Merge pull request #304 from Jaydubya35/cisco_asa_show_crypto_ipsec_sa

Modified cisco_asa_show_crypto_ipsec_sa

templates/cisco_asa_show_crypto_ipsec_sa.template

@@ -1,6 +1,7 @@
-Value INTERFACE (\S+)
-Value CRYPTO_MAP_TAG (\w+)
-Value LOCAL_ADDRESS (\d+\.\d+\.\d+\.\d+)
+Value Filldown INTERFACE (\S+)
+Value Filldown CRYPTO_MAP_TAG (\S+)
+Value Filldown SEQUENCE_NUMBER (\d+)
+Value Filldown LOCAL_ADDRESS (\d+\.\d+\.\d+\.\d+)
 Value LOCAL_IDENTITY_ADDR (\d+\.\d+\.\d+\.\d+)
 Value LOACL_IDENTITY_MASK (\d+\.\d+\.\d+\.\d+)
 Value LOCAL_IDENTITY_PROTOCOL (\d+)
@@ -26,15 +27,16 @@ Value PRE_FRAGMENT_SUCCESS (\d+)
 Value PRE_FRAGMENT_FAILURES (\d+)
 Value FRAGMENTS_CREATED (\d+)
 Value PMTUS_SENT (\d+)
-Value PMTUS_RECIEVED (\d+)
+Value PMTUS_RECEIVED (\d+)
 Value DECAP_FRAGS_NEEDING_REASSEMBLY (\d+)
 Value SEND_ERRORS (\d+)
-Value RECIEVE_ERRORS (\d+)
+Value RECEIVE_ERRORS (\d+)
 Value LOCAL_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+)
 Value REMOTE_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+)
 Value PATH_MTU (\d+)
 Value IPSEC_OVERHEAD (\d+)
 Value MEDIA_MTU (\d+)
+Value CURRENT_INBOUND_SPI (\w+)
 Value CURRENT_OUTBOUND_SPI (\w+)
 Value INBOUND_SPI_HEX (\w+)
 Value INBOUND_SPI_INTEGER (\d+)
@@ -43,8 +45,9 @@ Value INBOUND_AUTHENTICATION (\S+)
 Value INBOUND_SETTINGS_IN_USE (.*)
 Value INBOUND_SLOT (\d+)
 Value INBOUND_CONNECTION_ID (\d+)
-Value INBOUND_CRYPTO_MAP (\w+)
+Value INBOUND_CRYPTO_MAP (\S+)
 Value INBOUND_REMAINING_LIFETIME (\d+)
+Value INBOUND_REMAINING_LIFETIME_KILOBYTES (\d+)
 Value INBOUND_IV_SIZE (\d+\s+\w+)
 Value INBOUND_REPLAY_DETECTION (\w+)
 Value OUTBOUND_SPI_HEX (\w+)
@@ -54,15 +57,16 @@ Value OUTBOUND_AUTHENTICATION (\S+)
 Value OUTBOUND_SETTINGS_IN_USE (.*)
 Value OUTBOUND_SLOT (\d+)
 Value OUTBOUND_CONNECTION_ID (\d+)
-Value OUTBOUND_CRYPTO_MAP (\w+)
+Value OUTBOUND_CRYPTO_MAP (\S+)
 Value OUTBOUND_REMAINING_LIFETIME (\d+)
+Value OUTBOUND_REMAINING_LIFETIME_KILOBYTES (\d+)
 Value OUTBOUND_IV_SIZE (\d+\s+\w+)
 Value OUTBOUND_REPLAY_DETECTION (\w+)
 
 Start
-  ^interface -> Continue.Record
   ^interface:\s+${INTERFACE}\s*
   ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG},\s+local addr:\s+${LOCAL_ADDRESS}\s*
+  ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG}, seq num:\s+${SEQUENCE_NUMBER},\s+local addr:\s+${LOCAL_ADDRESS}\s*
   ^\s+local\s+ident\s+\(addr\/mask\/prot\/port\):\s+\(${LOCAL_IDENTITY_ADDR}\/${LOACL_IDENTITY_MASK}\/${LOCAL_IDENTITY_PROTOCOL}\/${LOCAL_IDENTITY_PORT}\)\s*
   ^\s+remote\s+ident\s+\(addr/mask/prot/port\):\s+\(${REMOTE_IDENTITY_ADDR}\/${REMOTE_IDENTITY_MASK}\/${REMOTE_IDENTITY_PROTOCOL}\/${REMOTE_IDENTITY_PORT}\)\s*
   ^\s+current_peer:\s+${CURRENT_PEER}\s*
@@ -72,11 +76,12 @@ Start
   ^\s+#pkts\s+compressed:\s+${PACKETS_COMPRESSED},\s+#pkts\s+decompressed:\s+${PACKETS_DECOMPRESSED}\s*
   ^\s+#pkts\s+not\s+compressed:\s+${PACKETS_NOT_COMPRESSED},\s+#pkts\s+comp\s+failed:\s+${PACKETS_COMPRESS_FAILED},\s+#pkts\s+decomp\s+failed:\s+${PACKETS_DECOMPRESS_FAILED}\s*
   ^\s+#pre-frag\s+successes:\s+${PRE_FRAGMENT_SUCCESS},\s+#pre-frag\s+failures:\s+${PRE_FRAGMENT_FAILURES},\s+#fragments\s+created:\s+${FRAGMENTS_CREATED}\s*
-  ^\s+#PMTUs\s+sent:\s+${PMTUS_SENT},\s+#PMTUs\s+rcvd:\s+${PMTUS_RECIEVED},\s+#decapsulated\s+frags\s+needing\s+reassembly:\s+${DECAP_FRAGS_NEEDING_REASSEMBLY}\s*
-  ^\s+#send\s+errors:\s+${SEND_ERRORS},\s+#recv\s+errors:\s+${RECIEVE_ERRORS}\s*
-  ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT},\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}\s*
-  ^\s+path\s+mtu\s+${PATH_MTU},\s+ipsec\s+overhead\s+${IPSEC_OVERHEAD},\s+media\s+mtu\s+${MEDIA_MTU}\s*
+  ^\s+#PMTUs\s+sent:\s+${PMTUS_SENT},\s+#PMTUs\s+rcvd:\s+${PMTUS_RECEIVED},\s+#decapsulated\s+fra?gs\s+needing\s+reassembly:\s+${DECAP_FRAGS_NEEDING_REASSEMBLY}\s*
+  ^\s+#send\s+errors:\s+${SEND_ERRORS},\s+#recv\s+errors:\s+${RECEIVE_ERRORS}\s*
+  ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT}(\/\d+)?,\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}(\/\d+)?\s*
+  ^\s+path\s+mtu\s+${PATH_MTU},\s+ipsec\s+overhead\s+${IPSEC_OVERHEAD}(\(\d+\))?,\s+media\s+mtu\s+${MEDIA_MTU}\s*
   ^\s+current\s+outbound\s+spi:\s+${CURRENT_OUTBOUND_SPI}\s*
+  ^\s+current\s+inbound\s+spi\s+:\s+${CURRENT_INBOUND_SPI}\s*
   ^\s+inbound\s+esp\s+sas:\s* -> Inbound
   ^\s+outbound\s+esp\s+sas:\s* -> Outbound
 
@@ -86,6 +91,7 @@ Inbound
   ^\s+in\s+use\s+settings\s+=\{${INBOUND_SETTINGS_IN_USE},\s+\}\s*
   ^\s+slot:\s+${INBOUND_SLOT},\s+conn_id:\s+${INBOUND_CONNECTION_ID},\s+crypto-map:\s+${INBOUND_CRYPTO_MAP}\s*
   ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(sec\):\s+${INBOUND_REMAINING_LIFETIME}\s*
+  ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(kB\/sec\):\s+\(${INBOUND_REMAINING_LIFETIME_KILOBYTES}\/${INBOUND_REMAINING_LIFETIME}\)\s*
   ^\s+IV\s+size:\s+${INBOUND_IV_SIZE}\s*
   ^\s+replay\s+detection\s+support:\s+${INBOUND_REPLAY_DETECTION}\s* -> Start
 
@@ -95,5 +101,8 @@ Outbound
   ^\s+in\s+use\s+settings\s+=\{${OUTBOUND_SETTINGS_IN_USE},\s+\}\s*
   ^\s+slot:\s+${OUTBOUND_SLOT},\s+conn_id:\s+${OUTBOUND_CONNECTION_ID},\s+crypto-map:\s+${OUTBOUND_CRYPTO_MAP}\s*
   ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(sec\):\s+${OUTBOUND_REMAINING_LIFETIME}\s*
+  ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(kB\/sec\):\s+\(${OUTBOUND_REMAINING_LIFETIME_KILOBYTES}\/${OUTBOUND_REMAINING_LIFETIME}\)\s*
   ^\s+IV\s+size:\s+${OUTBOUND_IV_SIZE}\s*
-  ^\s+replay\s+detection\s+support:\s+${OUTBOUND_REPLAY_DETECTION}\s* -> Start
+  ^\s+replay\s+detection\s+support:\s+${OUTBOUND_REPLAY_DETECTION}\s* -> Record Start
+
+EOF

tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.parsed

@@ -1,7 +1,9 @@
 ---
 parsed_sample:
+
   - interface: "outside2"
     crypto_map_tag: "def"
+    sequence_number: ""
     local_address: "10.132.0.17"
     local_identity_addr: "0.0.0.0"
     loacl_identity_mask: "0.0.0.0"
@@ -28,15 +30,16 @@ parsed_sample:
     pre_fragment_failures: "1"
     fragments_created: "10"
     pmtus_sent: "5"
-    pmtus_recieved: "2"
+    pmtus_received: "2"
     decap_frags_needing_reassembly: "1"
     send_errors: "0"
-    recieve_errors: "0"
+    receive_errors: "0"
     local_crypto_endpoint: "10.132.0.17"
     remote_crypto_endpoint: "172.20.0.21"
     path_mtu: "1500"
     ipsec_overhead: "60"
     media_mtu: "1500"
+    current_inbound_spi: ""
     current_outbound_spi: "DC15BF68"
     inbound_spi_hex: "0x1E8246FC"
     inbound_spi_integer: "511854332"
@@ -47,6 +50,7 @@ parsed_sample:
     inbound_connection_id: "3"
     inbound_crypto_map: "def"
     inbound_remaining_lifetime: "548"
+    inbound_remaining_lifetime_kilobytes: ""
     inbound_iv_size: "8 bytes"
     inbound_replay_detection: "Y"
     outbound_spi_hex: "0xDC15BF68"
@@ -58,5 +62,134 @@ parsed_sample:
     outbound_connection_id: "3"
     outbound_crypto_map: "def"
     outbound_remaining_lifetime: "548"
+    outbound_remaining_lifetime_kilobytes: ""
     outbound_iv_size: "8 bytes"
-    outbound_replay_detection: "Y"
+    outbound_replay_detection: "Y"
+  - interface: "COLO"
+    crypto_map_tag: "COLO-MAP"
+    sequence_number: "2"
+    local_address: "172.16.248.119"
+    local_identity_addr: "172.16.122.32"
+    loacl_identity_mask: "255.255.255.240"
+    local_identity_protocol: "0"
+    local_identity_port: "0"
+    remote_identity_addr: "172.30.1.153"
+    remote_identity_mask: "255.255.255.255"
+    remote_identity_protocol: "0"
+    remote_identity_port: "0"
+    current_peer: "8.8.8.8"
+    dynamic_peer: ""
+    packets_encapsulated: "13915315"
+    packets_encrypted: "13915315"
+    packets_digested: "13915315"
+    packets_decapsulated: "23606461"
+    packets_decrypted: "23606461"
+    packets_verified: "23606461"
+    packets_compressed: "0"
+    packets_decompressed: "0"
+    packets_not_compressed: "13915315"
+    packets_compress_failed: "0"
+    packets_decompress_failed: "0"
+    pre_fragment_success: "0"
+    pre_fragment_failures: "0"
+    fragments_created: "0"
+    pmtus_sent: "0"
+    pmtus_received: "0"
+    decap_frags_needing_reassembly: "0"
+    send_errors: "0"
+    receive_errors: "0"
+    local_crypto_endpoint: "172.16.248.119"
+    remote_crypto_endpoint: "8.8.8.8"
+    path_mtu: "1500"
+    ipsec_overhead: "82"
+    media_mtu: "1500"
+    current_inbound_spi: "32F752FF"
+    current_outbound_spi: "50023DDC"
+    inbound_spi_hex: "0x32F752FF"
+    inbound_spi_integer: "855069439"
+    inbound_encryption: "esp-aes-256"
+    inbound_authentication: "esp-md5-hmac"
+    inbound_settings_in_use: "L2L, Tunnel,  NAT-T-Encaps, IKEv1"
+    inbound_slot: "0"
+    inbound_connection_id: "159694848"
+    inbound_crypto_map: "COLO-MAP"
+    inbound_remaining_lifetime: "25461"
+    inbound_remaining_lifetime_kilobytes: "2699423"
+    inbound_iv_size: "16 bytes"
+    inbound_replay_detection: "Y"
+    outbound_spi_hex: "0x50023DDC"
+    outbound_spi_integer: "1342324188"
+    outbound_encryption: "esp-aes-256"
+    outbound_authentication: "esp-md5-hmac"
+    outbound_settings_in_use: "L2L, Tunnel,  NAT-T-Encaps, IKEv1"
+    outbound_slot: "0"
+    outbound_connection_id: "159694848"
+    outbound_crypto_map: "COLO-MAP"
+    outbound_remaining_lifetime: "25461"
+    outbound_remaining_lifetime_kilobytes: "3892153"
+    outbound_iv_size: "16 bytes"
+    outbound_replay_detection: "Y"
+  - interface: "COLO"
+    crypto_map_tag: "COLO-MAP"
+    sequence_number: "3"
+    local_address: "172.20.248.119"
+    local_identity_addr: "172.20.122.32"
+    loacl_identity_mask: "255.255.255.240"
+    local_identity_protocol: "0"
+    local_identity_port: "0"
+    remote_identity_addr: "10.160.4.0"
+    remote_identity_mask: "255.255.255.0"
+    remote_identity_protocol: "0"
+    remote_identity_port: "0"
+    current_peer: "8.8.4.4"
+    dynamic_peer: ""
+    packets_encapsulated: "0"
+    packets_encrypted: "0"
+    packets_digested: "0"
+    packets_decapsulated: "0"
+    packets_decrypted: "0"
+    packets_verified: "0"
+    packets_compressed: "0"
+    packets_decompressed: "0"
+    packets_not_compressed: "0"
+    packets_compress_failed: "0"
+    packets_decompress_failed: "0"
+    pre_fragment_success: "0"
+    pre_fragment_failures: "0"
+    fragments_created: "0"
+    pmtus_sent: "0"
+    pmtus_received: "0"
+    decap_frags_needing_reassembly: "0"
+    send_errors: "0"
+    receive_errors: "0"
+    local_crypto_endpoint: "172.20.248.119"
+    remote_crypto_endpoint: "8.8.4.4"
+    path_mtu: "1500"
+    ipsec_overhead: "74"
+    media_mtu: "1500"
+    current_inbound_spi: "6A7391E0"
+    current_outbound_spi: "EA40155F"
+    inbound_spi_hex: "0x6A7391E0"
+    inbound_spi_integer: "1785958880"
+    inbound_encryption: "esp-aes-256"
+    inbound_authentication: "esp-md5-hmac"
+    inbound_settings_in_use: "L2L, Tunnel, IKEv1"
+    inbound_slot: "0"
+    inbound_connection_id: "14376960"
+    inbound_crypto_map: "COLO-MAP"
+    inbound_remaining_lifetime: "70749"
+    inbound_remaining_lifetime_kilobytes: "2038431743"
+    inbound_iv_size: "16 bytes"
+    inbound_replay_detection: "Y"
+    outbound_spi_hex: "0xEA40155F"
+    outbound_spi_integer: "3930068319"
+    outbound_encryption: "esp-aes-256"
+    outbound_authentication: "esp-md5-hmac"
+    outbound_settings_in_use: "L2L, Tunnel, IKEv1"
+    outbound_slot: "0"
+    outbound_connection_id: "14376960"
+    outbound_crypto_map: "COLO-MAP"
+    outbound_remaining_lifetime: "70749"
+    outbound_remaining_lifetime_kilobytes: "2038431743"
+    outbound_iv_size: "16 bytes"
+    outbound_replay_detection: "Y"

tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw

@@ -29,4 +29,101 @@ interface: outside2
           slot: 0, conn_id: 3, crypto-map: def
           sa timing: remaining key lifetime (sec): 548
           IV size: 8 bytes
-          replay detection support: Y
+          replay detection support: Y
+
+interface: COLO
+    Crypto map tag: COLO-MAP, seq num: 2, local addr: 172.16.248.119
+
+      access-list 2 extended permit ip 172.16.122.32 255.255.255.240 host 172.30.1.153
+      local ident (addr/mask/prot/port): (172.16.122.32/255.255.255.240/0/0)
+      remote ident (addr/mask/prot/port): (172.30.1.153/255.255.255.255/0/0)
+      current_peer: 8.8.8.8
+
+
+      #pkts encaps: 13915315, #pkts encrypt: 13915315, #pkts digest: 13915315
+      #pkts decaps: 23606461, #pkts decrypt: 23606461, #pkts verify: 23606461
+      #pkts compressed: 0, #pkts decompressed: 0
+      #pkts not compressed: 13915315, #pkts comp failed: 0, #pkts decomp failed: 0
+      #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
+      #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
+      #TFC rcvd: 0, #TFC sent: 0
+      #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
+      #send errors: 0, #recv errors: 0
+
+      local crypto endpt.: 172.16.248.119/4500, remote crypto endpt.: 8.8.8.8/4500
+      path mtu 1500, ipsec overhead 82(52), media mtu 1500
+      PMTU time remaining (sec): 0, DF policy: copy-df
+      ICMP error validation: disabled, TFC packets: disabled
+      current outbound spi: 50023DDC
+      current inbound spi : 32F752FF
+
+    inbound esp sas:
+      spi: 0x32F752FF (855069439)
+         SA State: active
+         transform: esp-aes-256 esp-md5-hmac no compression
+         in use settings ={L2L, Tunnel,  NAT-T-Encaps, IKEv1, }
+         slot: 0, conn_id: 159694848, crypto-map: COLO-MAP
+         sa timing: remaining key lifetime (kB/sec): (2699423/25461)
+         IV size: 16 bytes
+         replay detection support: Y
+         Anti replay bitmap:
+          0xFFFFFFFF 0xFFFFFFFF
+    outbound esp sas:
+      spi: 0x50023DDC (1342324188)
+         SA State: active
+         transform: esp-aes-256 esp-md5-hmac no compression
+         in use settings ={L2L, Tunnel,  NAT-T-Encaps, IKEv1, }
+         slot: 0, conn_id: 159694848, crypto-map: COLO-MAP
+         sa timing: remaining key lifetime (kB/sec): (3892153/25461)
+         IV size: 16 bytes
+         replay detection support: Y
+         Anti replay bitmap:
+          0x00000000 0x00000001
+
+    Crypto map tag: COLO-MAP, seq num: 3, local addr: 172.20.248.119
+
+      access-list 200 extended permit ip 172.20.122.32 255.255.255.240 10.160.4.0 255.255.255.0
+      local ident (addr/mask/prot/port): (172.20.122.32/255.255.255.240/0/0)
+      remote ident (addr/mask/prot/port): (10.160.4.0/255.255.255.0/0/0)
+      current_peer: 8.8.4.4
+
+
+      #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
+      #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
+      #pkts compressed: 0, #pkts decompressed: 0
+      #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
+      #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
+      #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
+      #TFC rcvd: 0, #TFC sent: 0
+      #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
+      #send errors: 0, #recv errors: 0
+
+      local crypto endpt.: 172.20.248.119/0, remote crypto endpt.: 8.8.4.4/0
+      path mtu 1500, ipsec overhead 74(44), media mtu 1500
+      PMTU time remaining (sec): 0, DF policy: copy-df
+      ICMP error validation: disabled, TFC packets: disabled
+      current outbound spi: EA40155F
+      current inbound spi : 6A7391E0
+
+    inbound esp sas:
+      spi: 0x6A7391E0 (1785958880)
+         SA State: active
+         transform: esp-aes-256 esp-md5-hmac no compression
+         in use settings ={L2L, Tunnel, IKEv1, }
+         slot: 0, conn_id: 14376960, crypto-map: COLO-MAP
+         sa timing: remaining key lifetime (kB/sec): (2038431743/70749)
+         IV size: 16 bytes
+         replay detection support: Y
+         Anti replay bitmap:
+          0x00000000 0x00000001
+    outbound esp sas:
+      spi: 0xEA40155F (3930068319)
+         SA State: active
+         transform: esp-aes-256 esp-md5-hmac no compression
+         in use settings ={L2L, Tunnel, IKEv1, }
+         slot: 0, conn_id: 14376960, crypto-map: COLO-MAP
+         sa timing: remaining key lifetime (kB/sec): (2038431743/70749)
+         IV size: 16 bytes
+         replay detection support: Y
+         Anti replay bitmap:
+          0x00000000 0x00000001