cisco_node_utils 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -1
- data/CHANGELOG.md +126 -1
- data/README.md +19 -12
- data/Rakefile +1 -0
- data/bin/git/hooks/commit-msg/enforce_style +8 -0
- data/cisco_node_utils.gemspec +4 -3
- data/docs/README-develop-best-practices.md +127 -109
- data/docs/README-develop-node-utils-APIs.md +47 -39
- data/docs/template-router.rb +3 -7
- data/lib/.rubocop.yml +4 -4
- data/lib/cisco_node_utils.rb +1 -1
- data/lib/cisco_node_utils/aaa_authentication_login.rb +96 -0
- data/lib/cisco_node_utils/aaa_authentication_login_service.rb +133 -0
- data/lib/cisco_node_utils/aaa_authorization_service.rb +150 -0
- data/lib/cisco_node_utils/ace.rb +196 -0
- data/lib/cisco_node_utils/acl.rb +100 -0
- data/lib/cisco_node_utils/bgp.rb +301 -163
- data/lib/cisco_node_utils/bgp_af.rb +187 -19
- data/lib/cisco_node_utils/bgp_neighbor.rb +18 -33
- data/lib/cisco_node_utils/bgp_neighbor_af.rb +25 -48
- data/lib/cisco_node_utils/cisco_cmn_utils.rb +23 -4
- data/lib/cisco_node_utils/cmd_ref/README_YAML.md +593 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_auth_login_service.yaml +22 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_authentication_login.yaml +31 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_authorization_service.yaml +22 -0
- data/lib/cisco_node_utils/cmd_ref/acl.yaml +43 -0
- data/lib/cisco_node_utils/cmd_ref/bgp.yaml +242 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_af.yaml +164 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_neighbor.yaml +131 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_neighbor_af.yaml +179 -0
- data/lib/cisco_node_utils/cmd_ref/dnsclient.yaml +34 -0
- data/lib/cisco_node_utils/cmd_ref/evpn_vni.yaml +42 -0
- data/lib/cisco_node_utils/cmd_ref/fabricpath.yaml +172 -0
- data/lib/cisco_node_utils/cmd_ref/fabricpath_topology.yaml +35 -0
- data/lib/cisco_node_utils/cmd_ref/feature.yaml +42 -0
- data/lib/cisco_node_utils/cmd_ref/fex.yaml +9 -0
- data/lib/cisco_node_utils/cmd_ref/images.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/interface.yaml +339 -0
- data/lib/cisco_node_utils/cmd_ref/interface_channel_group.yaml +28 -0
- data/lib/cisco_node_utils/cmd_ref/interface_ospf.yaml +61 -0
- data/lib/cisco_node_utils/cmd_ref/interface_portchannel.yaml +54 -0
- data/lib/cisco_node_utils/cmd_ref/interface_service_vni.yaml +32 -0
- data/lib/cisco_node_utils/cmd_ref/inventory.yaml +45 -0
- data/lib/cisco_node_utils/cmd_ref/memory.yaml +13 -0
- data/lib/cisco_node_utils/cmd_ref/ntp_config.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/ntp_server.yaml +14 -0
- data/lib/cisco_node_utils/cmd_ref/ospf.yaml +74 -0
- data/lib/cisco_node_utils/cmd_ref/overlay_global.yaml +33 -0
- data/lib/cisco_node_utils/cmd_ref/pim.yaml +40 -0
- data/lib/cisco_node_utils/cmd_ref/portchannel_global.yaml +69 -0
- data/lib/cisco_node_utils/cmd_ref/radius_global.yaml +25 -0
- data/lib/cisco_node_utils/cmd_ref/radius_server.yaml +64 -0
- data/lib/cisco_node_utils/cmd_ref/radius_server_group.yaml +14 -0
- data/lib/cisco_node_utils/cmd_ref/show_system.yaml +5 -0
- data/lib/cisco_node_utils/cmd_ref/show_version.yaml +72 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_community.yaml +23 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_group.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_notification_receiver.yaml +50 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_server.yaml +51 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_user.yaml +55 -0
- data/lib/cisco_node_utils/cmd_ref/snmpnotification.yaml +11 -0
- data/lib/cisco_node_utils/cmd_ref/syslog_server.yaml +18 -0
- data/lib/cisco_node_utils/cmd_ref/syslog_settings.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/system.yaml +6 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server.yaml +49 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server_group.yaml +33 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server_host.yaml +35 -0
- data/lib/cisco_node_utils/cmd_ref/vdc.yaml +38 -0
- data/lib/cisco_node_utils/cmd_ref/virtual_service.yaml +6 -0
- data/lib/cisco_node_utils/cmd_ref/vlan.yaml +56 -0
- data/lib/cisco_node_utils/cmd_ref/vni.yaml +76 -0
- data/lib/cisco_node_utils/cmd_ref/vpc.yaml +197 -0
- data/lib/cisco_node_utils/cmd_ref/vrf.yaml +88 -0
- data/lib/cisco_node_utils/cmd_ref/vtp.yaml +38 -0
- data/lib/cisco_node_utils/cmd_ref/vxlan_vtep.yaml +60 -0
- data/lib/cisco_node_utils/cmd_ref/vxlan_vtep_vni.yaml +39 -0
- data/lib/cisco_node_utils/cmd_ref/yum.yaml +13 -0
- data/lib/cisco_node_utils/command_reference.rb +359 -187
- data/lib/cisco_node_utils/configparser_lib.rb +1 -1
- data/lib/cisco_node_utils/dns_domain.rb +19 -5
- data/lib/cisco_node_utils/domain_name.rb +4 -8
- data/lib/cisco_node_utils/evpn_vni.rb +157 -0
- data/lib/cisco_node_utils/fabricpath_global.rb +388 -0
- data/lib/cisco_node_utils/fabricpath_topology.rb +150 -0
- data/lib/cisco_node_utils/feature.rb +111 -0
- data/lib/cisco_node_utils/interface.rb +390 -97
- data/lib/cisco_node_utils/interface_channel_group.rb +124 -0
- data/lib/cisco_node_utils/interface_ospf.rb +11 -34
- data/lib/cisco_node_utils/interface_portchannel.rb +157 -0
- data/lib/cisco_node_utils/interface_service_vni.rb +132 -0
- data/lib/cisco_node_utils/name_server.rb +1 -1
- data/lib/cisco_node_utils/node.rb +55 -249
- data/lib/cisco_node_utils/node_util.rb +5 -1
- data/lib/cisco_node_utils/ntp_config.rb +2 -2
- data/lib/cisco_node_utils/ntp_server.rb +14 -5
- data/lib/cisco_node_utils/overlay_global.rb +153 -0
- data/lib/cisco_node_utils/pim.rb +124 -0
- data/lib/cisco_node_utils/pim_group_list.rb +108 -0
- data/lib/cisco_node_utils/pim_rp_address.rb +102 -0
- data/lib/cisco_node_utils/platform.rb +8 -9
- data/lib/cisco_node_utils/portchannel_global.rb +277 -0
- data/lib/cisco_node_utils/radius_global.rb +9 -19
- data/lib/cisco_node_utils/radius_server.rb +31 -41
- data/lib/cisco_node_utils/radius_server_group.rb +117 -0
- data/lib/cisco_node_utils/router_ospf.rb +1 -1
- data/lib/cisco_node_utils/router_ospf_vrf.rb +14 -19
- data/lib/cisco_node_utils/snmp_notification_receiver.rb +158 -0
- data/lib/cisco_node_utils/snmpcommunity.rb +3 -5
- data/lib/cisco_node_utils/snmpgroup.rb +1 -1
- data/lib/cisco_node_utils/snmpnotification.rb +57 -0
- data/lib/cisco_node_utils/snmpserver.rb +8 -17
- data/lib/cisco_node_utils/snmpuser.rb +67 -28
- data/lib/cisco_node_utils/syslog_server.rb +3 -9
- data/lib/cisco_node_utils/syslog_settings.rb +2 -10
- data/lib/cisco_node_utils/tacacs_server.rb +9 -14
- data/lib/cisco_node_utils/tacacs_server_group.rb +145 -0
- data/lib/cisco_node_utils/tacacs_server_host.rb +5 -9
- data/lib/cisco_node_utils/vdc.rb +88 -0
- data/lib/cisco_node_utils/version.rb +5 -2
- data/lib/cisco_node_utils/vlan.rb +71 -8
- data/lib/cisco_node_utils/vni.rb +227 -0
- data/lib/cisco_node_utils/vpc.rb +377 -0
- data/lib/cisco_node_utils/vrf.rb +60 -9
- data/lib/cisco_node_utils/vrf_af.rb +191 -0
- data/lib/cisco_node_utils/vtp.rb +8 -6
- data/lib/cisco_node_utils/vxlan_vtep.rb +151 -0
- data/lib/cisco_node_utils/vxlan_vtep_vni.rb +234 -0
- data/lib/cisco_node_utils/yum.rb +1 -1
- data/tests/.rubocop.yml +1 -1
- data/tests/basetest.rb +16 -7
- data/tests/ciscotest.rb +55 -13
- data/tests/cmd_config.yaml +2 -2
- data/tests/platform_info.rb +3 -2
- data/tests/test_aaa_authentication_login.rb +219 -0
- data/tests/test_aaa_authentication_login_service.rb +759 -0
- data/tests/test_aaa_authorization_service.rb +1041 -0
- data/tests/test_ace.rb +160 -0
- data/tests/test_acl.rb +176 -0
- data/tests/test_bgp_af.rb +269 -13
- data/tests/test_bgp_neighbor.rb +38 -40
- data/tests/test_bgp_neighbor_af.rb +92 -32
- data/tests/test_command_config.rb +5 -5
- data/tests/test_command_reference.rb +284 -101
- data/tests/test_dns_domain.rb +1 -1
- data/tests/test_domain_name.rb +1 -1
- data/tests/test_evpn_vni.rb +106 -0
- data/tests/test_fabricpath_global.rb +243 -0
- data/tests/test_fabricpath_topology.rb +98 -0
- data/tests/test_interface.rb +292 -74
- data/tests/test_interface_channel_group.rb +74 -0
- data/tests/test_interface_ospf.rb +9 -4
- data/tests/test_interface_portchannel.rb +105 -0
- data/tests/test_interface_service_vni.rb +232 -0
- data/tests/test_interface_svi.rb +77 -62
- data/tests/test_interface_switchport.rb +17 -5
- data/tests/test_name_server.rb +1 -1
- data/tests/test_node.rb +1 -1
- data/tests/test_node_ext.rb +10 -20
- data/tests/test_ntp_config.rb +1 -1
- data/tests/test_ntp_server.rb +18 -6
- data/tests/test_overlay_global.rb +102 -0
- data/tests/test_pim.rb +177 -0
- data/tests/test_pim_group_list.rb +181 -0
- data/tests/test_pim_rp_address.rb +153 -0
- data/tests/test_platform.rb +3 -3
- data/tests/test_portchannel_global.rb +202 -0
- data/tests/test_radius_global.rb +1 -1
- data/tests/test_radius_server.rb +92 -57
- data/tests/test_radius_server_group.rb +149 -0
- data/tests/test_router_bgp.rb +283 -112
- data/tests/test_router_ospf.rb +2 -2
- data/tests/test_router_ospf_vrf.rb +4 -4
- data/tests/test_snmp_notification_receiver.rb +167 -0
- data/tests/test_snmpcommunity.rb +1 -1
- data/tests/test_snmpgroup.rb +1 -1
- data/tests/test_snmpnotification.rb +72 -0
- data/tests/test_snmpserver.rb +29 -105
- data/tests/test_snmpuser.rb +32 -30
- data/tests/test_syslog_server.rb +36 -10
- data/tests/test_syslog_settings.rb +1 -1
- data/tests/test_tacacs_server.rb +1 -1
- data/tests/test_tacacs_server_group.rb +405 -0
- data/tests/test_tacacs_server_host.rb +1 -1
- data/tests/test_vdc.rb +78 -0
- data/tests/test_vlan.rb +74 -19
- data/tests/test_vlan_mt_full.rb +95 -0
- data/tests/test_vni.rb +106 -0
- data/tests/test_vpc.rb +361 -0
- data/tests/test_vrf.rb +172 -29
- data/tests/test_vtp.rb +1 -1
- data/tests/test_vxlan_vtep.rb +214 -0
- data/tests/test_vxlan_vtep_vni.rb +201 -0
- data/tests/test_yum.rb +1 -1
- metadata +120 -11
- data/lib/cisco_node_utils/README_YAML.md +0 -325
- data/lib/cisco_node_utils/command_reference_common.yaml +0 -1051
- data/lib/cisco_node_utils/command_reference_common_bgp.yaml +0 -535
- data/lib/cisco_node_utils/command_reference_n3064.yaml +0 -13
- data/lib/cisco_node_utils/command_reference_n7k.yaml +0 -52
- data/lib/cisco_node_utils/command_reference_n9k.yaml +0 -26
- data/tests/platform_info.yaml +0 -10
@@ -1,6 +1,6 @@
|
|
1
1
|
# November 2014, Alex Hunsberger
|
2
2
|
#
|
3
|
-
# Copyright (c) 2014-
|
3
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
4
4
|
#
|
5
5
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
6
|
# you may not use this file except in compliance with the License.
|
@@ -20,9 +20,7 @@ module Cisco
|
|
20
20
|
# SnmpServer - node utility class for SNMP server management
|
21
21
|
class SnmpServer < NodeUtil
|
22
22
|
def aaa_user_cache_timeout
|
23
|
-
|
24
|
-
# regex in yaml returns an array result, use .first to get match
|
25
|
-
match.nil? ? default_aaa_user_cache_timeout : match.first.to_i
|
23
|
+
config_get('snmp_server', 'aaa_user_cache_timeout')
|
26
24
|
end
|
27
25
|
|
28
26
|
def aaa_user_cache_timeout=(timeout)
|
@@ -75,9 +73,7 @@ module Cisco
|
|
75
73
|
end
|
76
74
|
|
77
75
|
def packet_size
|
78
|
-
|
79
|
-
# regex in yaml returns an array result, use .first to get match
|
80
|
-
match.nil? ? default_packet_size : match.first.to_i
|
76
|
+
config_get('snmp_server', 'packet_size')
|
81
77
|
end
|
82
78
|
|
83
79
|
def packet_size=(size)
|
@@ -94,7 +90,7 @@ module Cisco
|
|
94
90
|
end
|
95
91
|
|
96
92
|
def global_enforce_priv?
|
97
|
-
|
93
|
+
config_get('snmp_server', 'global_enforce_priv')
|
98
94
|
end
|
99
95
|
|
100
96
|
def global_enforce_priv=(enforce)
|
@@ -110,16 +106,12 @@ module Cisco
|
|
110
106
|
end
|
111
107
|
|
112
108
|
def protocol?
|
113
|
-
|
114
|
-
!match.nil? && match.include?('Enable')
|
109
|
+
config_get('snmp_server', 'protocol')
|
115
110
|
end
|
116
111
|
|
117
112
|
def protocol=(enable)
|
118
|
-
|
119
|
-
|
120
|
-
else
|
121
|
-
config_set('snmp_server', 'protocol', 'no')
|
122
|
-
end
|
113
|
+
no_cmd = (enable ? '' : 'no')
|
114
|
+
config_set('snmp_server', 'protocol', no_cmd)
|
123
115
|
end
|
124
116
|
|
125
117
|
def default_protocol
|
@@ -127,8 +119,7 @@ module Cisco
|
|
127
119
|
end
|
128
120
|
|
129
121
|
def tcp_session_auth?
|
130
|
-
|
131
|
-
!match.nil? && match.include?('Enabled')
|
122
|
+
config_get('snmp_server', 'tcp_session_auth')
|
132
123
|
end
|
133
124
|
|
134
125
|
def tcp_session_auth=(enable)
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2014-
|
1
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
2
2
|
#
|
3
3
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
4
|
# you may not use this file except in compliance with the License.
|
@@ -74,32 +74,39 @@ module Cisco
|
|
74
74
|
end
|
75
75
|
end
|
76
76
|
|
77
|
-
ENGINE_ID_PATTERN = /([0-9]{1,3}(:[0-9]{1,3}){4,31})/
|
78
77
|
def self.users
|
79
78
|
users_hash = {}
|
80
79
|
# config_get returns hash if 1 user, array if multiple, nil if none
|
81
80
|
users = config_get('snmp_user', 'user')
|
82
81
|
return users_hash if users.nil?
|
83
|
-
users = [users] if users.is_a?(Hash)
|
84
82
|
users.each do |user|
|
85
|
-
|
86
|
-
|
87
|
-
|
83
|
+
# n7k has enforcepriv, use-ipv*acl, avoid them
|
84
|
+
next if user[/(enforcePriv|use-ipv4acl|use-ipv6acl)/]
|
85
|
+
user_var_hash = _get_snmp_user_parse(user)
|
86
|
+
name = user_var_hash[:name]
|
87
|
+
engineid = user_var_hash[:engineid]
|
88
|
+
if engineid.empty?
|
88
89
|
index = name
|
89
90
|
else
|
90
|
-
|
91
|
-
index = name + ' ' + engineid_str
|
91
|
+
index = name + ' ' + engineid
|
92
92
|
end
|
93
|
-
auth =
|
94
|
-
priv =
|
95
|
-
|
93
|
+
auth = user_var_hash[:auth]
|
94
|
+
priv = user_var_hash[:priv]
|
96
95
|
groups_arr = []
|
97
|
-
groups
|
98
|
-
|
96
|
+
# take care of multiple groups here
|
97
|
+
# if the name already exists in hash
|
98
|
+
# get all the previous properties
|
99
|
+
if users_hash.key?(index)
|
100
|
+
groups_arr = users_hash[index].groups
|
101
|
+
auth = users_hash[index].auth_protocol
|
102
|
+
priv = users_hash[index].priv_protocol
|
103
|
+
end
|
99
104
|
|
100
|
-
|
105
|
+
# add the group to the array
|
106
|
+
groups_arr << _get_group_arr(user_var_hash)
|
107
|
+
users_hash[index] = SnmpUser.new(name, groups_arr.flatten, auth,
|
101
108
|
'', priv, '', false,
|
102
|
-
engineid
|
109
|
+
engineid,
|
103
110
|
false)
|
104
111
|
end
|
105
112
|
users_hash
|
@@ -147,11 +154,11 @@ module Cisco
|
|
147
154
|
def self.auth_password(name, engine_id)
|
148
155
|
if engine_id.empty?
|
149
156
|
users = config_get('snmp_user', 'auth_password')
|
150
|
-
return nil if users.nil?
|
157
|
+
return nil if users.nil? || users.empty?
|
151
158
|
users.each_entry { |user| return user[1] if user[0] == name }
|
152
159
|
else
|
153
160
|
users = config_get('snmp_user', 'auth_password_with_engine_id')
|
154
|
-
return nil if users.nil?
|
161
|
+
return nil if users.nil? || users.empty?
|
155
162
|
users.each_entry do |user|
|
156
163
|
return user[1] if user[0] == name && user[2] == engine_id
|
157
164
|
end
|
@@ -170,12 +177,12 @@ module Cisco
|
|
170
177
|
def self.priv_password(name, engine_id)
|
171
178
|
if engine_id.empty?
|
172
179
|
users = config_get('snmp_user', 'priv_password')
|
173
|
-
unless users.nil?
|
180
|
+
unless users.nil? || users.empty?
|
174
181
|
users.each_entry { |user| return user[1] if user[0] == name }
|
175
182
|
end
|
176
183
|
else
|
177
184
|
users = config_get('snmp_user', 'priv_password_with_engine_id')
|
178
|
-
unless users.nil?
|
185
|
+
unless users.nil? || users.empty?
|
179
186
|
users.each_entry do |user|
|
180
187
|
return user[1] if user[0] == name && user[2] == engine_id
|
181
188
|
end
|
@@ -297,6 +304,47 @@ module Cisco
|
|
297
304
|
|
298
305
|
private
|
299
306
|
|
307
|
+
def self._get_snmp_user_parse(user)
|
308
|
+
user_var = {}
|
309
|
+
lparams = user.split
|
310
|
+
name = lparams[0]
|
311
|
+
engineid_index = lparams.index('engineID')
|
312
|
+
auth_index = lparams.index('auth')
|
313
|
+
priv_index = lparams.index('priv')
|
314
|
+
# engineID always comes after engineid_index
|
315
|
+
engineid = engineid_index.nil? ? '' : lparams[engineid_index + 1]
|
316
|
+
# authproto always comes after auth_index
|
317
|
+
aut = auth_index.nil? ? '' : lparams[auth_index + 1]
|
318
|
+
# privproto always comes after priv_index if priv exists
|
319
|
+
pri = priv_index.nil? ? '' : lparams[priv_index + 1]
|
320
|
+
# for the empty priv protocol default
|
321
|
+
pri = 'des' unless pri.empty? || pri == 'aes-128'
|
322
|
+
auth = _auth_str_to_sym(aut)
|
323
|
+
priv = _priv_str_to_sym(pri)
|
324
|
+
user_var[:name] = name
|
325
|
+
user_var[:engineid] = engineid
|
326
|
+
user_var[:auth] = auth
|
327
|
+
user_var[:priv] = priv
|
328
|
+
user_var[:auth_index] = auth_index
|
329
|
+
user_var[:engineid_index] = engineid_index
|
330
|
+
# group may or may not exist but it is always after name
|
331
|
+
# lparams[1] can be group, it is not known here,
|
332
|
+
# but will be determined in the _get_group_arr method
|
333
|
+
user_var[:group] = lparams[1]
|
334
|
+
user_var
|
335
|
+
end
|
336
|
+
|
337
|
+
def self._get_group_arr(user_var_hash)
|
338
|
+
user_groups = []
|
339
|
+
auth_index = user_var_hash[:auth_index]
|
340
|
+
engineid_index = user_var_hash[:engineid_index]
|
341
|
+
# after the name it can be group or auth or engineID
|
342
|
+
# so filter it properly
|
343
|
+
user_groups << user_var_hash[:group] unless auth_index == 1 ||
|
344
|
+
engineid_index == 1
|
345
|
+
user_groups
|
346
|
+
end
|
347
|
+
|
300
348
|
def _auth_sym_to_str(sym)
|
301
349
|
case sym
|
302
350
|
when :sha
|
@@ -349,14 +397,5 @@ module Cisco
|
|
349
397
|
return :none
|
350
398
|
end
|
351
399
|
end
|
352
|
-
|
353
|
-
def self._user_to_groups(user_hash)
|
354
|
-
return [] if user_hash.nil?
|
355
|
-
groups = user_hash['TABLE_groups']['ROW_groups'] unless
|
356
|
-
user_hash['TABLE_groups'].nil?
|
357
|
-
return [] if groups.nil?
|
358
|
-
groups = [groups] if groups.is_a?(Hash)
|
359
|
-
groups
|
360
|
-
end
|
361
400
|
end
|
362
401
|
end
|
@@ -2,7 +2,7 @@
|
|
2
2
|
#
|
3
3
|
# Jonathan Tripathy et al., September 2015
|
4
4
|
#
|
5
|
-
# Copyright (c) 2014-
|
5
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
6
6
|
#
|
7
7
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
8
8
|
# you may not use this file except in compliance with the License.
|
@@ -31,10 +31,10 @@ module Cisco
|
|
31
31
|
fail TypeError unless name.length > 0
|
32
32
|
@name = name
|
33
33
|
|
34
|
-
fail TypeError unless level.is_a?(Integer)
|
34
|
+
fail TypeError unless level.is_a?(Integer) || level.nil?
|
35
35
|
@level = level
|
36
36
|
|
37
|
-
fail TypeError unless vrf.is_a?(String)
|
37
|
+
fail TypeError unless vrf.is_a?(String) || vrf.nil?
|
38
38
|
@vrf = vrf
|
39
39
|
|
40
40
|
create if instantiate
|
@@ -48,14 +48,8 @@ module Cisco
|
|
48
48
|
|
49
49
|
syslogservers_list.each do |id|
|
50
50
|
level = config_get('syslog_server', 'level', id)
|
51
|
-
level = level[0].to_i unless level.nil?
|
52
51
|
|
53
52
|
vrf = config_get('syslog_server', 'vrf', id)
|
54
|
-
if vrf.nil?
|
55
|
-
vrf = 'default'
|
56
|
-
else
|
57
|
-
vrf = vrf[0]
|
58
|
-
end
|
59
53
|
|
60
54
|
hash[id] = SyslogServer.new(id, level, vrf, false)
|
61
55
|
end
|
@@ -2,7 +2,7 @@
|
|
2
2
|
#
|
3
3
|
# Jonathan Tripathy et al., September 2015
|
4
4
|
#
|
5
|
-
# Copyright (c) 2014-
|
5
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
6
6
|
#
|
7
7
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
8
8
|
# you may not use this file except in compliance with the License.
|
@@ -43,15 +43,7 @@ module Cisco
|
|
43
43
|
end
|
44
44
|
|
45
45
|
def timestamp
|
46
|
-
|
47
|
-
if timestamp.nil?
|
48
|
-
# NXOS doesn't show if timestamp units is set to seconds, so we assume
|
49
|
-
# that no config displayed means that the parameter is set to seconds.
|
50
|
-
timestamp = config_get_default('syslog_settings', 'timestamp')
|
51
|
-
else
|
52
|
-
timestamp = config_get('syslog_settings', 'timestamp')[0]
|
53
|
-
end
|
54
|
-
timestamp
|
46
|
+
config_get('syslog_settings', 'timestamp')
|
55
47
|
end
|
56
48
|
|
57
49
|
def timestamp=(val)
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# Mike Wiebe, January 2015
|
2
2
|
#
|
3
|
-
# Copyright (c) 2015 Cisco and/or its affiliates.
|
3
|
+
# Copyright (c) 2015-2016 Cisco and/or its affiliates.
|
4
4
|
#
|
5
5
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
6
|
# you may not use this file except in compliance with the License.
|
@@ -30,8 +30,7 @@ module Cisco
|
|
30
30
|
|
31
31
|
# Check feature enablement
|
32
32
|
def self.enabled
|
33
|
-
|
34
|
-
return !(feat.nil? || feat.empty?)
|
33
|
+
config_get('tacacs_server', 'feature')
|
35
34
|
rescue Cisco::CliError => e
|
36
35
|
# cmd will syntax reject when feature is not enabled
|
37
36
|
raise unless e.clierror =~ /Syntax error/
|
@@ -61,8 +60,7 @@ module Cisco
|
|
61
60
|
|
62
61
|
# Get timeout
|
63
62
|
def timeout
|
64
|
-
|
65
|
-
match.nil? ? TacacsServer.default_timeout : match.first.to_i
|
63
|
+
config_get('tacacs_server', 'timeout')
|
66
64
|
end
|
67
65
|
|
68
66
|
# Get default timeout
|
@@ -79,8 +77,7 @@ module Cisco
|
|
79
77
|
|
80
78
|
# Get deadtime
|
81
79
|
def deadtime
|
82
|
-
|
83
|
-
match.nil? ? TacacsServer.default_deadtime : match.first.to_i
|
80
|
+
config_get('tacacs_server', 'deadtime')
|
84
81
|
end
|
85
82
|
|
86
83
|
# Get default deadtime
|
@@ -100,9 +97,7 @@ module Cisco
|
|
100
97
|
|
101
98
|
# Check if directed request is enabled
|
102
99
|
def directed_request?
|
103
|
-
|
104
|
-
return TacacsServer.default_directed_request if match.nil?
|
105
|
-
match.first[/^no/] ? false : true
|
100
|
+
config_get('tacacs_server', 'directed_request')
|
106
101
|
end
|
107
102
|
|
108
103
|
# Get default directed_request
|
@@ -126,10 +121,10 @@ module Cisco
|
|
126
121
|
# ip tacacs source-interface Ethernet1/1
|
127
122
|
# no tacacs source-interface
|
128
123
|
match = config_get('tacacs_server', 'source_interface')
|
129
|
-
return TacacsServer.default_source_interface if match.
|
124
|
+
return TacacsServer.default_source_interface if match.empty?
|
130
125
|
# match_data will contain one of the following
|
131
126
|
# [nil, " Ethernet1/1"] or ["no", nil]
|
132
|
-
match[0]
|
127
|
+
match[0] == 'no' ? TacacsServer.default_source_interface : match[1]
|
133
128
|
end
|
134
129
|
|
135
130
|
# Get default source interface
|
@@ -140,7 +135,7 @@ module Cisco
|
|
140
135
|
# Get encryption type used for the key
|
141
136
|
def encryption_type
|
142
137
|
match = config_get('tacacs_server', 'encryption_type')
|
143
|
-
match.nil? ? TACACS_SERVER_ENC_UNKNOWN : match[0]
|
138
|
+
match.nil? ? TACACS_SERVER_ENC_UNKNOWN : match[0].to_i
|
144
139
|
end
|
145
140
|
|
146
141
|
# Get default encryption type
|
@@ -151,7 +146,7 @@ module Cisco
|
|
151
146
|
# Get encryption password
|
152
147
|
def encryption_password
|
153
148
|
match = config_get('tacacs_server', 'encryption_password')
|
154
|
-
match.
|
149
|
+
match.empty? ? TacacsServer.default_encryption_password : match[1]
|
155
150
|
end
|
156
151
|
|
157
152
|
# Get default encryption password
|
@@ -0,0 +1,145 @@
|
|
1
|
+
#
|
2
|
+
# NXAPI implementation of TacacsServerGroup class
|
3
|
+
#
|
4
|
+
# April 2015, Alex Hunsberger
|
5
|
+
#
|
6
|
+
# Copyright (c) 2015-2016 Cisco and/or its affiliates.
|
7
|
+
#
|
8
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
9
|
+
# you may not use this file except in compliance with the License.
|
10
|
+
# You may obtain a copy of the License at
|
11
|
+
#
|
12
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
13
|
+
#
|
14
|
+
# Unless required by applicable law or agreed to in writing, software
|
15
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
16
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
17
|
+
# See the License for the specific language governing permissions and
|
18
|
+
# limitations under the License.
|
19
|
+
|
20
|
+
require_relative 'node_util'
|
21
|
+
require_relative 'tacacs_server'
|
22
|
+
|
23
|
+
module Cisco
|
24
|
+
# NXAPI implementation of AAA Server Group class
|
25
|
+
class TacacsServerGroup < NodeUtil
|
26
|
+
attr_reader :name
|
27
|
+
|
28
|
+
def initialize(name, create=true)
|
29
|
+
fail TypeError unless name.is_a? String
|
30
|
+
@name = name
|
31
|
+
|
32
|
+
return unless create
|
33
|
+
|
34
|
+
TacacsServer.new.enable unless TacacsServer.enabled
|
35
|
+
config_set('tacacs_server_group', 'group', state: '', name: name)
|
36
|
+
end
|
37
|
+
|
38
|
+
def destroy
|
39
|
+
config_set('tacacs_server_group', 'group', state: 'no', name: @name)
|
40
|
+
end
|
41
|
+
|
42
|
+
def servers
|
43
|
+
config_get('tacacs_server_group', 'servers', @name)
|
44
|
+
end
|
45
|
+
|
46
|
+
def servers=(new_servs)
|
47
|
+
fail TypeError unless new_servs.is_a? Array
|
48
|
+
current_servs = servers
|
49
|
+
new_servs.each do |s|
|
50
|
+
# add any servers not yet configured
|
51
|
+
next if current_servs.include? s
|
52
|
+
config_set('tacacs_server_group',
|
53
|
+
'servers',
|
54
|
+
name: @name,
|
55
|
+
state: '',
|
56
|
+
server: s)
|
57
|
+
end
|
58
|
+
current_servs.each do |s|
|
59
|
+
# remove any undesired existing servers
|
60
|
+
next if new_servs.include? s
|
61
|
+
config_set('tacacs_server_group',
|
62
|
+
'servers',
|
63
|
+
name: @name,
|
64
|
+
state: 'no',
|
65
|
+
server: s)
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def default_servers
|
70
|
+
config_get_default('tacacs_server_group', 'servers')
|
71
|
+
end
|
72
|
+
|
73
|
+
def ==(other)
|
74
|
+
name == other.name
|
75
|
+
end
|
76
|
+
|
77
|
+
# for netdev compatibility
|
78
|
+
def self.tacacs_server_groups
|
79
|
+
groups
|
80
|
+
end
|
81
|
+
|
82
|
+
def self.groups
|
83
|
+
grps = {}
|
84
|
+
tacgroups = config_get('tacacs_server_group', 'group') if
|
85
|
+
TacacsServer.enabled
|
86
|
+
unless tacgroups.nil?
|
87
|
+
tacgroups.each { |s| grps[s] = TacacsServerGroup.new(s, false) }
|
88
|
+
end
|
89
|
+
grps
|
90
|
+
end
|
91
|
+
|
92
|
+
def vrf
|
93
|
+
# vrf is always present in running config
|
94
|
+
v = config_get('tacacs_server_group', 'vrf', @name)
|
95
|
+
v.nil? ? default_vrf : v
|
96
|
+
end
|
97
|
+
|
98
|
+
def vrf=(v)
|
99
|
+
fail TypeError unless v.is_a? String
|
100
|
+
# vrf = "default" is equivalent to unconfiguring vrf
|
101
|
+
config_set('tacacs_server_group', 'vrf', name: @name, state: '', vrf: v)
|
102
|
+
end
|
103
|
+
|
104
|
+
def default_vrf
|
105
|
+
config_get_default('tacacs_server_group', 'vrf')
|
106
|
+
end
|
107
|
+
|
108
|
+
def deadtime
|
109
|
+
d = config_get('tacacs_server_group', 'deadtime', @name)
|
110
|
+
d.nil? ? default_deadtime : d.to_i
|
111
|
+
end
|
112
|
+
|
113
|
+
def deadtime=(t)
|
114
|
+
no_cmd = t == default_deadtime ? 'no' : ''
|
115
|
+
config_set('tacacs_server_group',
|
116
|
+
'deadtime',
|
117
|
+
name: @name,
|
118
|
+
state: no_cmd,
|
119
|
+
deadtime: t)
|
120
|
+
end
|
121
|
+
|
122
|
+
def default_deadtime
|
123
|
+
config_get_default('tacacs_server_group', 'deadtime')
|
124
|
+
end
|
125
|
+
|
126
|
+
def source_interface
|
127
|
+
i = config_get('tacacs_server_group', 'source_interface', @name)
|
128
|
+
i.nil? ? default_source_interface : i
|
129
|
+
end
|
130
|
+
|
131
|
+
def source_interface=(s)
|
132
|
+
fail TypeError unless s.is_a? String
|
133
|
+
no_cmd = s == default_source_interface ? 'no' : ''
|
134
|
+
config_set('tacacs_server_group',
|
135
|
+
'source_interface',
|
136
|
+
name: @name,
|
137
|
+
state: no_cmd,
|
138
|
+
interface: s)
|
139
|
+
end
|
140
|
+
|
141
|
+
def default_source_interface
|
142
|
+
config_get_default('tacacs_server_group', 'source_interface')
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|