Enhancement: ASA ipsec sa - Adds compatibility for names (networktoco…

…de#629)

Also fixes a typo on ``loacl`` capture group

templates/cisco_asa_show_crypto_ipsec_sa.textfsm

@@ -2,8 +2,9 @@ Value Filldown INTERFACE (\S+)
 Value Filldown CRYPTO_MAP_TAG (\S+)
 Value Filldown SEQUENCE_NUMBER (\d+)
 Value Filldown LOCAL_ADDRESS (\d+\.\d+\.\d+\.\d+)
+Value Filldown LOCAL_ADDRESS_NAME (\S+)
 Value LOCAL_IDENTITY_ADDR (\d+\.\d+\.\d+\.\d+)
-Value LOACL_IDENTITY_MASK (\d+\.\d+\.\d+\.\d+)
+Value LOCAL_IDENTITY_MASK (\d+\.\d+\.\d+\.\d+)
 Value LOCAL_IDENTITY_PROTOCOL (\d+)
 Value LOCAL_IDENTITY_PORT (\d+)
 Value REMOTE_IDENTITY_ADDR (\d+\.\d+\.\d+\.\d+)
@@ -12,6 +13,8 @@ Value REMOTE_IDENTITY_PROTOCOL (\d+)
 Value REMOTE_IDENTITY_PORT (\d+)
 Value CURRENT_PEER (\d+\.\d+\.\d+\.\d+)
 Value DYNAMIC_PEER (\d+\.\d+\.\d+\.\d+)
+Value CURRENT_PEER_NAME (\S+)
+Value DYNAMIC_PEER_NAME (\S+)
 Value PACKETS_ENCAPSULATED (\d+)
 Value PACKETS_ENCRYPTED (\d+)
 Value PACKETS_DIGESTED (\d+)
@@ -33,6 +36,8 @@ Value SEND_ERRORS (\d+)
 Value RECEIVE_ERRORS (\d+)
 Value LOCAL_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+)
 Value REMOTE_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+)
+Value LOCAL_CRYPTO_ENDPOINT_NAME (\S+)
+Value REMOTE_CRYPTO_ENDPOINT_NAME (\S+)
 Value PATH_MTU (\d+)
 Value IPSEC_OVERHEAD (\d+)
 Value MEDIA_MTU (\d+)
@@ -65,20 +70,21 @@ Value OUTBOUND_REPLAY_DETECTION (\w+)
 
 Start
   ^interface:\s+${INTERFACE}\s*
-  ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG},\s+local addr:\s+${LOCAL_ADDRESS}\s*
-  ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG}, seq num:\s+${SEQUENCE_NUMBER},\s+local addr:\s+${LOCAL_ADDRESS}\s*
-  ^\s+local\s+ident\s+\(addr\/mask\/prot\/port\):\s+\(${LOCAL_IDENTITY_ADDR}\/${LOACL_IDENTITY_MASK}\/${LOCAL_IDENTITY_PROTOCOL}\/${LOCAL_IDENTITY_PORT}\)\s*
+  ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG},\s+local addr:\s+(?:${LOCAL_ADDRESS}|${LOCAL_ADDRESS_NAME})\s*
+  ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG}, seq num:\s+${SEQUENCE_NUMBER},\s+local addr:\s+(?:${LOCAL_ADDRESS}|${LOCAL_ADDRESS_NAME})\s*
+  ^\s+local\s+ident\s+\(addr\/mask\/prot\/port\):\s+\(${LOCAL_IDENTITY_ADDR}\/${LOCAL_IDENTITY_MASK}\/${LOCAL_IDENTITY_PROTOCOL}\/${LOCAL_IDENTITY_PORT}\)\s*
   ^\s+remote\s+ident\s+\(addr/mask/prot/port\):\s+\(${REMOTE_IDENTITY_ADDR}\/${REMOTE_IDENTITY_MASK}\/${REMOTE_IDENTITY_PROTOCOL}\/${REMOTE_IDENTITY_PORT}\)\s*
-  ^\s+current_peer:\s+${CURRENT_PEER}\s*
-  ^\s+dynamic\s+allocated\s+peer\s+ip:\s+${DYNAMIC_PEER}\s*
+  ^\s+current_peer:\s+(?:${CURRENT_PEER}|${CURRENT_PEER_NAME})\s*
+  ^\s+dynamic\s+allocated\s+peer\s+ip:\s+(?:${DYNAMIC_PEER}|${DYNAMIC_PEER_NAME})\s*
   ^\s+#pkts\s+encaps:\s+${PACKETS_ENCAPSULATED},\s+#pkts\s+encrypt:\s+${PACKETS_ENCRYPTED},\s+#pkts\s+digest:\s+${PACKETS_DIGESTED}\s*
   ^\s+#pkts\s+decaps:\s+${PACKETS_DECAPSULATED},\s+#pkts\s+decrypt:\s+${PACKETS_DECRYPTED},\s+#pkts\s+verify:\s+${PACKETS_VERIFIED}\s*
   ^\s+#pkts\s+compressed:\s+${PACKETS_COMPRESSED},\s+#pkts\s+decompressed:\s+${PACKETS_DECOMPRESSED}\s*
   ^\s+#pkts\s+not\s+compressed:\s+${PACKETS_NOT_COMPRESSED},\s+#pkts\s+comp\s+failed:\s+${PACKETS_COMPRESS_FAILED},\s+#pkts\s+decomp\s+failed:\s+${PACKETS_DECOMPRESS_FAILED}\s*
   ^\s+#pre-frag\s+successes:\s+${PRE_FRAGMENT_SUCCESS},\s+#pre-frag\s+failures:\s+${PRE_FRAGMENT_FAILURES},\s+#fragments\s+created:\s+${FRAGMENTS_CREATED}\s*
   ^\s+#PMTUs\s+sent:\s+${PMTUS_SENT},\s+#PMTUs\s+rcvd:\s+${PMTUS_RECEIVED},\s+#decapsulated\s+fra?gs\s+needing\s+reassembly:\s+${DECAP_FRAGS_NEEDING_REASSEMBLY}\s*
   ^\s+#send\s+errors:\s+${SEND_ERRORS},\s+#recv\s+errors:\s+${RECEIVE_ERRORS}\s*
-  ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT}(\/\d+)?,\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}(\/\d+)?\s*
+  ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT},\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}\s*
+  ^\s+local\s+crypto\s+endpt\.:\s+(?:${LOCAL_CRYPTO_ENDPOINT}|${LOCAL_CRYPTO_ENDPOINT_NAME})(\/\d+),\s+remote\s+crypto\s+endpt\.:\s+(?:${REMOTE_CRYPTO_ENDPOINT}|${REMOTE_CRYPTO_ENDPOINT_NAME})(\/\d+)\s*
   ^\s+path\s+mtu\s+${PATH_MTU},\s+ipsec\s+overhead\s+${IPSEC_OVERHEAD}(\(\d+\))?,\s+media\s+mtu\s+${MEDIA_MTU}\s*
   ^\s+current\s+outbound\s+spi:\s+${CURRENT_OUTBOUND_SPI}\s*
   ^\s+current\s+inbound\s+spi\s+:\s+${CURRENT_INBOUND_SPI}\s*

templates/index

@@ -118,7 +118,7 @@ cisco_asa_show_crypto_ikev1_sa_detail.textfsm, .*, cisco_asa, sh[[ow]] cry[[pto]
 cisco_asa_show_object-group_network.textfsm, .*, cisco_asa, sh[[ow]] (?:ru[[nning-config]] object-[[group]]|ob[[ject-group]]) n[[etwork]]
 cisco_asa_show_running-config_ipsec.textfsm, .*, cisco_asa, sh[[ow]] ru[[nning-config]] ips[[ec]]
 cisco_asa_show_interface_detail.textfsm, .*, cisco_asa, sh[[ow]] int[[erface]] d[[etail]]
-cisco_asa_show_crypto_ipsec_sa.textfsm, .*, cisco_asa, sh[[ow]] cry[[pto]] ip[[sec]] sa
+cisco_asa_show_crypto_ipsec_sa.textfsm, .*, cisco_asa, sh[[ow]] (?:cry[[pto]] ip[[sec]]|ipsec) sa
 cisco_asa_show_resource_usage.textfsm, .*, cisco_asa, sh[[ow]] res[[ource]] u[[sage]]
 cisco_asa_show_access-list.textfsm, .*, cisco_asa, sh[[ow]] ac[[cess-list]]
 cisco_asa_show_license_all.textfsm, .*, cisco_asa, (?:fa[[ilover]]\s+e[[xec]]\s+)?sh[[ow]] lic[[ense]] a[[ll]]

tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw

@@ -80,12 +80,12 @@ interface: COLO
          Anti replay bitmap:
           0x00000000 0x00000001
 
-    Crypto map tag: COLO-MAP, seq num: 3, local addr: 172.20.248.119
+    Crypto map tag: COLO-MAP, seq num: 3, local addr: LOCAL-ADDR-172.20.248.119
 
       access-list 200 extended permit ip 172.20.122.32 255.255.255.240 10.160.4.0 255.255.255.0
       local ident (addr/mask/prot/port): (172.20.122.32/255.255.255.240/0/0)
       remote ident (addr/mask/prot/port): (10.160.4.0/255.255.255.0/0/0)
-      current_peer: 8.8.4.4
+      current_peer: REMOTE-PEER-8.8.4.4
 
 
       #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
@@ -98,7 +98,7 @@ interface: COLO
       #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
       #send errors: 0, #recv errors: 0
 
-      local crypto endpt.: 172.20.248.119/0, remote crypto endpt.: 8.8.4.4/0
+      local crypto endpt.: LOCAL-ADDR-172.20.248.119/500, remote crypto endpt.: REMOTE-PEER-8.8.4.4/500
       path mtu 1500, ipsec overhead 74(44), media mtu 1500
       PMTU time remaining (sec): 0, DF policy: copy-df
       ICMP error validation: disabled, TFC packets: disabled

tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.yml

@@ -4,16 +4,19 @@ parsed_sample:
     crypto_map_tag: "def"
     sequence_number: ""
     local_address: "10.132.0.17"
+    local_address_name: ""
     local_identity_addr: "0.0.0.0"
-    loacl_identity_mask: "0.0.0.0"
+    local_identity_mask: "0.0.0.0"
     local_identity_protocol: "0"
     local_identity_port: "0"
     remote_identity_addr: "172.20.0.21"
     remote_identity_mask: "255.255.255.255"
     remote_identity_protocol: "0"
     remote_identity_port: "0"
     current_peer: "172.20.0.21"
+    current_peer_name: ""
     dynamic_peer: "10.135.1.5"
+    dynamic_peer_name: ""
     packets_encapsulated: "0"
     packets_encrypted: "0"
     packets_digested: "0"
@@ -34,7 +37,9 @@ parsed_sample:
     send_errors: "0"
     receive_errors: "0"
     local_crypto_endpoint: "10.132.0.17"
+    local_crypto_endpoint_name: ""
     remote_crypto_endpoint: "172.20.0.21"
+    remote_crypto_endpoint_name: ""
     path_mtu: "1500"
     ipsec_overhead: "60"
     media_mtu: "1500"
@@ -68,16 +73,19 @@ parsed_sample:
     crypto_map_tag: "COLO-MAP"
     sequence_number: "2"
     local_address: "172.16.248.119"
+    local_address_name: ""
     local_identity_addr: "172.16.122.32"
-    loacl_identity_mask: "255.255.255.240"
+    local_identity_mask: "255.255.255.240"
     local_identity_protocol: "0"
     local_identity_port: "0"
     remote_identity_addr: "172.30.1.153"
     remote_identity_mask: "255.255.255.255"
     remote_identity_protocol: "0"
     remote_identity_port: "0"
     current_peer: "8.8.8.8"
+    current_peer_name: ""
     dynamic_peer: ""
+    dynamic_peer_name: ""
     packets_encapsulated: "13915315"
     packets_encrypted: "13915315"
     packets_digested: "13915315"
@@ -98,7 +106,9 @@ parsed_sample:
     send_errors: "0"
     receive_errors: "0"
     local_crypto_endpoint: "172.16.248.119"
+    local_crypto_endpoint_name: ""
     remote_crypto_endpoint: "8.8.8.8"
+    remote_crypto_endpoint_name: ""
     path_mtu: "1500"
     ipsec_overhead: "82"
     media_mtu: "1500"
@@ -131,17 +141,20 @@ parsed_sample:
   - interface: "COLO"
     crypto_map_tag: "COLO-MAP"
     sequence_number: "3"
-    local_address: "172.20.248.119"
+    local_address: ""
+    local_address_name: "LOCAL-ADDR-172.20.248.119"
     local_identity_addr: "172.20.122.32"
-    loacl_identity_mask: "255.255.255.240"
+    local_identity_mask: "255.255.255.240"
     local_identity_protocol: "0"
     local_identity_port: "0"
     remote_identity_addr: "10.160.4.0"
     remote_identity_mask: "255.255.255.0"
     remote_identity_protocol: "0"
     remote_identity_port: "0"
-    current_peer: "8.8.4.4"
+    current_peer: ""
+    current_peer_name: "REMOTE-PEER-8.8.4.4"
     dynamic_peer: ""
+    dynamic_peer_name: ""
     packets_encapsulated: "0"
     packets_encrypted: "0"
     packets_digested: "0"
@@ -161,8 +174,10 @@ parsed_sample:
     decap_frags_needing_reassembly: "0"
     send_errors: "0"
     receive_errors: "0"
-    local_crypto_endpoint: "172.20.248.119"
-    remote_crypto_endpoint: "8.8.4.4"
+    local_crypto_endpoint: ""
+    local_crypto_endpoint_name: "LOCAL-ADDR-172.20.248.119"
+    remote_crypto_endpoint: ""
+    remote_crypto_endpoint_name: "REMOTE-PEER-8.8.4.4"
     path_mtu: "1500"
     ipsec_overhead: "74"
     media_mtu: "1500"