conpar 0.2.0 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/conpar/directive/access_list.rb +2 -2
- data/lib/conpar/directive/access_list/extended.rb +12 -5
- data/lib/conpar/version.rb +1 -1
- data/spec/lib/directive/access_list/extended_spec.rb +13 -1
- data/spec/lib/directive/access_list_spec.rb +2 -1
- data/spec/lib/document_spec.rb +20 -0
- data/spec/samples/legacy-sample1 +3 -0
- metadata +30 -54
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 27aa5140dcddcbc284b4aadfe79bfc86d1e35cb0
|
4
|
+
data.tar.gz: ae21cb8a073f95229f5531b4d5f71c8319f52744
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 66bbd330e3786841eeac7567ce164c5714e4e84cdec2bc1b7f5a3dc3d2820973feb219224953d7cd817b078f6266ebe12a7e7dca49bcc9ca54c3379afbf05b94
|
7
|
+
data.tar.gz: 67e7ff56a68b6ed5fc051e7cb68bac73bf91218b86e8e34433c22424010d23d7a54a81a42203ac2e5284ee98ecce0846ad4ba63ba32229422040b939232b784b
|
@@ -5,7 +5,14 @@ module Conpar
|
|
5
5
|
# See http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_extended.html
|
6
6
|
class Extended < Base
|
7
7
|
# (0.1.4): "extended" should be followed by "permit" or "deny"
|
8
|
-
|
8
|
+
# (0.2.2): "extended" optional (legacy syntax support)
|
9
|
+
SIGNATURE = %r/^
|
10
|
+
(access-list)\s+
|
11
|
+
(#{NAME})\s+
|
12
|
+
(line\s+(\d+))?\s*
|
13
|
+
(extended)?\s*
|
14
|
+
(permit|deny)
|
15
|
+
/x
|
9
16
|
|
10
17
|
def initialize(content="", options={})
|
11
18
|
super
|
@@ -17,15 +24,15 @@ module Conpar
|
|
17
24
|
(?<octet>1?[0-9]{1,2}|2([0-4][0-9]|5[0-5]))\.\k<octet>\.\k<octet>\.\k<octet>
|
18
25
|
/x
|
19
26
|
|
20
|
-
# access-list access_list_name [line line_number] extended
|
27
|
+
# access-list access_list_name [line line_number] [extended]
|
21
28
|
# {deny | permit} protocol_argument source_address_argument dest_address_argument
|
22
29
|
# [log [[level] [interval secs] | disable | default]]
|
23
30
|
# [inactive | time-range time_range_name]
|
24
31
|
parse_regex = %r/^
|
25
|
-
(access-list)\s
|
26
|
-
(?<name>#{NAME})\s
|
32
|
+
(access-list)\s+ # Directive Signature
|
33
|
+
(?<name>#{NAME})\s+ # ACL Name
|
27
34
|
(line\s+(?<line>\d+))?\s* # (optional) line number
|
28
|
-
(?<type>extended)
|
35
|
+
(?<type>extended)?\s* # (optional) ACL type (legacy syntax support)
|
29
36
|
(?<permission>(permit|deny))?\s* # permit or deny
|
30
37
|
(?<protocol>\w+)\s* # Protocol Argument
|
31
38
|
(?<rule>.+) # Everything else on line
|
data/lib/conpar/version.rb
CHANGED
@@ -5,7 +5,8 @@ describe Conpar::Directive::AccessList::Extended do
|
|
5
5
|
|
6
6
|
[
|
7
7
|
"access-list 101 extended permit icmp any object-group standard-grp",
|
8
|
-
"access-list 101 extended permit icmp any any object-group standard"
|
8
|
+
"access-list 101 extended permit icmp any any object-group standard",
|
9
|
+
"access-list 101 permit ip any any" # Legacy Syntax
|
9
10
|
].each do |acl|
|
10
11
|
context "for '#{acl}'" do
|
11
12
|
subject { acl }
|
@@ -15,6 +16,17 @@ describe Conpar::Directive::AccessList::Extended do
|
|
15
16
|
end
|
16
17
|
end
|
17
18
|
|
19
|
+
[
|
20
|
+
"access-list dne blahtype permit all"
|
21
|
+
].each do |acl|
|
22
|
+
context "for '#{acl}'" do
|
23
|
+
subject { acl }
|
24
|
+
it "::SIGNATURE should NOT MATCH" do
|
25
|
+
expect(subject).to_not match(klass::SIGNATURE)
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
18
30
|
{
|
19
31
|
# example from cisco documenation
|
20
32
|
# rule any any
|
@@ -8,7 +8,8 @@ describe Conpar::Directive::AccessList do
|
|
8
8
|
"access-list foo webtype deny all" => Conpar::Directive::AccessList::WebType,
|
9
9
|
"access-list foo ethertype deny all" => Conpar::Directive::AccessList::EtherType,
|
10
10
|
"access-list foo unknowntype deny all" => Conpar::Directive::AccessList::Base,
|
11
|
-
"access-list 101 extended permit ip any any object-group standard" => Conpar::Directive::AccessList::Extended
|
11
|
+
"access-list 101 extended permit ip any any object-group standard" => Conpar::Directive::AccessList::Extended,
|
12
|
+
"access-list 101 permit ip any any" => Conpar::Directive::AccessList::Extended # Legacy Syntax
|
12
13
|
}.each do |line, klass_output|
|
13
14
|
it "for '#{line}' should return a #{klass_output.name}" do
|
14
15
|
expect(subject.new(line)).to be_a_kind_of(klass_output)
|
data/spec/lib/document_spec.rb
CHANGED
@@ -121,5 +121,25 @@ describe Conpar::Document do
|
|
121
121
|
it { expect(result.select{|r| r.ilk == :directive }).to have(2).items }
|
122
122
|
end
|
123
123
|
end
|
124
|
+
|
125
|
+
context "~legacy syntax~" do
|
126
|
+
# 2 comments and 1 ACL
|
127
|
+
context 'legacy-sample1' do
|
128
|
+
let(:config) { File.read("spec/samples/legacy-sample1") }
|
129
|
+
|
130
|
+
context "result" do
|
131
|
+
let(:result) { subject.parse(config) }
|
132
|
+
it { expect(result.select{|r| r.ilk == :comment }).to have(2).items }
|
133
|
+
it { expect(result.select{|r| r.ilk == :access_list }).to have(1).items }
|
134
|
+
it { expect(result.select{|r| r.sub_ilk == "extended" }).to have(1).items }
|
135
|
+
end
|
136
|
+
end#legacy-sample1
|
137
|
+
end
|
138
|
+
|
139
|
+
|
140
|
+
context "with invalid UTF-8 characters" do
|
141
|
+
let(:config) { ": some comment\255" }
|
142
|
+
it "shouldn't error"
|
143
|
+
end
|
124
144
|
end
|
125
145
|
end
|
metadata
CHANGED
@@ -1,158 +1,139 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conpar
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
5
|
-
prerelease:
|
4
|
+
version: 0.2.2
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Ryan A. Johnson
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date: 2014-
|
11
|
+
date: 2014-12-02 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: bundler
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
|
-
- - ~>
|
17
|
+
- - "~>"
|
20
18
|
- !ruby/object:Gem::Version
|
21
19
|
version: '1.3'
|
22
20
|
type: :development
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
|
-
- - ~>
|
24
|
+
- - "~>"
|
28
25
|
- !ruby/object:Gem::Version
|
29
26
|
version: '1.3'
|
30
27
|
- !ruby/object:Gem::Dependency
|
31
28
|
name: rspec
|
32
29
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
30
|
requirements:
|
35
|
-
- -
|
31
|
+
- - ">="
|
36
32
|
- !ruby/object:Gem::Version
|
37
33
|
version: 2.4.0
|
38
34
|
type: :development
|
39
35
|
prerelease: false
|
40
36
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
37
|
requirements:
|
43
|
-
- -
|
38
|
+
- - ">="
|
44
39
|
- !ruby/object:Gem::Version
|
45
40
|
version: 2.4.0
|
46
41
|
- !ruby/object:Gem::Dependency
|
47
42
|
name: rake
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
44
|
requirements:
|
51
|
-
- -
|
45
|
+
- - ">="
|
52
46
|
- !ruby/object:Gem::Version
|
53
47
|
version: '0'
|
54
48
|
type: :development
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
51
|
requirements:
|
59
|
-
- -
|
52
|
+
- - ">="
|
60
53
|
- !ruby/object:Gem::Version
|
61
54
|
version: '0'
|
62
55
|
- !ruby/object:Gem::Dependency
|
63
56
|
name: yard
|
64
57
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
58
|
requirements:
|
67
|
-
- -
|
59
|
+
- - ">="
|
68
60
|
- !ruby/object:Gem::Version
|
69
61
|
version: '0'
|
70
62
|
type: :development
|
71
63
|
prerelease: false
|
72
64
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
65
|
requirements:
|
75
|
-
- -
|
66
|
+
- - ">="
|
76
67
|
- !ruby/object:Gem::Version
|
77
68
|
version: '0'
|
78
69
|
- !ruby/object:Gem::Dependency
|
79
70
|
name: redcarpet
|
80
71
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
72
|
requirements:
|
83
|
-
- -
|
73
|
+
- - ">="
|
84
74
|
- !ruby/object:Gem::Version
|
85
75
|
version: '0'
|
86
76
|
type: :development
|
87
77
|
prerelease: false
|
88
78
|
version_requirements: !ruby/object:Gem::Requirement
|
89
|
-
none: false
|
90
79
|
requirements:
|
91
|
-
- -
|
80
|
+
- - ">="
|
92
81
|
- !ruby/object:Gem::Version
|
93
82
|
version: '0'
|
94
83
|
- !ruby/object:Gem::Dependency
|
95
84
|
name: guard
|
96
85
|
requirement: !ruby/object:Gem::Requirement
|
97
|
-
none: false
|
98
86
|
requirements:
|
99
|
-
- -
|
87
|
+
- - ">="
|
100
88
|
- !ruby/object:Gem::Version
|
101
89
|
version: '0'
|
102
90
|
type: :development
|
103
91
|
prerelease: false
|
104
92
|
version_requirements: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
93
|
requirements:
|
107
|
-
- -
|
94
|
+
- - ">="
|
108
95
|
- !ruby/object:Gem::Version
|
109
96
|
version: '0'
|
110
97
|
- !ruby/object:Gem::Dependency
|
111
98
|
name: guard-rspec
|
112
99
|
requirement: !ruby/object:Gem::Requirement
|
113
|
-
none: false
|
114
100
|
requirements:
|
115
|
-
- -
|
101
|
+
- - ">="
|
116
102
|
- !ruby/object:Gem::Version
|
117
103
|
version: '0'
|
118
104
|
type: :development
|
119
105
|
prerelease: false
|
120
106
|
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
none: false
|
122
107
|
requirements:
|
123
|
-
- -
|
108
|
+
- - ">="
|
124
109
|
- !ruby/object:Gem::Version
|
125
110
|
version: '0'
|
126
111
|
- !ruby/object:Gem::Dependency
|
127
112
|
name: pry
|
128
113
|
requirement: !ruby/object:Gem::Requirement
|
129
|
-
none: false
|
130
114
|
requirements:
|
131
|
-
- -
|
115
|
+
- - ">="
|
132
116
|
- !ruby/object:Gem::Version
|
133
117
|
version: '0'
|
134
118
|
type: :development
|
135
119
|
prerelease: false
|
136
120
|
version_requirements: !ruby/object:Gem::Requirement
|
137
|
-
none: false
|
138
121
|
requirements:
|
139
|
-
- -
|
122
|
+
- - ">="
|
140
123
|
- !ruby/object:Gem::Version
|
141
124
|
version: '0'
|
142
125
|
- !ruby/object:Gem::Dependency
|
143
126
|
name: coveralls
|
144
127
|
requirement: !ruby/object:Gem::Requirement
|
145
|
-
none: false
|
146
128
|
requirements:
|
147
|
-
- -
|
129
|
+
- - ">="
|
148
130
|
- !ruby/object:Gem::Version
|
149
131
|
version: '0'
|
150
132
|
type: :development
|
151
133
|
prerelease: false
|
152
134
|
version_requirements: !ruby/object:Gem::Requirement
|
153
|
-
none: false
|
154
135
|
requirements:
|
155
|
-
- -
|
136
|
+
- - ">="
|
156
137
|
- !ruby/object:Gem::Version
|
157
138
|
version: '0'
|
158
139
|
description: Full-featured firewall configuration parser library.
|
@@ -162,9 +143,9 @@ executables: []
|
|
162
143
|
extensions: []
|
163
144
|
extra_rdoc_files: []
|
164
145
|
files:
|
165
|
-
- .coveralls.yml
|
166
|
-
- .gitignore
|
167
|
-
- .travis.yml
|
146
|
+
- ".coveralls.yml"
|
147
|
+
- ".gitignore"
|
148
|
+
- ".travis.yml"
|
168
149
|
- Gemfile
|
169
150
|
- Guardfile
|
170
151
|
- LICENSE.txt
|
@@ -206,6 +187,7 @@ files:
|
|
206
187
|
- spec/lib/directive_spec.rb
|
207
188
|
- spec/lib/document_spec.rb
|
208
189
|
- spec/samples/basic
|
190
|
+
- spec/samples/legacy-sample1
|
209
191
|
- spec/samples/sample2
|
210
192
|
- spec/samples/sample3
|
211
193
|
- spec/samples/sample4
|
@@ -215,33 +197,26 @@ files:
|
|
215
197
|
homepage: ''
|
216
198
|
licenses:
|
217
199
|
- MIT
|
200
|
+
metadata: {}
|
218
201
|
post_install_message:
|
219
202
|
rdoc_options: []
|
220
203
|
require_paths:
|
221
204
|
- lib
|
222
205
|
required_ruby_version: !ruby/object:Gem::Requirement
|
223
|
-
none: false
|
224
206
|
requirements:
|
225
|
-
- -
|
207
|
+
- - ">="
|
226
208
|
- !ruby/object:Gem::Version
|
227
209
|
version: '0'
|
228
|
-
segments:
|
229
|
-
- 0
|
230
|
-
hash: -220778513351759836
|
231
210
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
232
|
-
none: false
|
233
211
|
requirements:
|
234
|
-
- -
|
212
|
+
- - ">="
|
235
213
|
- !ruby/object:Gem::Version
|
236
214
|
version: '0'
|
237
|
-
segments:
|
238
|
-
- 0
|
239
|
-
hash: -220778513351759836
|
240
215
|
requirements: []
|
241
216
|
rubyforge_project:
|
242
|
-
rubygems_version:
|
217
|
+
rubygems_version: 2.2.2
|
243
218
|
signing_key:
|
244
|
-
specification_version:
|
219
|
+
specification_version: 4
|
245
220
|
summary: Firewall CONfig PARser
|
246
221
|
test_files:
|
247
222
|
- spec/conpar_spec.rb
|
@@ -260,6 +235,7 @@ test_files:
|
|
260
235
|
- spec/lib/directive_spec.rb
|
261
236
|
- spec/lib/document_spec.rb
|
262
237
|
- spec/samples/basic
|
238
|
+
- spec/samples/legacy-sample1
|
263
239
|
- spec/samples/sample2
|
264
240
|
- spec/samples/sample3
|
265
241
|
- spec/samples/sample4
|