conpar 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. data/README.md +1 -0
  2. data/lib/conpar/directive/access_list/ether_type.rb +5 -1
  3. data/lib/conpar/directive/access_list/extended.rb +2 -1
  4. data/lib/conpar/directive/access_list/standard.rb +4 -1
  5. data/lib/conpar/directive/access_list/web_type.rb +2 -1
  6. data/lib/conpar/version.rb +1 -1
  7. data/spec/lib/directive/access_list/extended_spec.rb +9 -5
  8. data/spec/lib/directive/access_list/standard_spec.rb +10 -5
  9. data/spec/lib/directive/access_list_spec.rb +2 -1
  10. data/spec/lib/document_spec.rb +15 -0
  11. data/spec/samples/sample6 +10 -0
  12. metadata +6 -4
data/README.md CHANGED
@@ -1,4 +1,5 @@
1
1
  # Conpar
2
+ [![Gem Version](https://badge.fury.io/rb/conpar.svg)](http://badge.fury.io/rb/conpar)
2
3
  [![Build Status](https://travis-ci.org/CITguy/conpar.png?branch=master)](https://travis-ci.org/CITguy/conpar)
3
4
  [![Coverage Status](https://coveralls.io/repos/CITguy/conpar/badge.png?branch=master)](https://coveralls.io/r/CITguy/conpar?branch=master)
4
5
 
data/lib/conpar/directive/access_list/ether_type.rb CHANGED
@@ -4,13 +4,17 @@ module Conpar
4
4
  # Class that maps directly to Cisco ethertype ACL definition
5
5
  # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_ethertype.html
6
6
  class EtherType < Base
7
- SIGNATURE = /^(access-list)\b.*\s(ethertype)\s/i
7
+ # (0.1.4): "ethertype" should be followed by "permit" or "deny"
8
+ SIGNATURE = /^(access-list)\b.*\s(ethertype)\s+(permit|deny)/i
8
9
 
9
10
  def initialize(content="", options={})
10
11
  super
11
12
 
12
13
  @sub_ilk = "ethertype"
13
14
 
15
+ # access-list access_list_name ethertype
16
+ # {deny | permit}
17
+ # {ipx | bpdu | mpls-unicast | mpls-multicast | is-is | any | hex_number}
14
18
  parse_regex = %r/^
15
19
  (access-list)\s* # Directive Signature
16
20
  (?<name>#{NAME})\s* # ACL Name
data/lib/conpar/directive/access_list/extended.rb CHANGED
@@ -4,7 +4,8 @@ module Conpar
4
4
  # Class that maps directly to Cisco extended ACL definition
5
5
  # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_extended.html
6
6
  class Extended < Base
7
- SIGNATURE = /^(access-list)\b.*\s(extended)\s/i
7
+ # (0.1.4): "extended" should be followed by "permit" or "deny"
8
+ SIGNATURE = /^(access-list)\b.*\s(extended)\s+(permit|deny)\s/i
8
9
 
9
10
  def initialize(content="", options={})
10
11
  super
data/lib/conpar/directive/access_list/standard.rb CHANGED
@@ -4,13 +4,16 @@ module Conpar
4
4
  # Class that maps directly to Cisco standard ACL definition
5
5
  # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_standard.html
6
6
  class Standard < Base
7
- SIGNATURE = /^(access-list)\b.*\s(standard)\s/i
7
+ # (0.1.4): "standard" should be followed by "permit" or "deny"
8
+ SIGNATURE = /^(access-list)\b.*\s(standard)\s+(permit|deny)/i
8
9
 
9
10
  def initialize(content="", options={})
10
11
  super
11
12
 
12
13
  @sub_ilk = "standard"
13
14
 
15
+ # access-list access_list_name standard
16
+ # { deny | permit } { any4 | ip_address mask }
14
17
  parse_regex = %r/^
15
18
  (access-list)\s* # Directive signature
16
19
  (?<name>#{NAME})\s* # ACL Name
data/lib/conpar/directive/access_list/web_type.rb CHANGED
@@ -4,7 +4,8 @@ module Conpar
4
4
  # Class that maps directly to Cisco webtype ACL definition
5
5
  # See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_webtype.html
6
6
  class WebType < Base
7
- SIGNATURE = /^(access-list)\b.*\s(webtype)\s/i
7
+ # (0.1.4) "webtype" should be followed by "permit" or "deny"
8
+ SIGNATURE = /^(access-list)\b.*\s(webtype)\s+(permit|deny)/i
8
9
 
9
10
  def initialize(content="", options={})
10
11
  super
data/lib/conpar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Conpar
2
- VERSION = "0.1.3"
2
+ VERSION = "0.1.4"
3
3
  end
data/spec/lib/directive/access_list/extended_spec.rb CHANGED
@@ -3,11 +3,15 @@ require 'spec_helper'
3
3
  describe Conpar::Directive::AccessList::Extended do
4
4
  let(:klass) { Conpar::Directive::AccessList::Extended }
5
5
 
6
- context "extended acl with 'standard' in name of object-group" do
7
- subject { "access-list ACL_IN extended permit ip any object-group standard-grp" }
8
-
9
- it "::SIGNATURE should match" do
10
- expect(subject).to match(klass::SIGNATURE)
6
+ [
7
+ "access-list 101 extended permit icmp any object-group standard-grp",
8
+ "access-list 101 extended permit icmp any any object-group standard"
9
+ ].each do |acl|
10
+ context "for '#{acl}'" do
11
+ subject { acl }
12
+ it "::SIGNATURE should MATCH" do
13
+ expect(subject).to match(klass::SIGNATURE)
14
+ end
11
15
  end
12
16
  end
13
17
 
data/spec/lib/directive/access_list/standard_spec.rb CHANGED
@@ -3,13 +3,18 @@ require 'spec_helper'
3
3
  describe Conpar::Directive::AccessList::Standard do
4
4
  let(:klass) { Conpar::Directive::AccessList::Standard }
5
5
 
6
- context "extended acl with 'standard' in name of object-group" do
7
- subject { "access-list ACL_IN extended permit ip any object-group standard-grp" }
8
-
9
- it "::SIGNATURE should not match" do
10
- expect(subject).not_to match(klass::SIGNATURE)
6
+ [
7
+ "access-list 101 extended permit icmp any any object-group standard-grp",
8
+ "access-list 101 extended permit icmp any any object-group standard"
9
+ ].each do |acl|
10
+ context "for '#{acl}'" do
11
+ subject { acl }
12
+ it "::SIGNATURE should NOT match" do
13
+ expect(klass::SIGNATURE.match(subject)).to be_nil
14
+ end
11
15
  end
12
16
  end
17
+
13
18
  {
14
19
  "access-list OSPF standard permit 192.168.1.0 255.255.255.0" => {
15
20
  name: "OSPF",
data/spec/lib/directive/access_list_spec.rb CHANGED
@@ -7,7 +7,8 @@ describe Conpar::Directive::AccessList do
7
7
  "access-list foo extended deny all" => Conpar::Directive::AccessList::Extended,
8
8
  "access-list foo webtype deny all" => Conpar::Directive::AccessList::WebType,
9
9
  "access-list foo ethertype deny all" => Conpar::Directive::AccessList::EtherType,
10
- "access-list foo unknowntype deny all" => Conpar::Directive::AccessList::Base
10
+ "access-list foo unknowntype deny all" => Conpar::Directive::AccessList::Base,
11
+ "access-list 101 extended permit ip any any object-group standard" => Conpar::Directive::AccessList::Extended
11
12
  }.each do |line, klass_output|
12
13
  it "for '#{line}' should return a #{klass_output.name}" do
13
14
  expect(subject.new(line)).to be_a_kind_of(klass_output)
data/spec/lib/document_spec.rb CHANGED
@@ -94,5 +94,20 @@ describe Conpar::Document do
94
94
  it { expect(result.select{|r| r.ilk == :directive }).to have(2).items }
95
95
  end
96
96
  end
97
+
98
+ # 4 comments, 3 different known ACLs, 1 unknown ACL, 2 other directives
99
+ context 'sample5' do
100
+ let(:config) { File.read("spec/samples/sample6") }
101
+
102
+ context "result" do
103
+ let(:result) { subject.parse(config) }
104
+ it { expect(result.select{|r| r.ilk == :comment }).to have(4).items }
105
+ it { expect(result.select{|r| r.ilk == :access_list }).to have(4).items }
106
+ it { expect(result.select{|r| r.sub_ilk == "standard" }).to have(1).items }
107
+ it { expect(result.select{|r| r.sub_ilk == "extended" }).to have(2).items }
108
+ it { expect(result.select{|r| r.sub_ilk == "unknown" }).to have(1).items }
109
+ it { expect(result.select{|r| r.ilk == :directive }).to have(2).items }
110
+ end
111
+ end
97
112
  end
98
113
  end
data/spec/samples/sample6 ADDED
@@ -0,0 +1,10 @@
1
+ : First Comment
2
+ access-list foo-bar standard deny all
3
+ : Second Comment
4
+ access-list bang-biz extended permit ip any any
5
+ access-list dne blahtype permit all
6
+ : additional directives
7
+ version 1.0.0
8
+ logging enable
9
+ : tricky acl (contains both "extended" and "standard" but is Extended)
10
+ access-list 101 extended permit ip any any object-group standard
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conpar
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-04-15 00:00:00.000000000 Z
12
+ date: 2014-04-21 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -210,6 +210,7 @@ files:
210
210
  - spec/samples/sample3
211
211
  - spec/samples/sample4
212
212
  - spec/samples/sample5
213
+ - spec/samples/sample6
213
214
  - spec/spec_helper.rb
214
215
  homepage: ''
215
216
  licenses:
@@ -226,7 +227,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
226
227
  version: '0'
227
228
  segments:
228
229
  - 0
229
- hash: -766122589984341945
230
+ hash: -1371363594229726120
230
231
  required_rubygems_version: !ruby/object:Gem::Requirement
231
232
  none: false
232
233
  requirements:
@@ -235,7 +236,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
235
236
  version: '0'
236
237
  segments:
237
238
  - 0
238
- hash: -766122589984341945
239
+ hash: -1371363594229726120
239
240
  requirements: []
240
241
  rubyforge_project:
241
242
  rubygems_version: 1.8.23
@@ -263,5 +264,6 @@ test_files:
263
264
  - spec/samples/sample3
264
265
  - spec/samples/sample4
265
266
  - spec/samples/sample5
267
+ - spec/samples/sample6
266
268
  - spec/spec_helper.rb
267
269
  has_rdoc: