+
expect(@aclop_any.contains?(AcePortOpAny.new)).to be_truthy
|
259
|
+
end
|
260
|
+
|
261
|
+
it 'should be false with STRICT_ANY' do
|
262
|
+
expect(@aclop.contains?(AcePortOpStrictAny.new)).to be_falsey
|
263
|
+
expect(@aclop_any.contains?(AcePortOpStrictAny.new)).to be_falsey
|
264
|
+
end
|
265
|
+
|
266
|
+
it 'should be checked with EQUAL' do
|
267
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port1))).to be_falsey
|
268
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port2))).to be_truthy
|
269
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port3))).to be_truthy
|
270
|
+
expect(@aclop.contains?(AcePortOpEq.new(@port4))).to be_falsey
|
271
|
+
end
|
272
|
+
|
273
|
+
it 'should be checked with NOT_EQUAL(1)' do
|
274
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port1))).to be_falsey
|
275
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port2))).to be_falsey
|
276
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port3))).to be_falsey
|
277
|
+
expect(@aclop.contains?(AcePortOpNeq.new(@port4))).to be_falsey
|
278
|
+
end
|
279
|
+
|
280
|
+
it 'should be checked with NOT_EQUAL(2)' do
|
281
|
+
aclop = AcePortOpRange.new(@port_min, @port_max)
|
282
|
+
expect(aclop.contains?(AcePortOpNeq.new(@port_min))).to be_truthy
|
283
|
+
expect(aclop.contains?(AcePortOpNeq.new(@port_max))).to be_truthy
|
284
|
+
end
|
285
|
+
|
286
|
+
it 'should be checked with LOWER_THAN(1)' do
|
287
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port1))).to be_falsey
|
288
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port2))).to be_falsey
|
289
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port3))).to be_falsey
|
290
|
+
expect(@aclop.contains?(AcePortOpLt.new(@port4))).to be_falsey
|
291
|
+
end
|
292
|
+
|
293
|
+
it 'should be checked with LOWER_THAN(2)' do
|
294
|
+
aclop = AcePortOpRange.new(@port_min, @port3)
|
295
|
+
expect(aclop.contains?(AcePortOpLt.new(@port3a))).to be_truthy
|
296
|
+
expect(aclop.contains?(AcePortOpLt.new(@port3))).to be_falsey
|
297
|
+
expect(aclop.contains?(AcePortOpLt.new(@port3b))).to be_falsey
|
298
|
+
end
|
299
|
+
|
300
|
+
it 'should be checked with GRATER_THAN(1)' do
|
301
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port1))).to be_falsey
|
302
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port2))).to be_falsey
|
303
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port3))).to be_falsey
|
304
|
+
expect(@aclop.contains?(AcePortOpGt.new(@port4))).to be_falsey
|
305
|
+
end
|
306
|
+
|
307
|
+
it 'should be checked with GRATER_THAN(2)' do
|
308
|
+
aclop = AcePortOpRange.new(@port2, @port_max)
|
309
|
+
expect(aclop.contains?(AcePortOpGt.new(@port2a))).to be_falsey
|
310
|
+
expect(aclop.contains?(AcePortOpGt.new(@port2))).to be_falsey
|
311
|
+
expect(aclop.contains?(AcePortOpGt.new(@port2b))).to be_truthy
|
312
|
+
end
|
313
|
+
|
314
|
+
it 'should be checked with RANGE' do
|
315
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2a))).to be_falsey
|
316
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port2))).to be_falsey
|
317
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3a))).to be_truthy
|
318
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3))).to be_truthy
|
319
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port3b))).to be_falsey
|
320
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port3))).to be_falsey
|
321
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port2, @port4))).to be_falsey
|
322
|
+
expect(@aclop.contains?(AcePortOpRange.new(@port1, @port4))).to be_falsey
|
323
|
+
end
|
324
|
+
end
|
325
|
+
end
|
326
|
+
|
327
|
+
### Local variables:
|
328
|
+
### mode: Ruby
|
329
|
+
### coding: utf-8-unix
|
330
|
+
### indent-tabs-mode: nil
|
331
|
+
### End:
|
@@ -9,22 +9,22 @@ describe AcePortSpec do
|
|
9
9
|
end
|
10
10
|
|
11
11
|
it 'shoud be error with unknown operator' do
|
12
|
-
|
12
|
+
expect do
|
13
13
|
AcePortSpec.new(
|
14
14
|
operator: 'equal',
|
15
15
|
port: @port1
|
16
16
|
)
|
17
|
-
end.
|
17
|
+
end.to raise_error(AclArgumentError)
|
18
18
|
end
|
19
19
|
|
20
20
|
it 'should be error with invalid ports' do
|
21
|
-
|
21
|
+
expect do
|
22
22
|
AcePortSpec.new(
|
23
23
|
operator: 'range',
|
24
24
|
begin_port: @port2,
|
25
25
|
end_port: @port1
|
26
26
|
)
|
27
|
-
end.
|
27
|
+
end.to raise_error(AclArgumentError)
|
28
28
|
end
|
29
29
|
end
|
30
30
|
|
@@ -39,21 +39,21 @@ describe AcePortSpec do
|
|
39
39
|
p = AcePortSpec.new(
|
40
40
|
operator: 'eq', port: @p1
|
41
41
|
)
|
42
|
-
p.to_s.
|
42
|
+
expect(p.to_s).to be_aclstr('eq 22')
|
43
43
|
end
|
44
44
|
|
45
45
|
it 'should be "lt www"' do
|
46
46
|
p = AcePortSpec.new(
|
47
47
|
operator: 'lt', port: @p2
|
48
48
|
)
|
49
|
-
p.to_s.
|
49
|
+
expect(p.to_s).to be_aclstr('lt www')
|
50
50
|
end
|
51
51
|
|
52
52
|
it 'should be "gt www"' do
|
53
53
|
p = AcePortSpec.new(
|
54
54
|
operator: 'gt', port: @p2
|
55
55
|
)
|
56
|
-
p.to_s.
|
56
|
+
expect(p.to_s).to be_aclstr('gt www')
|
57
57
|
end
|
58
58
|
|
59
59
|
it 'should be "range 22 www"' do
|
@@ -61,7 +61,7 @@ describe AcePortSpec do
|
|
61
61
|
operator: 'range',
|
62
62
|
begin_port: @p1, end_port: @p2
|
63
63
|
)
|
64
|
-
p.to_s.
|
64
|
+
expect(p.to_s).to be_aclstr('range 22 www')
|
65
65
|
end
|
66
66
|
|
67
67
|
it 'should be empty when any port' do
|
@@ -69,35 +69,35 @@ describe AcePortSpec do
|
|
69
69
|
operator: 'any',
|
70
70
|
begin_port: @p1, end_port: @p2
|
71
71
|
)
|
72
|
-
p.to_s.
|
72
|
+
expect(p.to_s).to be_empty
|
73
73
|
end
|
74
|
-
|
75
74
|
end
|
75
|
+
|
76
76
|
context 'Argument error case' do
|
77
77
|
it 'raise error when not specified operator' do
|
78
|
-
|
78
|
+
expect do
|
79
79
|
AcePortSpec.new(
|
80
80
|
end_port: @p1
|
81
81
|
)
|
82
|
-
end.
|
82
|
+
end.to raise_error(AclArgumentError)
|
83
83
|
end
|
84
84
|
|
85
85
|
it 'raise error when not specified begin_port' do
|
86
|
-
|
86
|
+
expect do
|
87
87
|
AcePortSpec.new(
|
88
88
|
operator: 'eq',
|
89
89
|
end_port: @p1
|
90
90
|
)
|
91
|
-
end.
|
91
|
+
end.to raise_error(AclArgumentError)
|
92
92
|
end
|
93
93
|
|
94
94
|
it 'raise error when wrong port sequence' do
|
95
|
-
|
95
|
+
expect do
|
96
96
|
AcePortSpec.new(
|
97
97
|
operator: 'range',
|
98
98
|
begin_port: @p2, end_port: @p1
|
99
99
|
)
|
100
|
-
end.
|
100
|
+
end.to raise_error(AclArgumentError)
|
101
101
|
end
|
102
102
|
end
|
103
103
|
end
|
@@ -123,22 +123,22 @@ describe AcePortSpec do
|
|
123
123
|
end
|
124
124
|
|
125
125
|
it 'should be true when contained case' do
|
126
|
-
@any.contains?(@eq1).
|
127
|
-
@s_any.contains?(@any).
|
128
|
-
@eq1.contains?(@eq1).
|
129
|
-
@neq1.contains?(@eq2).
|
130
|
-
@lt2.contains?(@lt1).
|
131
|
-
@gt1.contains?(@gt2).
|
132
|
-
@range.contains?(@eq1).
|
126
|
+
expect(@any.contains?(@eq1)).to be_truthy
|
127
|
+
expect(@s_any.contains?(@any)).to be_truthy
|
128
|
+
expect(@eq1.contains?(@eq1)).to be_truthy
|
129
|
+
expect(@neq1.contains?(@eq2)).to be_truthy
|
130
|
+
expect(@lt2.contains?(@lt1)).to be_truthy
|
131
|
+
expect(@gt1.contains?(@gt2)).to be_truthy
|
132
|
+
expect(@range.contains?(@eq1)).to be_truthy
|
133
133
|
end
|
134
134
|
|
135
135
|
it 'should be false when not contained case' do
|
136
|
-
@s_any.contains?(@eq1).
|
137
|
-
@eq1.contains?(@eq2).
|
138
|
-
@neq1.contains?(@eq1).
|
139
|
-
@lt1.contains?(@lt2).
|
140
|
-
@gt2.contains?(@lt1).
|
141
|
-
@range.contains?(@neq1).
|
136
|
+
expect(@s_any.contains?(@eq1)).to be_falsey
|
137
|
+
expect(@eq1.contains?(@eq2)).to be_falsey
|
138
|
+
expect(@neq1.contains?(@eq1)).to be_falsey
|
139
|
+
expect(@lt1.contains?(@lt2)).to be_falsey
|
140
|
+
expect(@gt2.contains?(@lt1)).to be_falsey
|
141
|
+
expect(@range.contains?(@neq1)).to be_falsey
|
142
142
|
end
|
143
143
|
end
|
144
144
|
|
@@ -153,25 +153,25 @@ describe AcePortSpec do
|
|
153
153
|
it 'should be true when same operator, same protocol' do
|
154
154
|
a = AcePortSpec.new(operator: 'eq', port: @p1a)
|
155
155
|
b = AcePortSpec.new(operator: 'eq', port: @p1b)
|
156
|
-
(a == b).
|
156
|
+
expect(a == b).to be_truthy
|
157
157
|
end
|
158
158
|
|
159
159
|
it 'should be false when different protocol' do
|
160
160
|
a = AcePortSpec.new(operator: 'eq', port: @p1a)
|
161
161
|
b = AcePortSpec.new(operator: 'eq', port: @p2)
|
162
|
-
(a == b).
|
162
|
+
expect(a == b).to be_falsey
|
163
163
|
end
|
164
164
|
|
165
165
|
it 'should be false when different operator' do
|
166
166
|
a = AcePortSpec.new(operator: 'eq', port: @p2)
|
167
167
|
b = AcePortSpec.new(operator: 'lt', port: @p2)
|
168
|
-
(a == b).
|
168
|
+
expect(a == b).to be_falsey
|
169
169
|
end
|
170
170
|
|
171
171
|
it 'should be false when different protocol' do
|
172
172
|
a = AcePortSpec.new(operator: 'eq', port: @p1a)
|
173
173
|
b = AcePortSpec.new(operator: 'eq', port: @pu1)
|
174
|
-
(a == b).
|
174
|
+
expect(a == b).to be_falsey
|
175
175
|
end
|
176
176
|
end
|
177
177
|
end
|