conpar 0.1.0 → 0.1.2

data/.coveralls.yml

@@ -0,0 +1 @@
+service_name: travis-ci

data/.travis.yml

@@ -1,7 +1,6 @@
 script: "bundle exec rake"
 language: ruby
 rvm:
-  - 1.9.2
   - 1.9.3
   - 2.0.0
   - 2.1.0

data/README.md

@@ -1,6 +1,8 @@
-# Conpar [![Build Status](https://travis-ci.org/CITguy/conpar.png?branch=master)](https://travis-ci.org/CITguy/conpar)
+# Conpar 
+[![Build Status](https://travis-ci.org/CITguy/conpar.png?branch=master)](https://travis-ci.org/CITguy/conpar)
+[![Coverage Status](https://coveralls.io/repos/CITguy/conpar/badge.png?branch=master)](https://coveralls.io/r/CITguy/conpar?branch=master)
 
-Conpar (short for **Con**figuration **Par**ser) is designed to be a flexible and extendable library for parsing through a Firewall configuration file by tokenizing the configuration directives into ruby objects for evaluation.
+Conpar (short for Configuration Parser) is designed to be a flexible and extendable library for parsing through a Firewall configuration file by tokenizing the configuration directives into ruby objects for evaluation.
 
 **NOTE**: This gem is still in a very _alpha_ state.  It currently only knows how to tokenize Comments and Access Lists for Cisco ASA firewall configurations.
 
@@ -20,10 +22,10 @@ Or install it yourself as:
 
 ## Supported Rubies
 
-**MRE 1.9.2, 1.9.3, 2.0.0, 2.1.0**
+**MRE 1.9.3, 2.0.0, 2.1.0**
 
-Versions prior to 1.9.2 will **NOT** be supported with this gem.
-Since 1.8.7 and ree are EOL, they no longer desirable to code against.
+Versions prior to 1.9.3 will **NOT** be supported with this gem.
+Since 1.8.7 and ree are EOL, they no longer desirable to code against. Also, there are some incompatibilities with ruby 1.9.2.
 
 ## Usage
 

data/conpar.gemspec

@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "guard"
   spec.add_development_dependency "guard-rspec"
   spec.add_development_dependency "pry"
+
+  spec.add_development_dependency "coveralls"
 end

data/lib/conpar/directive/access_list.rb

@@ -14,6 +14,7 @@ module Conpar
         if line =~ SIGNATURE
           # Deeper ACL Testing - Which type of ACL is it?
           [
+            Remark,
             Standard,
             Extended,
             WebType,

data/lib/conpar/directive/access_list/_all.rb

@@ -6,6 +6,7 @@
   ether_type
   web_type
   unknown_type
+  remark
 ].each do |src|
   require_relative "#{src}"
 end

data/lib/conpar/directive/access_list/base.rb

@@ -5,6 +5,8 @@ module Conpar
       class Base < Conpar::Directive::Base
         SIGNATURE = /^(access-list)\b/
 
+        NAME = /[^\s\t]+/ # any non-line-breaking whitespace
+
         def initialize(content="", options={})
           super
           @ilk = :access_list

data/lib/conpar/directive/access_list/ether_type.rb

@@ -4,20 +4,20 @@ module Conpar
       # Class that maps directly to Cisco ethertype ACL definition
       # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_ethertype.html
       class EtherType < Base
-        SIGNATURE = /^(access-list)\b.*\b(ethertype)\b/i
+        SIGNATURE = /^(access-list)\b.*\s(ethertype)\s/i
 
         def initialize(content="", options={})
           super
 
           @sub_ilk = "ethertype"
 
-          parse_regex = %r/
-            (access-list)\s* # Directive Signature
-            (?<name>[\-\w]+)\s* # ACL Name
-            (?<type>(ethertype))\s* # Ethertype ACL Type
+          parse_regex = %r/^
+            (access-list)\s*                 # Directive Signature
+            (?<name>#{NAME})\s*              # ACL Name
+            (?<type>(ethertype))\s*          # Ethertype ACL Type
             (?<permission>(permit|deny))?\s* # permit or deny
             (?<rule>.+)
-          /x
+          $/x
           @match_data = parse_regex.match(@content)
 
           self
@@ -29,11 +29,7 @@ module Conpar
           :rule
         ].each do |m|
           define_method(m) do
-            begin
-              @match_data[m]
-            rescue IndexError
-              nil
-            end
+            @match_data[m]
           end
         end
 

data/lib/conpar/directive/access_list/extended.rb

@@ -4,7 +4,7 @@ module Conpar
       # Class that maps directly to Cisco extended ACL definition
       # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_extended.html
       class Extended < Base
-        SIGNATURE = /^(access-list)\b.*\b(extended)\b/i
+        SIGNATURE = /^(access-list)\b.*\s(extended)\s/i
 
         def initialize(content="", options={})
           super
@@ -20,9 +20,9 @@ module Conpar
           # {deny | permit} protocol_argument source_address_argument dest_address_argument
           # [log [[level] [interval secs] | disable | default]]
           # [inactive | time-range time_range_name]
-          parse_regex = %r/
+          parse_regex = %r/^
             (access-list)\s*                 # Directive Signature
-            (?<name>[\-\w]+)\s*              # ACL Name
+            (?<name>#{NAME})\s*              # ACL Name
             (line\s+(?<line>\d+))?\s*        # (optional) line number
             (?<type>extended)\s*             # ACL type
             (?<permission>(permit|deny))?\s* # permit or deny
@@ -43,11 +43,7 @@ module Conpar
           :protocol
         ].each do |m|
           define_method(m) do
-            begin
-              @match_data[m]
-            rescue IndexError
-              nil
-            end
+            @match_data[m]
           end
         end
       end

data/lib/conpar/directive/access_list/remark.rb

@@ -0,0 +1,34 @@
+module Conpar
+  module Directive
+    module AccessList
+      # Class that maps directly to Cisco Commented ACL
+      # See http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html#comments
+      class Remark < Base
+        SIGNATURE = /^(access-list)\b.*\b(remark)\b/i
+
+        def initialize(content="", options={})
+          super
+          @sub_ilk = "remark"
+
+          # access-list access_list_name remark remark_content
+          parse_regex = %r/^
+            (access-list)\s* # Directive Signature
+            (?<name>#{NAME})\s* # ACL Name
+            (?<type>remark)\s* # ACL Type
+            (?<remark>.+) # Everything else on line
+          $/x
+          @match_data = parse_regex.match(@content)
+        end#initialize
+
+        [ :name,
+          :type,
+          :remark
+        ].each do |m|
+          define_method(m) do
+            @match_data[m]
+          end
+        end
+      end#Remark
+    end#AccessList
+  end#Directive
+end#Conpar

data/lib/conpar/directive/access_list/standard.rb

@@ -4,16 +4,16 @@ module Conpar
       # Class that maps directly to Cisco standard ACL definition
       # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_standard.html
       class Standard < Base
-        SIGNATURE = /^(access-list)\b.*\b(standard)\b/i
+        SIGNATURE = /^(access-list)\b.*\s(standard)\s/i
 
         def initialize(content="", options={})
           super
 
           @sub_ilk = "standard"
 
-          parse_regex = %r/
+          parse_regex = %r/^
             (access-list)\s*                 # Directive signature
-            (?<name>[\-\w]+)\s*              # ACL Name
+            (?<name>#{NAME})\s*              # ACL Name
             (?<type>(standard))\s*           # Standard ACL Type
             (?<permission>(permit|deny))?\s* # permit or deny
             (?<rule>.+)                      # Everything else on line
@@ -29,11 +29,7 @@ module Conpar
           :rule
         ].each do |m|
           define_method(m) do
-            begin
-              @match_data[m]
-            rescue IndexError
-              nil
-            end
+            @match_data[m]
           end
         end
       end

data/lib/conpar/directive/access_list/web_type.rb

@@ -4,20 +4,20 @@ module Conpar
       # Class that maps directly to Cisco webtype ACL definition
       # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_webtype.html
       class WebType < Base
-        SIGNATURE = /^(access-list)\b.*\b(webtype)\b/i
+        SIGNATURE = /^(access-list)\b.*\s(webtype)\s/i
 
         def initialize(content="", options={})
           super
 
           @sub_ilk = "webtype"
 
-          parse_regex = %r/
+          parse_regex = %r/^
             (access-list)\s*                 # Directive Signature
-            (?<name>[\-\w]+)\s*              # ACL name
+            (?<name>#{NAME})\s*              # ACL name
             (?<type>(webtype))\s*            # Webtype ACL Type
             (?<permission>(permit|deny))?\s* # permit or deny
             (?<rule>.+)                      # Everything else on line
-          /x
+          $/x
           @match_data = parse_regex.match(@content)
 
           self
@@ -29,11 +29,7 @@ module Conpar
           :rule
         ].each do |m|
           define_method(m) do
-            begin
-              @match_data[m]
-            rescue IndexError
-              nil
-            end
+            @match_data[m]
           end
         end
       end

data/lib/conpar/directive/base.rb

@@ -42,7 +42,7 @@ module Conpar
       def initialize(content="", options={})
         @line_number = options[:line_number]
         @line_span = options.fetch(:line_span, 1)
-        @content = content
+        @content = content.to_s.strip
         @ilk = :directive
         @sub_ilk = ""
         self

data/lib/conpar/directive/comment.rb

@@ -7,6 +7,7 @@ module Conpar
       def initialize(content="", options={})
         super
         @ilk = :comment
+        @sub_ilk = "comment"
       end
     end
   end

data/lib/conpar/version.rb

@@ -1,3 +1,3 @@
 module Conpar
-  VERSION = "0.1.0"
+  VERSION = "0.1.2"
 end

data/spec/lib/directive/access_list/base_spec.rb

@@ -2,4 +2,11 @@ require 'spec_helper'
 
 describe Conpar::Directive::AccessList::Base do
   let(:klass) { Conpar::Directive::AccessList::Base }
+
+  context "#to_s" do
+    it "should be same as #content" do
+      obj = klass.new("foobar")
+      expect(obj.to_s).to eq(obj.content)
+    end
+  end
 end

data/spec/lib/directive/access_list/extended_spec.rb

@@ -2,6 +2,15 @@ require 'spec_helper'
 
 describe Conpar::Directive::AccessList::Extended do
   let(:klass) { Conpar::Directive::AccessList::Extended }
+
+  context "extended acl with 'standard' in name of object-group" do
+    subject { "access-list ACL_IN extended permit ip any object-group standard-grp" }
+
+    it "::SIGNATURE should match" do
+      expect(subject).to match(klass::SIGNATURE)
+    end
+  end
+
   {
     # example from cisco documenation
     # rule any any

data/spec/lib/directive/access_list/remark_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Conpar::Directive::AccessList::Remark do
+  let(:klass) { Conpar::Directive::AccessList::Remark }
+  let(:remark) { "access-list 101 remark ***Some Remark***" }
+
+  context "::SIGNATURE" do
+    it "should match 'access-list 101 remark ***Some Remark***'" do
+      expect(remark).to match(klass::SIGNATURE)
+    end
+  end
+
+  context "#new" do
+    subject { klass.new(remark) }
+    [ :name, :type, :remark ].each do |m|
+      it "should respond to #{m}" do
+        expect(subject).to respond_to(m)
+      end
+    end
+    it ".sub_ilk should be 'remark'" do
+      expect(subject.sub_ilk).to eq("remark")
+    end
+    it ".name should be '101'" do
+      expect(subject.name).to eq("101")
+    end
+    it ".type should be 'remark'" do
+      expect(subject.type).to eq("remark")
+    end
+    it ".remark should be '***Some Remark***'" do
+      expect(subject.remark).to eq("***Some Remark***")
+    end
+  end
+end

data/spec/lib/directive/access_list/standard_spec.rb

@@ -2,6 +2,14 @@ require 'spec_helper'
 
 describe Conpar::Directive::AccessList::Standard do
   let(:klass) { Conpar::Directive::AccessList::Standard }
+
+  context "extended acl with 'standard' in name of object-group" do
+    subject { "access-list ACL_IN extended permit ip any object-group standard-grp" }
+
+    it "::SIGNATURE should not match" do
+      expect(subject).not_to match(klass::SIGNATURE)
+    end
+  end
   {
     "access-list OSPF standard permit 192.168.1.0 255.255.255.0" => {
       name: "OSPF",

data/spec/lib/directive/comment_spec.rb

@@ -1,13 +1,23 @@
 require 'spec_helper'
 
 describe Conpar::Directive::Comment do
+  let(:klass) { Conpar::Directive::Comment }
+
   context "::SIGNATURE" do
-    subject { Conpar::Directive::Comment::SIGNATURE }
     it "should match ': no comment'" do
-      expect(": no comment").to match(subject)
+      expect(": no comment").to match(klass::SIGNATURE)
     end
     it "should not match empty string" do
-      expect(" ").not_to match(subject)
+      expect(" ").not_to match(klass::SIGNATURE)
+    end
+  end
+  context "valid comment" do
+    subject { klass.new(": no comment") }
+    it ".ilk should be :comment" do
+      expect(subject.ilk).to eq(:comment)
+    end
+    it ".sub_ilk should be 'comment'" do
+      expect(subject.sub_ilk).to eq("comment")
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,3 +1,6 @@
+require 'coveralls'
+Coveralls.wear!
+
 require 'rspec'
 require 'conpar'
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conpar
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-10 00:00:00.000000000 Z
+date: 2014-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -139,6 +139,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Full-featured firewall configuration parser library.
 email:
 - ryan.johnson@rackspace.com
@@ -146,6 +162,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- .coveralls.yml
 - .gitignore
 - .travis.yml
 - Gemfile
@@ -164,6 +181,7 @@ files:
 - lib/conpar/directive/access_list/base.rb
 - lib/conpar/directive/access_list/ether_type.rb
 - lib/conpar/directive/access_list/extended.rb
+- lib/conpar/directive/access_list/remark.rb
 - lib/conpar/directive/access_list/standard.rb
 - lib/conpar/directive/access_list/unknown_type.rb
 - lib/conpar/directive/access_list/web_type.rb
@@ -177,6 +195,7 @@ files:
 - spec/lib/directive/access_list/base_spec.rb
 - spec/lib/directive/access_list/ether_type_spec.rb
 - spec/lib/directive/access_list/extended_spec.rb
+- spec/lib/directive/access_list/remark_spec.rb
 - spec/lib/directive/access_list/standard_spec.rb
 - spec/lib/directive/access_list/unknown_spec.rb
 - spec/lib/directive/access_list/web_type_spec.rb
@@ -207,7 +226,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -4307823525324721916
+      hash: 4397279224083911622
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -216,7 +235,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -4307823525324721916
+      hash: 4397279224083911622
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.23
@@ -229,6 +248,7 @@ test_files:
 - spec/lib/directive/access_list/base_spec.rb
 - spec/lib/directive/access_list/ether_type_spec.rb
 - spec/lib/directive/access_list/extended_spec.rb
+- spec/lib/directive/access_list/remark_spec.rb
 - spec/lib/directive/access_list/standard_spec.rb
 - spec/lib/directive/access_list/unknown_spec.rb
 - spec/lib/directive/access_list/web_type_spec.rb