diff --git a/templates/cisco_asa_show_crypto_ipsec_sa.template b/templates/cisco_asa_show_crypto_ipsec_sa.template index 4be24b5899..eb22f9e77f 100644 --- a/templates/cisco_asa_show_crypto_ipsec_sa.template +++ b/templates/cisco_asa_show_crypto_ipsec_sa.template @@ -1,6 +1,7 @@ -Value INTERFACE (\S+) -Value CRYPTO_MAP_TAG (\w+) -Value LOCAL_ADDRESS (\d+\.\d+\.\d+\.\d+) +Value Filldown INTERFACE (\S+) +Value Filldown CRYPTO_MAP_TAG (\S+) +Value Filldown SEQUENCE_NUMBER (\d+) +Value Filldown LOCAL_ADDRESS (\d+\.\d+\.\d+\.\d+) Value LOCAL_IDENTITY_ADDR (\d+\.\d+\.\d+\.\d+) Value LOACL_IDENTITY_MASK (\d+\.\d+\.\d+\.\d+) Value LOCAL_IDENTITY_PROTOCOL (\d+) @@ -26,15 +27,16 @@ Value PRE_FRAGMENT_SUCCESS (\d+) Value PRE_FRAGMENT_FAILURES (\d+) Value FRAGMENTS_CREATED (\d+) Value PMTUS_SENT (\d+) -Value PMTUS_RECIEVED (\d+) +Value PMTUS_RECEIVED (\d+) Value DECAP_FRAGS_NEEDING_REASSEMBLY (\d+) Value SEND_ERRORS (\d+) -Value RECIEVE_ERRORS (\d+) +Value RECEIVE_ERRORS (\d+) Value LOCAL_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+) Value REMOTE_CRYPTO_ENDPOINT (\d+\.\d+\.\d+\.\d+) Value PATH_MTU (\d+) Value IPSEC_OVERHEAD (\d+) Value MEDIA_MTU (\d+) +Value CURRENT_INBOUND_SPI (\w+) Value CURRENT_OUTBOUND_SPI (\w+) Value INBOUND_SPI_HEX (\w+) Value INBOUND_SPI_INTEGER (\d+) @@ -43,8 +45,9 @@ Value INBOUND_AUTHENTICATION (\S+) Value INBOUND_SETTINGS_IN_USE (.*) Value INBOUND_SLOT (\d+) Value INBOUND_CONNECTION_ID (\d+) -Value INBOUND_CRYPTO_MAP (\w+) +Value INBOUND_CRYPTO_MAP (\S+) Value INBOUND_REMAINING_LIFETIME (\d+) +Value INBOUND_REMAINING_LIFETIME_KILOBYTES (\d+) Value INBOUND_IV_SIZE (\d+\s+\w+) Value INBOUND_REPLAY_DETECTION (\w+) Value OUTBOUND_SPI_HEX (\w+) @@ -54,15 +57,16 @@ Value OUTBOUND_AUTHENTICATION (\S+) Value OUTBOUND_SETTINGS_IN_USE (.*) Value OUTBOUND_SLOT (\d+) Value OUTBOUND_CONNECTION_ID (\d+) -Value OUTBOUND_CRYPTO_MAP (\w+) +Value OUTBOUND_CRYPTO_MAP (\S+) Value OUTBOUND_REMAINING_LIFETIME (\d+) +Value OUTBOUND_REMAINING_LIFETIME_KILOBYTES (\d+) Value OUTBOUND_IV_SIZE (\d+\s+\w+) Value OUTBOUND_REPLAY_DETECTION (\w+) Start - ^interface -> Continue.Record ^interface:\s+${INTERFACE}\s* ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG},\s+local addr:\s+${LOCAL_ADDRESS}\s* + ^\s+Crypto map tag:\s+${CRYPTO_MAP_TAG}, seq num:\s+${SEQUENCE_NUMBER},\s+local addr:\s+${LOCAL_ADDRESS}\s* ^\s+local\s+ident\s+\(addr\/mask\/prot\/port\):\s+\(${LOCAL_IDENTITY_ADDR}\/${LOACL_IDENTITY_MASK}\/${LOCAL_IDENTITY_PROTOCOL}\/${LOCAL_IDENTITY_PORT}\)\s* ^\s+remote\s+ident\s+\(addr/mask/prot/port\):\s+\(${REMOTE_IDENTITY_ADDR}\/${REMOTE_IDENTITY_MASK}\/${REMOTE_IDENTITY_PROTOCOL}\/${REMOTE_IDENTITY_PORT}\)\s* ^\s+current_peer:\s+${CURRENT_PEER}\s* @@ -72,11 +76,12 @@ Start ^\s+#pkts\s+compressed:\s+${PACKETS_COMPRESSED},\s+#pkts\s+decompressed:\s+${PACKETS_DECOMPRESSED}\s* ^\s+#pkts\s+not\s+compressed:\s+${PACKETS_NOT_COMPRESSED},\s+#pkts\s+comp\s+failed:\s+${PACKETS_COMPRESS_FAILED},\s+#pkts\s+decomp\s+failed:\s+${PACKETS_DECOMPRESS_FAILED}\s* ^\s+#pre-frag\s+successes:\s+${PRE_FRAGMENT_SUCCESS},\s+#pre-frag\s+failures:\s+${PRE_FRAGMENT_FAILURES},\s+#fragments\s+created:\s+${FRAGMENTS_CREATED}\s* - ^\s+#PMTUs\s+sent:\s+${PMTUS_SENT},\s+#PMTUs\s+rcvd:\s+${PMTUS_RECIEVED},\s+#decapsulated\s+frags\s+needing\s+reassembly:\s+${DECAP_FRAGS_NEEDING_REASSEMBLY}\s* - ^\s+#send\s+errors:\s+${SEND_ERRORS},\s+#recv\s+errors:\s+${RECIEVE_ERRORS}\s* - ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT},\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}\s* - ^\s+path\s+mtu\s+${PATH_MTU},\s+ipsec\s+overhead\s+${IPSEC_OVERHEAD},\s+media\s+mtu\s+${MEDIA_MTU}\s* + ^\s+#PMTUs\s+sent:\s+${PMTUS_SENT},\s+#PMTUs\s+rcvd:\s+${PMTUS_RECEIVED},\s+#decapsulated\s+fra?gs\s+needing\s+reassembly:\s+${DECAP_FRAGS_NEEDING_REASSEMBLY}\s* + ^\s+#send\s+errors:\s+${SEND_ERRORS},\s+#recv\s+errors:\s+${RECEIVE_ERRORS}\s* + ^\s+local\s+crypto\s+endpt\.:\s+${LOCAL_CRYPTO_ENDPOINT}(\/\d+)?,\s+remote\s+crypto\s+endpt\.:\s+${REMOTE_CRYPTO_ENDPOINT}(\/\d+)?\s* + ^\s+path\s+mtu\s+${PATH_MTU},\s+ipsec\s+overhead\s+${IPSEC_OVERHEAD}(\(\d+\))?,\s+media\s+mtu\s+${MEDIA_MTU}\s* ^\s+current\s+outbound\s+spi:\s+${CURRENT_OUTBOUND_SPI}\s* + ^\s+current\s+inbound\s+spi\s+:\s+${CURRENT_INBOUND_SPI}\s* ^\s+inbound\s+esp\s+sas:\s* -> Inbound ^\s+outbound\s+esp\s+sas:\s* -> Outbound @@ -86,6 +91,7 @@ Inbound ^\s+in\s+use\s+settings\s+=\{${INBOUND_SETTINGS_IN_USE},\s+\}\s* ^\s+slot:\s+${INBOUND_SLOT},\s+conn_id:\s+${INBOUND_CONNECTION_ID},\s+crypto-map:\s+${INBOUND_CRYPTO_MAP}\s* ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(sec\):\s+${INBOUND_REMAINING_LIFETIME}\s* + ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(kB\/sec\):\s+\(${INBOUND_REMAINING_LIFETIME_KILOBYTES}\/${INBOUND_REMAINING_LIFETIME}\)\s* ^\s+IV\s+size:\s+${INBOUND_IV_SIZE}\s* ^\s+replay\s+detection\s+support:\s+${INBOUND_REPLAY_DETECTION}\s* -> Start @@ -95,5 +101,8 @@ Outbound ^\s+in\s+use\s+settings\s+=\{${OUTBOUND_SETTINGS_IN_USE},\s+\}\s* ^\s+slot:\s+${OUTBOUND_SLOT},\s+conn_id:\s+${OUTBOUND_CONNECTION_ID},\s+crypto-map:\s+${OUTBOUND_CRYPTO_MAP}\s* ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(sec\):\s+${OUTBOUND_REMAINING_LIFETIME}\s* + ^\s+sa\s+timing:\s+remaining\s+key\s+lifetime\s+\(kB\/sec\):\s+\(${OUTBOUND_REMAINING_LIFETIME_KILOBYTES}\/${OUTBOUND_REMAINING_LIFETIME}\)\s* ^\s+IV\s+size:\s+${OUTBOUND_IV_SIZE}\s* - ^\s+replay\s+detection\s+support:\s+${OUTBOUND_REPLAY_DETECTION}\s* -> Start + ^\s+replay\s+detection\s+support:\s+${OUTBOUND_REPLAY_DETECTION}\s* -> Record Start + +EOF diff --git a/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.parsed b/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.parsed index 86eb5b5290..02cfb7dae6 100644 --- a/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.parsed +++ b/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.parsed @@ -1,7 +1,9 @@ --- parsed_sample: + - interface: "outside2" crypto_map_tag: "def" + sequence_number: "" local_address: "10.132.0.17" local_identity_addr: "0.0.0.0" loacl_identity_mask: "0.0.0.0" @@ -28,15 +30,16 @@ parsed_sample: pre_fragment_failures: "1" fragments_created: "10" pmtus_sent: "5" - pmtus_recieved: "2" + pmtus_received: "2" decap_frags_needing_reassembly: "1" send_errors: "0" - recieve_errors: "0" + receive_errors: "0" local_crypto_endpoint: "10.132.0.17" remote_crypto_endpoint: "172.20.0.21" path_mtu: "1500" ipsec_overhead: "60" media_mtu: "1500" + current_inbound_spi: "" current_outbound_spi: "DC15BF68" inbound_spi_hex: "0x1E8246FC" inbound_spi_integer: "511854332" @@ -47,6 +50,7 @@ parsed_sample: inbound_connection_id: "3" inbound_crypto_map: "def" inbound_remaining_lifetime: "548" + inbound_remaining_lifetime_kilobytes: "" inbound_iv_size: "8 bytes" inbound_replay_detection: "Y" outbound_spi_hex: "0xDC15BF68" @@ -58,5 +62,134 @@ parsed_sample: outbound_connection_id: "3" outbound_crypto_map: "def" outbound_remaining_lifetime: "548" + outbound_remaining_lifetime_kilobytes: "" outbound_iv_size: "8 bytes" - outbound_replay_detection: "Y" \ No newline at end of file + outbound_replay_detection: "Y" + - interface: "COLO" + crypto_map_tag: "COLO-MAP" + sequence_number: "2" + local_address: "172.16.248.119" + local_identity_addr: "172.16.122.32" + loacl_identity_mask: "255.255.255.240" + local_identity_protocol: "0" + local_identity_port: "0" + remote_identity_addr: "172.30.1.153" + remote_identity_mask: "255.255.255.255" + remote_identity_protocol: "0" + remote_identity_port: "0" + current_peer: "8.8.8.8" + dynamic_peer: "" + packets_encapsulated: "13915315" + packets_encrypted: "13915315" + packets_digested: "13915315" + packets_decapsulated: "23606461" + packets_decrypted: "23606461" + packets_verified: "23606461" + packets_compressed: "0" + packets_decompressed: "0" + packets_not_compressed: "13915315" + packets_compress_failed: "0" + packets_decompress_failed: "0" + pre_fragment_success: "0" + pre_fragment_failures: "0" + fragments_created: "0" + pmtus_sent: "0" + pmtus_received: "0" + decap_frags_needing_reassembly: "0" + send_errors: "0" + receive_errors: "0" + local_crypto_endpoint: "172.16.248.119" + remote_crypto_endpoint: "8.8.8.8" + path_mtu: "1500" + ipsec_overhead: "82" + media_mtu: "1500" + current_inbound_spi: "32F752FF" + current_outbound_spi: "50023DDC" + inbound_spi_hex: "0x32F752FF" + inbound_spi_integer: "855069439" + inbound_encryption: "esp-aes-256" + inbound_authentication: "esp-md5-hmac" + inbound_settings_in_use: "L2L, Tunnel, NAT-T-Encaps, IKEv1" + inbound_slot: "0" + inbound_connection_id: "159694848" + inbound_crypto_map: "COLO-MAP" + inbound_remaining_lifetime: "25461" + inbound_remaining_lifetime_kilobytes: "2699423" + inbound_iv_size: "16 bytes" + inbound_replay_detection: "Y" + outbound_spi_hex: "0x50023DDC" + outbound_spi_integer: "1342324188" + outbound_encryption: "esp-aes-256" + outbound_authentication: "esp-md5-hmac" + outbound_settings_in_use: "L2L, Tunnel, NAT-T-Encaps, IKEv1" + outbound_slot: "0" + outbound_connection_id: "159694848" + outbound_crypto_map: "COLO-MAP" + outbound_remaining_lifetime: "25461" + outbound_remaining_lifetime_kilobytes: "3892153" + outbound_iv_size: "16 bytes" + outbound_replay_detection: "Y" + - interface: "COLO" + crypto_map_tag: "COLO-MAP" + sequence_number: "3" + local_address: "172.20.248.119" + local_identity_addr: "172.20.122.32" + loacl_identity_mask: "255.255.255.240" + local_identity_protocol: "0" + local_identity_port: "0" + remote_identity_addr: "10.160.4.0" + remote_identity_mask: "255.255.255.0" + remote_identity_protocol: "0" + remote_identity_port: "0" + current_peer: "8.8.4.4" + dynamic_peer: "" + packets_encapsulated: "0" + packets_encrypted: "0" + packets_digested: "0" + packets_decapsulated: "0" + packets_decrypted: "0" + packets_verified: "0" + packets_compressed: "0" + packets_decompressed: "0" + packets_not_compressed: "0" + packets_compress_failed: "0" + packets_decompress_failed: "0" + pre_fragment_success: "0" + pre_fragment_failures: "0" + fragments_created: "0" + pmtus_sent: "0" + pmtus_received: "0" + decap_frags_needing_reassembly: "0" + send_errors: "0" + receive_errors: "0" + local_crypto_endpoint: "172.20.248.119" + remote_crypto_endpoint: "8.8.4.4" + path_mtu: "1500" + ipsec_overhead: "74" + media_mtu: "1500" + current_inbound_spi: "6A7391E0" + current_outbound_spi: "EA40155F" + inbound_spi_hex: "0x6A7391E0" + inbound_spi_integer: "1785958880" + inbound_encryption: "esp-aes-256" + inbound_authentication: "esp-md5-hmac" + inbound_settings_in_use: "L2L, Tunnel, IKEv1" + inbound_slot: "0" + inbound_connection_id: "14376960" + inbound_crypto_map: "COLO-MAP" + inbound_remaining_lifetime: "70749" + inbound_remaining_lifetime_kilobytes: "2038431743" + inbound_iv_size: "16 bytes" + inbound_replay_detection: "Y" + outbound_spi_hex: "0xEA40155F" + outbound_spi_integer: "3930068319" + outbound_encryption: "esp-aes-256" + outbound_authentication: "esp-md5-hmac" + outbound_settings_in_use: "L2L, Tunnel, IKEv1" + outbound_slot: "0" + outbound_connection_id: "14376960" + outbound_crypto_map: "COLO-MAP" + outbound_remaining_lifetime: "70749" + outbound_remaining_lifetime_kilobytes: "2038431743" + outbound_iv_size: "16 bytes" + outbound_replay_detection: "Y" diff --git a/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw b/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw index 4e43612ef7..5c7e27359b 100644 --- a/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw +++ b/tests/cisco_asa/show_crypto_ipsec_sa/cisco_asa_show_crypto_ipsec_sa.raw @@ -29,4 +29,101 @@ interface: outside2 slot: 0, conn_id: 3, crypto-map: def sa timing: remaining key lifetime (sec): 548 IV size: 8 bytes - replay detection support: Y \ No newline at end of file + replay detection support: Y + +interface: COLO + Crypto map tag: COLO-MAP, seq num: 2, local addr: 172.16.248.119 + + access-list 2 extended permit ip 172.16.122.32 255.255.255.240 host 172.30.1.153 + local ident (addr/mask/prot/port): (172.16.122.32/255.255.255.240/0/0) + remote ident (addr/mask/prot/port): (172.30.1.153/255.255.255.255/0/0) + current_peer: 8.8.8.8 + + + #pkts encaps: 13915315, #pkts encrypt: 13915315, #pkts digest: 13915315 + #pkts decaps: 23606461, #pkts decrypt: 23606461, #pkts verify: 23606461 + #pkts compressed: 0, #pkts decompressed: 0 + #pkts not compressed: 13915315, #pkts comp failed: 0, #pkts decomp failed: 0 + #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0 + #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0 + #TFC rcvd: 0, #TFC sent: 0 + #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0 + #send errors: 0, #recv errors: 0 + + local crypto endpt.: 172.16.248.119/4500, remote crypto endpt.: 8.8.8.8/4500 + path mtu 1500, ipsec overhead 82(52), media mtu 1500 + PMTU time remaining (sec): 0, DF policy: copy-df + ICMP error validation: disabled, TFC packets: disabled + current outbound spi: 50023DDC + current inbound spi : 32F752FF + + inbound esp sas: + spi: 0x32F752FF (855069439) + SA State: active + transform: esp-aes-256 esp-md5-hmac no compression + in use settings ={L2L, Tunnel, NAT-T-Encaps, IKEv1, } + slot: 0, conn_id: 159694848, crypto-map: COLO-MAP + sa timing: remaining key lifetime (kB/sec): (2699423/25461) + IV size: 16 bytes + replay detection support: Y + Anti replay bitmap: + 0xFFFFFFFF 0xFFFFFFFF + outbound esp sas: + spi: 0x50023DDC (1342324188) + SA State: active + transform: esp-aes-256 esp-md5-hmac no compression + in use settings ={L2L, Tunnel, NAT-T-Encaps, IKEv1, } + slot: 0, conn_id: 159694848, crypto-map: COLO-MAP + sa timing: remaining key lifetime (kB/sec): (3892153/25461) + IV size: 16 bytes + replay detection support: Y + Anti replay bitmap: + 0x00000000 0x00000001 + + Crypto map tag: COLO-MAP, seq num: 3, local addr: 172.20.248.119 + + access-list 200 extended permit ip 172.20.122.32 255.255.255.240 10.160.4.0 255.255.255.0 + local ident (addr/mask/prot/port): (172.20.122.32/255.255.255.240/0/0) + remote ident (addr/mask/prot/port): (10.160.4.0/255.255.255.0/0/0) + current_peer: 8.8.4.4 + + + #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 + #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 + #pkts compressed: 0, #pkts decompressed: 0 + #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0 + #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0 + #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0 + #TFC rcvd: 0, #TFC sent: 0 + #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0 + #send errors: 0, #recv errors: 0 + + local crypto endpt.: 172.20.248.119/0, remote crypto endpt.: 8.8.4.4/0 + path mtu 1500, ipsec overhead 74(44), media mtu 1500 + PMTU time remaining (sec): 0, DF policy: copy-df + ICMP error validation: disabled, TFC packets: disabled + current outbound spi: EA40155F + current inbound spi : 6A7391E0 + + inbound esp sas: + spi: 0x6A7391E0 (1785958880) + SA State: active + transform: esp-aes-256 esp-md5-hmac no compression + in use settings ={L2L, Tunnel, IKEv1, } + slot: 0, conn_id: 14376960, crypto-map: COLO-MAP + sa timing: remaining key lifetime (kB/sec): (2038431743/70749) + IV size: 16 bytes + replay detection support: Y + Anti replay bitmap: + 0x00000000 0x00000001 + outbound esp sas: + spi: 0xEA40155F (3930068319) + SA State: active + transform: esp-aes-256 esp-md5-hmac no compression + in use settings ={L2L, Tunnel, IKEv1, } + slot: 0, conn_id: 14376960, crypto-map: COLO-MAP + sa timing: remaining key lifetime (kB/sec): (2038431743/70749) + IV size: 16 bytes + replay detection support: Y + Anti replay bitmap: + 0x00000000 0x00000001