Merge pull request #247 from jmcgill298/ios_show_ip_access-list

FIXES #245 - CISCO_IOS_SHOW_IP_ACCESS-LISTS:
networktocode · Aug 20, 2018 · 90c93e0 · 90c93e0
2 parents 2059141 + 24d6f9c
commit 90c93e0
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 8 deletions.
diff --git a/templates/cisco_ios_show_ip_access-lists.template b/templates/cisco_ios_show_ip_access-lists.template
@@ -7,16 +7,16 @@ Value SRC_HOST (\d+\.\d+\.\d+\.\d+)
 Value SRC_ANY (any)
 Value SRC_NETWORK (\d+\.\d+\.\d+\.\d+)
 Value SRC_WILDCARD (\d+\.\d+\.\d+\.\d+)
-Value SRC_PORT_MATCH (eq|range|lt|gt)
-Value SRC_PORT ((?<!range\s)\S+)
-Value SRC_PORT_RANGE_START ((?<!range\s)\S+)
+Value SRC_PORT_MATCH (eq|neq|range|lt|gt)
+Value SRC_PORT ((?<!range\s).+?)
+Value SRC_PORT_RANGE_START ((?<=range\s)\S+)
 Value SRC_PORT_RANGE_END (\S+)
 Value DST_HOST (\d+\.\d+\.\d+\.\d+)
 Value DST_ANY (any)
 Value DST_NETWORK (\d+\.\d+\.\d+\.\d+)
 Value DST_WILDCARD (\d+\.\d+\.\d+\.\d+)
-Value DST_PORT_MATCH (eq|range|lt|gt)
-Value DST_PORT ((?<!range\s)\S+)
+Value DST_PORT_MATCH (eq|neq|range|lt|gt)
+Value DST_PORT ((?<!range\s).+?)
 Value DST_PORT_RANGE_START ((?<=range\s)\S+)
 Value DST_PORT_RANGE_END (\S+)
 Value LOG (log-input|log)
@@ -27,8 +27,8 @@ Value STATE (inactive|active)
 Start
   ^(Standard|Extended) -> Continue.Clearall
   ^${ACL_TYPE}\s+IP\s+access\s+list\s+${ACL_NAME}\s* -> Record
-  ^\s+${LINE_NUM}\s+${ACTION}\s+${PROTOCOL}\s+(host\s+${SRC_HOST}|${SRC_ANY}|${SRC_NETWORK}\s+${SRC_WILDCARD})(\s+${SRC_PORT_MATCH}\s+|)(${SRC_PORT_RANGE_START}\s+${SRC_PORT_RANGE_END}|${SRC_PORT}|)\s+(host\s+${DST_HOST}|${DST_ANY}|${DST_NETWORK}\s+${DST_WILDCARD})(\s+${DST_PORT_MATCH}\s+(${DST_PORT_RANGE_START}\s+${DST_PORT_RANGE_END}|${DST_PORT}|)|)(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)\s* -> Record
-  ^\s+${LINE_NUM}\s+${ACTION}\s+(${SRC_NETWORK},\s+wildcard\s+bits\s+${SRC_WILDCARD}|${SRC_HOST}|${SRC_ANY})(\s+{LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)\s* -> Record
+  ^\s+${LINE_NUM}\s+${ACTION}\s+${PROTOCOL}\s+(host\s+${SRC_HOST}|${SRC_ANY}|${SRC_NETWORK}\s+${SRC_WILDCARD})(\s+${SRC_PORT_MATCH}\s+|)(${SRC_PORT_RANGE_START}\s+${SRC_PORT_RANGE_END}|${SRC_PORT}|)\s+(host\s+${DST_HOST}|${DST_ANY}|${DST_NETWORK}\s+${DST_WILDCARD})(\s+${DST_PORT_MATCH}\s+(${DST_PORT_RANGE_START}\s+${DST_PORT_RANGE_END}|${DST_PORT}|)|)(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)\s*$$ -> Record
+  ^\s+${LINE_NUM}\s+${ACTION}\s+(${SRC_NETWORK},\s+wildcard\s+bits\s+${SRC_WILDCARD}|${SRC_HOST}|${SRC_ANY})(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)\s*$$ -> Record
   ^.* -> Error "Could not parse line:"
 
 EOF
diff --git a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists.parsed b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists.parsed
@@ -68,7 +68,7 @@ parsed_sample:
   dst_port: ""
   dst_port_range_start: ""
   dst_port_range_end: ""
-  log: ""
+  log: "log"
   time: ""
   state: ""
 - acl_type: "Standard"
@@ -311,6 +311,78 @@ parsed_sample:
   log: "log"
   time: "test2"
   state: "inactive"
+- acl_type: "Extended"
+  acl_name: "101"
+  line_num: "60"
+  action: "permit"
+  protocol: "udp"
+  src_host: ""
+  src_any: "any"
+  src_network: ""
+  src_wildcard: ""
+  src_port_match: "range"
+  src_port: ""
+  src_port_range_start: "16384"
+  src_port_range_end: "32767"
+  dst_host: ""
+  dst_any: ""
+  dst_network: "10.1.1.0"
+  dst_wildcard: "0.0.0.255"
+  dst_port_match: "range"
+  dst_port: ""
+  dst_port_range_start: "16384"
+  dst_port_range_end: "32767"
+  log: ""
+  time: ""
+  state: ""
+- acl_type: "Extended"
+  acl_name: "101"
+  line_num: "70"
+  action: "permit"
+  protocol: "udp"
+  src_host: ""
+  src_any: "any"
+  src_network: ""
+  src_wildcard: ""
+  src_port_match: "eq"
+  src_port: "snmp bootpc"
+  src_port_range_start: ""
+  src_port_range_end: ""
+  dst_host: ""
+  dst_any: ""
+  dst_network: "10.1.0.0"
+  dst_wildcard: "0.0.0.255"
+  dst_port_match: ""
+  dst_port: ""
+  dst_port_range_start: ""
+  dst_port_range_end: ""
+  log: ""
+  time: ""
+  state: ""
+- acl_type: "Extended"
+  acl_name: "101"
+  line_num: "80"
+  action: "permit"
+  protocol: "tcp"
+  src_host: ""
+  src_any: ""
+  src_network: "10.0.0.0"
+  src_wildcard: "0.255.255.255"
+  src_port_match: "eq"
+  src_port: "telnet ssh http 8080"
+  src_port_range_start: ""
+  src_port_range_end: ""
+  dst_host: "10.1.0.0"
+  dst_any: ""
+  dst_network: ""
+  dst_wildcard: ""
+  dst_port_match: "neq"
+  dst_port: "telnet ssh"
+  dst_port_range_start: ""
+  dst_port_range_end: ""
+  log: ""
+  time: ""
+  state: ""
 - acl_type: "Extended"
   acl_name: "sample"
   line_num: ""

diff --git a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists.raw b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists.raw
@@ -11,6 +11,9 @@ Extended IP access list 101
     30 permit ahp any any log-input
     40 permit ahp any any log-input time-range test (active)
     50 permit ip any host 10.1.10.11 log time-range test2 (inactive)
+    60 permit udp any range 16384 32767 10.1.1.0 0.0.0.255 range 16384 32767
+    70 permit udp any eq snmp bootpc 10.1.0.0 0.0.0.255
+    80 permit tcp 10.0.0.0 0.255.255.255 eq telnet ssh http 8080 host 10.1.0.0 neq telnet ssh
 Extended IP access list sample
     10 permit tcp host 10.10.37.18 host 10.10.37.17 eq bgp
     20 permit tcp host 10.10.37.18 eq bgp host 10.10.37.17