cisco_node_utils 1.9.0 → 1.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f41913654bc402d2a30d3c2345e0ac1fbd587ffe
-  data.tar.gz: a20bebaeb60c419708f83b078c8f5e61464788ec
+  metadata.gz: db160cf1dedda53f077ad5e3c246a7106be834ea
+  data.tar.gz: 31eac56721204dbbf673355acaa1dd5591af3ed3
 SHA512:
-  metadata.gz: daed7260c5c3b320216186f6c10ed0468bf78a6c5038b8bd6a0d5521e61dc606088ba505feda784318e6cf9800b7dfb8414824db66e8950193df8a877f76db22
-  data.tar.gz: fbab02d4e41a802249bc5b30b1b87392392f5f4cba319c554e825d8bed79ae3bf26a5186d640219b7d0e2da5472b50a2c18f850f31e232e15ee3c15db04f39bb
+  metadata.gz: d6330230a4a619e0e497d5c79d5757bfe3141e53605550033fdcfcb9f4e8cfafd93e8aa2a457fd4989ff40c636001f6a070475736abf30c1cd72eb0a09126db5
+  data.tar.gz: ac35c7431032dddce3c7fbc92c20028a6843fb25314e218925e1fa37610e6735e0a593e4aaa04ca2812182e20aa96a3d43205e436d5d2c655f850c828fddf78b

data/CHANGELOG.md

@@ -1,6 +1,39 @@
 Changelog
 =========
 
+## [v1.10.0]
+
+### New Cisco Resources
+
+### Added
+* Added syslog_facility with attribute:
+  * `level`
+* Extend syslog_server with attribute:
+  * `facility`
+* Extend interface with attributes:
+   * `ipv6_redirects`
+* Extend ace with attributes:
+   * `proto_option`
+   * `vlan`
+   * `set_erspan_dscp`
+   * `set_erspan_gre_proto`
+* Extend network_dns with attributes:
+  * `hostname`
+* Added ability to specify environment at run time
+
+Example:
+```ruby
+env = { host: '192.168.1.1', port: nil, username: 'admin', password: 'admin123', cookie: nil }
+Cisco::Environment.add_env('default', env)
+```
+
+### Changed
+
+### Removed
+
+### Issues Addressed
+* Removed default values for authentication in `interface_hsrp_group`
+
 ## [v1.9.0]
 
 ### New Cisco Resources
@@ -554,6 +587,7 @@ Changelog
 [git-flow]: https://github.com/petervanderdoes/gitflow-avh
 [SimpleCov]: https://github.com/colszowka/simplecov
 
+[v1.10.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.9.0...v1.10.0
 [v1.9.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.8.0...v1.9.0
 [v1.8.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.7.0...v1.8.0
 [v1.7.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.6.0...v1.7.0

data/README.md

@@ -85,6 +85,14 @@ An example configuration file (illustrating each of the above scenarios) is prov
 
 *For security purposes, it is highly recommended that access to this file be restricted to only the owning user (`chmod 0600`).*
 
+Configuration may also be specified at runtime and can be used in the absence of configuration files or to override them.
+
+Example:
+```ruby
+env = { host: '192.168.1.1', port: nil, username: 'admin', password: 'admin123', cookie: nil }
+Cisco::Environment.add_env('default', env)
+```
+
 ## <a name="documentation">Documentation</a>
 
 ### Client
@@ -151,12 +159,18 @@ client2 = Cisco::Client.create('n9k')
 # Warning: Make sure to exclude devices using the 'no_proxy' environment variable
 # to ensure successful remote connections.
 
+# Add runtime configuration for remote device and connect
+env = { host: '192.168.1.1', port: nil, username: 'admin', password: 'admin123', cookie: nil }
+Cisco::Environment.add_env('remote', env)
+client3 = Cisco::Client.create('remote')
+
 # Use connections to get and set device state.
 client1.set(values: 'feature vtp')
 client1.set(values: 'vtp domain mycompany.com')
 puts client1.get(command: 'show vtp status | inc Domain')
 
 puts client2.get(command: 'show version')
+puts client3.get(command: 'show version')
 ```
 
 #### High-level Node API

data/ext/mkrf_conf.rb

@@ -37,7 +37,7 @@ begin
   os == 'ios_xr' || deps << Gem::Dependency.new('net_http_unix',
                                                 '~> 0.2', '>= 0.2.1')
   # NX-OS doesn't need gRPC
-  os == 'nexus' || deps << Gem::Dependency.new('grpc', '~> 0.12')
+  os == 'nexus' || deps << Gem::Dependency.new('grpc', '~> 1.14.1')
 
   deps.each do |dep|
     installed = dep.matching_specs

data/lib/cisco_node_utils/ace.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2015-2016 Cisco and/or its affiliates.
+# Copyright (c) 2015-2018 Cisco and/or its affiliates.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,6 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require 'ipaddr'
 require_relative 'node_util'
 
 module Cisco
@@ -73,6 +74,9 @@ module Cisco
       remark = Regexp.new('(?<seqno>\d+) remark (?<remark>.*)').match(str)
       return remark unless remark.nil?
 
+      # specialized icmp protocol handling
+      return icmp_ace_get(str) if str.include?('icmp')
+
       # rubocop:disable Metrics/LineLength
       regexp = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
                  ' *(?<proto>\d+|\S+)'\
@@ -95,6 +99,60 @@ module Cisco
       regexp.match(str)
     end
 
+    # icmp ace getter
+    def icmp_ace_get(str)
+      # rubocop:disable Metrics/LineLength
+      # fragments is nvgen at a different location than all other
+      # proto_option so get rid of it so as not to mess up other fields
+      str.sub!('fragments ', '')
+      regexp = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
+                 ' *(?<proto>\d+|\S+)'\
+                 ' *(?<src_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<dst_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<proto_option>\S+)?'\
+                 ' *(?<precedence>precedence \S+)?'\
+                 ' *(?<dscp>dscp \S+)?'\
+                 ' *(?<time_range>time-range \S+)?'\
+                 ' *(?<packet_length>packet-length (range \d+ \d+|(lt|eq|gt|neq) \d+))?'\
+                 ' *(?<ttl>ttl \d+)?'\
+                 ' *(?<vlan>vlan \d+)?'\
+                 ' *(?<set_erspan_gre_proto>set-erspan-gre-proto \d+)?'\
+                 ' *(?<set_erspan_dscp>set-erspan-dscp \d+)?'\
+                 ' *(?<redirect>redirect \S+)?')
+      regexp_no_proto_option = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
+                 ' *(?<proto>\d+|\S+)'\
+                 ' *(?<src_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<dst_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<precedence>precedence \S+)?'\
+                 ' *(?<dscp>dscp \S+)?'\
+                 ' *(?<time_range>time-range \S+)?'\
+                 ' *(?<packet_length>packet-length (range \d+ \d+|(lt|eq|gt|neq) \d+))?'\
+                 ' *(?<ttl>ttl \d+)?'\
+                 ' *(?<vlan>vlan \d+)?'\
+                 ' *(?<set_erspan_gre_proto>set-erspan-gre-proto \d+)?'\
+                 ' *(?<set_erspan_dscp>set-erspan-dscp \d+)?'\
+                 ' *(?<redirect>redirect \S+)?')
+      temp = regexp.match(str)
+      po = temp[:proto_option]
+      if po.nil?
+        return temp
+      # redirect can be proto_option or an actual redirect to interface
+      elsif po.strip.match(/redirect$/)
+        if str.match(/Ethernet|port-channel/)
+          # if proto_option is given as redirect and also redirect to intf
+          # we need to do extra processing
+          return temp if check_redirect_repeat(str)
+          return regexp_no_proto_option.match(str)
+        end
+      # the reserved keywords check
+      elsif po.strip.match(/precedence$|dscp$|time-range$|packet-length$|ttl$|vlan$|set-erspan-gre-proto$|set-erspan-dscp$|log$/)
+        return regexp_no_proto_option.match(str)
+      else
+        return temp
+      end
+      # rubocop:enable Metrics/LineLength
+    end
+
     # common ace setter. Put the values you need in a hash and pass it in.
     # attrs = {:action=>'permit', :proto=>'tcp', :src =>'host 1.1.1.1'}
     def ace_set(attrs)
@@ -130,6 +188,10 @@ module Cisco
          :tcp_option_length,
          :redirect,
          :log,
+         :proto_option,
+         :set_erspan_dscp,
+         :set_erspan_gre_proto,
+         :vlan,
         ].each do |p|
           attrs[p] = '' if attrs[p].nil?
           send(p.to_s + '=', attrs[p])
@@ -139,6 +201,21 @@ module Cisco
       config_set('acl', cmd, @set_args)
     end
 
+    def valid_ipv6?(addr)
+      begin
+        ret = IPAddr.new(addr.split[0]).ipv6?
+      rescue
+        ret = false
+      end
+      ret
+    end
+
+    def check_redirect_repeat(str)
+      return false unless str.include?('redirect')
+      nstr = str.sub('redirect', '').strip
+      nstr.include?('redirect') ? true : false
+    end
+
     # PROPERTIES
     # ----------
     def seqno
@@ -182,7 +259,7 @@ module Cisco
       return nil if match.nil? || !match.names.include?('src_addr')
       addr = match[:src_addr]
       # Normalize addr. Some platforms zero_pad ipv6 addrs.
-      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':')
+      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':') if valid_ipv6?(addr)
       addr
     end
 
@@ -205,7 +282,7 @@ module Cisco
       return nil if match.nil? || !match.names.include?('dst_addr')
       addr = match[:dst_addr]
       # Normalize addr. Some platforms zero_pad ipv6 addrs.
-      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':')
+      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':') if valid_ipv6?(addr)
       addr
     end
 
@@ -261,6 +338,49 @@ module Cisco
       @set_args[:dscp] = Utils.attach_prefix(dscp, :dscp)
     end
 
+    def vlan
+      Utils.extract_value(ace_get, 'vlan')
+    end
+
+    def vlan=(vlan)
+      @set_args[:vlan] = Utils.attach_prefix(vlan, :vlan)
+    end
+
+    def set_erspan_dscp
+      ret = Utils.extract_value(ace_get, 'set_erspan_dscp', 'set-erspan-dscp')
+      return ret if ret
+      # position of set_erspan_dscp is different in older release so check again
+      str = config_get('acl', 'ace', @get_args)
+      sstr = str.split
+      return sstr[sstr.index('set-erspan-dscp') + 1] if
+        sstr.include?('set-erspan-dscp')
+    end
+
+    def set_erspan_dscp=(set_erspan_dscp)
+      @set_args[:set_erspan_dscp] = Utils.attach_prefix(set_erspan_dscp,
+                                                        :set_erspan_dscp,
+                                                        'set-erspan-dscp')
+    end
+
+    def set_erspan_gre_proto
+      ret = Utils.extract_value(ace_get, 'set_erspan_gre_proto',
+                                'set-erspan-gre-proto')
+      return ret if ret
+      # position of set_erspan_gre_proto is different in older release
+      # so check again
+      str = config_get('acl', 'ace', @get_args)
+      sstr = str.split
+      return sstr[sstr.index('set-erspan-gre-proto') + 1] if
+        sstr.include?('set-erspan-gre-proto')
+    end
+
+    def set_erspan_gre_proto=(set_erspan_gre_proto)
+      @set_args[:set_erspan_gre_proto] =
+          Utils.attach_prefix(set_erspan_gre_proto,
+                              :set_erspan_gre_proto,
+                              'set-erspan-gre-proto')
+    end
+
     def time_range
       Utils.extract_value(ace_get, 'time_range', 'time-range')
     end
@@ -317,12 +437,27 @@ module Cisco
       @set_args[:redirect] = Utils.attach_prefix(redirect, :redirect)
     end
 
-    def log
+    def proto_option
       match = ace_get
+      return nil if match.nil? || proto != 'icmp' || !remark.nil?
+      # fragments is nvgen at a different location than all other
+      # proto_option
+      if config_get('acl', 'ace', @get_args).include?('fragments')
+        return 'fragments'
+      end
+      # log is special case
+      return nil if !match.names.include?('proto_option') ||
+                    match[:proto_option] == 'log'
+      match[:proto_option]
+    end
+
+    def proto_option=(proto_option)
+      @set_args[:proto_option] = proto_option
+    end
+
+    def log
       return nil unless remark.nil?
-      return false if match.nil?
-      return false unless match.names.include?('log')
-      match[:log] == 'log' ? true : false
+      config_get('acl', 'ace', @get_args).include?('log') ? true : false
     end
 
     def log=(log)

data/lib/cisco_node_utils/banner.rb

@@ -0,0 +1,63 @@
+# Banner provider class
+#
+# Rick Sherman et al., August 2018
+#
+# Copyright (c) 2014-2018 Cisco and/or its affiliates.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative 'node_util'
+
+module Cisco
+  # Banner - node utility class for Banner configuration management
+  class Banner < NodeUtil
+    attr_reader :name
+
+    def initialize(name)
+      fail TypeError unless name.is_a?(String)
+      fail ArgumentError,
+           "This provider only accepts an id of 'default'" \
+           unless name.eql?('default')
+      @name = name
+    end
+
+    def self.banners
+      hash = {}
+      hash['default'] = Banner.new('default')
+      hash
+    end
+
+    def ==(other)
+      name == other.name
+    end
+
+    def motd
+      config_get('banner', 'motd')
+    end
+
+    def motd=(val)
+      if val.nil? && (motd != default_motd)
+        config_set('banner', 'motd', state: 'no', motd: '')
+      elsif !val.nil?
+        config_set('banner',
+                   'motd',
+                   state: '',
+                   motd:  "^#{val.gsub(/\n/, '\\n')}^")
+      end
+    end
+
+    def default_motd
+      config_get_default('banner', 'motd')
+    end
+  end # class
+end # module

data/lib/cisco_node_utils/bridge_domain.rb

@@ -144,7 +144,7 @@ module Cisco
     # This type property can be defined only for one bd
     def fabric_control
       match = config_get('bridge_domain', 'fabric_control', bd: @bd_ids)
-      match == @bd_ids ? true : false
+      match.to_s == @bd_ids ? true : false
     end
 
     def fabric_control=(val)

data/lib/cisco_node_utils/cisco_cmn_utils.rb

@@ -362,7 +362,7 @@ module Cisco
     end # merge_range
 
     def self.add_quotes(value)
-      return value if image_version?(/7.3.0/)
+      return value if image_version?(/7.3/)
       value = "\"#{value}\"" unless
         value.start_with?('"') && value.end_with?('"')
       value

data/lib/cisco_node_utils/client/utils.rb

@@ -111,16 +111,26 @@ class Cisco::Client
       return input.map { |item| to_regexp(item) }
     else
       # The string might be explicitly formatted as a regexp
-      if input[0] == '/' && input[-1] == '/'
-        # '/foo/' => %r{foo}
-        return Regexp.new(input[1..-2])
-      elsif input[0] == '/' && input[-2..-1] == '/i'
-        # '/foo/i' => %r{foo}i
-        return Regexp.new(input[1..-3], Regexp::IGNORECASE)
-      else
-        # 'foo' => %r{^foo$}i
-        return Regexp.new("^#{input}$", Regexp::IGNORECASE)
+      # Dynamically handle modifiers
+      input.match(%r{(?<regex>^\/.*\/)(?<options>[imx]*)?}) do |m|
+        options = []
+        m['options'].each_char do |c|
+          case c
+          when 'i'
+            options << Regexp::IGNORECASE
+          when 'm'
+            options << Regexp::MULTILINE
+          when 'x'
+            options << Regexp::EXTENDED
+          end
+        end
+        return Regexp.new(m['regex'][1..-2], options.reduce(:|))
       end
+      # otherwise this value is a regular string
+      # convert to case insensitive regex
+      # 'foo' => %r{^foo$}i
+      return Regexp.new("^#{input}$", Regexp::IGNORECASE)
+
     end
   end
 
@@ -151,7 +161,7 @@ class Cisco::Client
           end
           return final
         end
-        fail "No key \"#{filter}\" in #{data}" if data[filter].nil?
+        fail "No key \"#{filter}\" in #{data}" unless data.key?(filter)
         data = data[filter]
       end
     end

data/lib/cisco_node_utils/cmd_ref/acl.yaml

@@ -12,7 +12,7 @@ _template:
 
 ace:
   get_value: '/^<seqno> .+$/'
-  set_value: '<state> <seqno> <action> <proto> <src_addr> <src_port> <dst_addr> <dst_port> <tcp_flags> <established> <precedence> <dscp> <http_method> <time_range> <packet_length> <ttl> <tcp_option_length> <redirect> <log>'
+  set_value: '<state> <seqno> <action> <proto> <src_addr> <src_port> <dst_addr> <dst_port> <proto_option> <tcp_flags> <established> <precedence> <dscp> <http_method> <time_range> <packet_length> <ttl> <tcp_option_length> <vlan> <redirect> <set_erspan_dscp> <set_erspan_gre_proto> <log>'
 
 ace_destroy:
   set_value: 'no <seqno>'