Skip to content

Commit

Permalink
Fix huawei display acl all - port numbers replaced by names and IPV6 …
Browse files Browse the repository at this point in the history 
…ACL name position (#1222)

* Fix huawei display acl all - port numbers replaced by names
* Fix Huawei - display acl (ipv6)? all - if name provided, order in IPv6 changes
* Huawei - display acl all - add rule description
* Huawei - display acl all - separately record ACLs and their rules

authored-by: Edouard Lavaud <e.lavaud@unyc.io>
  • Loading branch information
@elavaud
elavaud authored Mar 26, 2023
1 parent 2cee38b commit cae4bfd
Show file tree
Hide file tree
Showing 5 changed files with 181 additions and 9 deletions.
18 changes: 12 additions & 6 deletions ntc_templates/templates/huawei_vrp_display_acl_all.textfsm
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,27 @@
Value Filldown ACL_NAME (.*?)
Value Filldown ACL_NUMBER (\d+)
Value Required SN (\d+)
Value Filldown,Required ACL_NUMBER (\d+)
Value SN (\d+)
Value ACTION (deny|permit)
Value PROTOCOL (\d+|icmp(v6)?|tcp|udp|gre|igmp|ip(v6)?|ipinip|ospf)
Value SOURCE (((\d+.){3}\d+|[0-9a-fA-F]{1,4}([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4})[\/\s]((\d+.){3}\d+|\d+))
Value SOURCE_PORT_MODIFIER (eq|lt|gt|range)
Value SOURCE_PORT_RANGE ((\d+)(\s(\d+))?)
Value SOURCE_PORT_RANGE ((\S+)(\s(\S+))?)
Value DESTINATION (((\d+.){3}\d+|[0-9a-fA-F]{1,4}([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4})[\/\s]((\d+.){3}\d+|\d+))
Value DESTINATION_PORT_MODIFIER (eq|lt|gt|range)
Value DESTINATION_PORT_RANGE ((\d+)(\s(\d+))?)
Value DESTINATION_PORT_RANGE ((\S+)(\s(\S+))?)
Value MATCHES (\d+)
Value DESCRIPTION (.*)

Start
^\s*rule\s\d+\s(deny|permit) -> Continue.Record
^\S+\sIPv6\sACL\s -> Continue.Record
^\S+\sACL\s -> Continue.Record
^\s*Total\squantity\sof\snonempty\sACL\snumber\sis\s\d+\s*$$
^\s*Total\snonempty\sacl6\snumber\sis\s\d+\s*$$
^\S+(\sIPv6)?\sACL\s(${ACL_NAME}\s)?${ACL_NUMBER},\s\d+.*$$
^\S+\sIPv6\sACL\s${ACL_NUMBER}(\sname\s${ACL_NAME})?,\s\d+\srules?.*$$
^\S+\sACL\s(${ACL_NAME}\s)?${ACL_NUMBER},\s\d+\srules?.*$$
^\s*Acl's\sstep\sis\s\d+\s*$$
^\s*rule\s${SN}\s${ACTION}(\s${PROTOCOL})?(\ssource\s${SOURCE})?(\ssource-port\s${SOURCE_PORT_MODIFIER}\s${SOURCE_PORT_RANGE})?(\sdestination\s${DESTINATION})?(\sdestination-port\s${DESTINATION_PORT_MODIFIER}\s${DESTINATION_PORT_RANGE})?(\s\(${MATCHES}\smatch(es)?\))?\s*$$ -> Record
^\s*rule\s${SN}\s${ACTION}(\s${PROTOCOL})?(\ssource\s${SOURCE})?(\ssource-port\s${SOURCE_PORT_MODIFIER}\s${SOURCE_PORT_RANGE})?(\sdestination\s${DESTINATION})?(\sdestination-port\s${DESTINATION_PORT_MODIFIER}\s${DESTINATION_PORT_RANGE})?(\s\(${MATCHES}\smatch(es)?\))?\s*$$
^\s*rule\s\d+\sdescription\s"${DESCRIPTION}"\s*$$
^\s*$$
^. -> Error
10 changes: 8 additions & 2 deletions tests/huawei_vrp/display_acl_all/huawei_vrp_display_acl_all_1.raw
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,17 @@ Basic ACL 2500, 1 rule
Acl's step is 5
rule 35 permit source 192.168.0.0 0.0.255.255 (5431 matches)

Advanced ACL 3997, 1 rule
Acl's step is 5
rule 5 permit ip source 192.165.3.5 0
rule 5 description "qsdqsdqsdqsdqsdqsdqs az"

Advanced ACL REGLE_NAT 3998, 3 rules
Acl's step is 5
rule 5 permit tcp source 85.14.167.234 0 destination 192.214.198.156 0 destination-port eq 8022 (18 matches)
rule 10 deny tcp destination 192.214.198.156 0 destination-port eq 8022 (8 matches)
rule 15 permit ip (278450 matches)
rule 10 deny tcp destination 192.214.198.156 0 destination-port eq www (8 matches)
rule 15 deny tcp destination 192.23.26.1 0.0.255.255 destination-port range 50 80 (8 matches)
rule 20 permit ip (278450 matches)

Advanced ACL qsdqsd 3999, 0 rule
Acl's step is 5
104 changes: 103 additions & 1 deletion tests/huawei_vrp/display_acl_all/huawei_vrp_display_acl_all_1.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,18 @@
---
parsed_sample:
- acl_name: ""
acl_number: "2000"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2000"
sn: "5"
Expand All @@ -12,6 +25,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: "94"
description: ""
- acl_name: ""
acl_number: "2000"
sn: "10"
Expand All @@ -24,6 +38,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: "26939"
description: ""
- acl_name: ""
acl_number: "2000"
sn: "15"
Expand All @@ -36,6 +51,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: "24"
description: ""
- acl_name: ""
acl_number: "2000"
sn: "20"
Expand All @@ -48,6 +64,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2000"
sn: "25"
Expand All @@ -60,6 +77,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2000"
sn: "30"
Expand All @@ -72,6 +90,7 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2000"
sn: "35"
Expand All @@ -84,6 +103,20 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2500"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "2500"
sn: "35"
Expand All @@ -96,6 +129,46 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: "5431"
description: ""
- acl_name: ""
acl_number: "3997"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "3997"
sn: "5"
action: "permit"
protocol: "ip"
source: "192.165.3.5 0"
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: "qsdqsdqsdqsdqsdqsdqs az"
- acl_name: "REGLE_NAT"
acl_number: "3998"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: "REGLE_NAT"
acl_number: "3998"
sn: "5"
Expand All @@ -108,6 +181,7 @@ parsed_sample:
destination_port_modifier: "eq"
destination_port_range: "8022"
matches: "18"
description: ""
- acl_name: "REGLE_NAT"
acl_number: "3998"
sn: "10"
Expand All @@ -118,11 +192,25 @@ parsed_sample:
source_port_range: ""
destination: "192.214.198.156 0"
destination_port_modifier: "eq"
destination_port_range: "8022"
destination_port_range: "www"
matches: "8"
description: ""
- acl_name: "REGLE_NAT"
acl_number: "3998"
sn: "15"
action: "deny"
protocol: "tcp"
source: ""
source_port_modifier: ""
source_port_range: ""
destination: "192.23.26.1 0.0.255.255"
destination_port_modifier: "range"
destination_port_range: "50 80"
matches: "8"
description: ""
- acl_name: "REGLE_NAT"
acl_number: "3998"
sn: "20"
action: "permit"
protocol: "ip"
source: ""
Expand All @@ -132,3 +220,17 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: "278450"
description: ""
- acl_name: "qsdqsd"
acl_number: "3999"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
5 changes: 5 additions & 0 deletions tests/huawei_vrp/display_acl_all/huawei_vrp_display_acl_ipv6_all_1.raw
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,8 @@
Advanced IPv6 ACL 3344, 1 rule, match-order is auto
Acl's step is 5
rule 5 permit ipv6 destination 34::/128

Advanced IPv6 ACL 3999 name MyACL_IPv6, 2 rules
Acl's step is 5
rule 5 deny ipv6 source 2A01:728::/29
rule 10 permit ipv6 source 1291:3050:f5ed:9760::/23
53 changes: 53 additions & 0 deletions tests/huawei_vrp/display_acl_all/huawei_vrp_display_acl_ipv6_all_1.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,18 @@
---
parsed_sample:
- acl_name: ""
acl_number: "3344"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: ""
acl_number: "3344"
sn: "5"
Expand All @@ -12,3 +25,43 @@ parsed_sample:
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: "MyACL_IPv6"
acl_number: "3999"
sn: ""
action: ""
protocol: ""
source: ""
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: "MyACL_IPv6"
acl_number: "3999"
sn: "5"
action: "deny"
protocol: "ipv6"
source: "2A01:728::/29"
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""
- acl_name: "MyACL_IPv6"
acl_number: "3999"
sn: "10"
action: "permit"
protocol: "ipv6"
source: "1291:3050:f5ed:9760::/23"
source_port_modifier: ""
source_port_range: ""
destination: ""
destination_port_modifier: ""
destination_port_range: ""
matches: ""
description: ""

0 comments on commit cae4bfd

Please # to comment.