Class: CiscoAclIntp::AclBase

Inherits:

AccessControlContainer

• Object
• AccessControlContainer
• CiscoAclIntp::AclBase

Extended by:

Forwardable

Includes:

AceSearchUtility, Enumerable

Defined in:

lib/cisco_acl_intp/acl_base.rb

Overview

ACL (access-list) container. ACL is composed of ACL-Header and ACE-List. ACL has list(set) of ACE and functions to operate ACE list.

Direct Known Subclasses

NamedAcl, NumberedAcl

Constant Summary

SEQ_NUM_DIV =

Increment number of ACL sequence number

10

Constants inherited from AccessControlContainer

CiscoAclIntp::AccessControlContainer::TERM_COLOR_TABLE

Instance Attribute Summary

• #acl_type ⇒ String, Symbol readonly

  Acl_type ACL type.

• #list ⇒ Array<AceBase>

  Some Enumerable included methods returns Array of ACE objects (e.g. sort),the returned Array was used as ACE object by overwrite accessor ‘list’.

• #name ⇒ String readonly

  Name ACL name, when numbered acl, /d+/ string.

• #name_type ⇒ String, Symbol readonly

  Name_type ACL name type.

Instance Method Summary

• #==(other) ⇒ Boolean

  Check equality.

• #add_entry(ace) ⇒ Object

  Add ACE to ACL (push with sequence number).

• #clean_acl_string(str) ⇒ String

  acl string clean-up (override).

• #dup_with_list(list) ⇒ AclBase

  duplicate ACE list.

• #find_aces_contained(opts) ⇒ Array<AceBase>

  Find lists of ACEs that is contained flow by options.

• #find_aces_contains(opts) ⇒ Array<AceBase>

  Find lists of ACEs that contains flow by options.

• #find_aces_with(opts) {|ace, target_ace| ... } ⇒ Array<AceBase>

  Find lists of ACEs.

• #initialize(name) ⇒ AclBase constructor

  Constructor.

• #renumber ⇒ Object

  Renumber ACL by list sequence.

Methods included from AceSearchUtility

#generate_port_obj, generate_port_obj, #port_spec_by_protocol, port_spec_by_protocol, ptkey, #ptkey, search_conditions, #search_conditions, select_proto_class, #select_proto_class, slice_contains_opts, #slice_contains_opts, #srcdst_condition, srcdst_condition, #target_ace, target_ace

Methods inherited from AccessControlContainer

disable_color, #generate_tag_footer, #generate_tag_header, #generate_tagged_str, #method_missing, #to_s

Constructor Details

#initialize(name) ⇒ AclBase

Constructor

Parameters:

• name (String) —

  ACL name

# File 'lib/cisco_acl_intp/acl_base.rb', line 39

def initialize(name)
  @name = name # ACL name
  @list = [] # List of ACE
  @seq_number = 0 # Sequence Number of ACE

  @acl_type = nil # :standard or :extended
  @name_type = nil # :named or :numbered
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class CiscoAclIntp::AccessControlContainer

Instance Attribute Details

#acl_type ⇒ String, Symbol (readonly)

Returns acl_type ACL type.

Returns:

• (String, Symbol) —

  acl_type ACL type

# File 'lib/cisco_acl_intp/acl_base.rb', line 25

def acl_type
  @acl_type
end

#list ⇒ Array<AceBase>

Some Enumerable included methods returns Array of ACE objects (e.g. sort),the returned Array was used as ACE object by overwrite accessor ‘list’.

Returns:

• (Array<AceBase>) —

  list ACE object Array

# File 'lib/cisco_acl_intp/acl_base.rb', line 23

def list
  @list
end

#name ⇒ String (readonly)

Returns name ACL name, when numbered acl, /d+/ string.

Returns:

• (String) —

  name ACL name, when numbered acl, /d+/ string

# File 'lib/cisco_acl_intp/acl_base.rb', line 18

def name
  @name
end

#name_type ⇒ String, Symbol (readonly)

Returns name_type ACL name type.

Returns:

• (String, Symbol) —

  name_type ACL name type

# File 'lib/cisco_acl_intp/acl_base.rb', line 27

def name_type
  @name_type
end

Instance Method Details

#==(other) ⇒ Boolean

Check equality

Returns:

• (Boolean)

# File 'lib/cisco_acl_intp/acl_base.rb', line 77

def ==(other)
  @acl_type &&
    @name_type &&
    @acl_type == other.acl_type &&
    @name_type == other.name_type &&
    @list == other.list
end

#add_entry(ace) ⇒ Object

Add ACE to ACL (push with sequence number)

Parameters:

• ace (AceBase) —

  ACE object

# File 'lib/cisco_acl_intp/acl_base.rb', line 59

def add_entry(ace)
  # 'ace' is AceBase Object
  # it will be ExtendedAce/StandardAce/RemarkAce/EvaluateAce
  ace.seq_number = (@list.length + 1) * SEQ_NUM_DIV unless ace.seq_number?
  @list.push ace
end

#clean_acl_string(str) ⇒ String

acl string clean-up (override)

Parameters:

• str (String) —

  ACL string.

Returns:

• (String)

# File 'lib/cisco_acl_intp/acl_base.rb', line 128

def clean_acl_string(str)
  str =~ /remark/ ? str : super
end

#dup_with_list(list) ⇒ AclBase

duplicate ACE list

Parameters:

• list (Array<AceBase>) —

  List of ACE

Returns:

• (AclBase)

# File 'lib/cisco_acl_intp/acl_base.rb', line 51

def dup_with_list(list)
  acl = dup
  acl.list = list.dup
  acl
end

#find_aces_contained(opts) ⇒ Array<AceBase>

Find lists of ACEs that is contained flow by options

Parameters:

• opts (Hash) —

  Options (target packet info) options are same as #find_aces_with

Returns:

• (Array<AceBase>) —

  List of ACEs or nil(not found)

See Also:

• #find_aces_with

# File 'lib/cisco_acl_intp/acl_base.rb', line 99

def find_aces_contained(opts)
  find_aces_with(opts) { |ace, target_ace| target_ace.contains?(ace) }
end

#find_aces_contains(opts) ⇒ Array<AceBase>

Find lists of ACEs that contains flow by options

Parameters:

• opts (Hash) —

  Options (target packet info) options are same as #find_aces_with

Returns:

• (Array<AceBase>) —

  List of ACEs or nil(not found)

See Also:

• #find_aces_with

# File 'lib/cisco_acl_intp/acl_base.rb', line 90

def find_aces_contains(opts)
  find_aces_with(opts) { |ace, target_ace| ace.contains?(target_ace) }
end

#find_aces_with(opts) {|ace, target_ace| ... } ⇒ Array<AceBase>

Note:

In Standard ACL, only src_ip option is used and another conditions are ignored (if specified).

Find lists of ACEs

Parameters:

• opts (Hash) —

  Options (target flow info),

Options Hash (opts):

• protocol (Integer, String) —

  L3 protocol No./Name

• src_ip (String) —

  Source IP Address

• src_operator (String) —

  Source port operator.

• src_begin_port (Integer, String) —

  Source Port No./Name

• src_end_port (Integer, String) —

  Source Port No./Name

• dst_ip (String) —

  Destination IP Address

• dst_begin_port (Integer, String) —

  Destination Port No./Name

• dst_end_port (Integer, String) —

  Destination Port No./Name

Yields:

• Find lists of ACEs

Yield Parameters:

• ace (ExtendedAce) —

  ACE

• target_ace (ExtendedAce) —

  Target ACE

Yield Returns:

• (Boolean) —

  Condition to find

Returns:

• (Array<AceBase>) —

  List of ACEs or nil(not found)

# File 'lib/cisco_acl_intp/acl_base.rb', line 120

def find_aces_with(opts)
  target_ace = target_ace(opts)
  @list.find { |ace| yield(ace, target_ace) }
end

#renumber ⇒ Object

Renumber ACL by list sequence

# File 'lib/cisco_acl_intp/acl_base.rb', line 67

def renumber
  # re-numbering seq_number of each entry
  @list.reduce(SEQ_NUM_DIV) do |number, each|
    each.seq_number = number
    number + SEQ_NUM_DIV
  end
end