Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cisco_ios_show_ip_access-lists.textfsm template needs updated to include precedence and tos in *_PORT_MATCH #954

Closed
nsnelson402 opened this issue Jul 30, 2021 · 0 comments · Fixed by #955
Closed

cisco_ios_show_ip_access-lists.textfsm template needs updated to include precedence and tos in *_PORT_MATCH #954

nsnelson402 opened this issue Jul 30, 2021 · 0 comments · Fixed by #955

Comments

@nsnelson402
Copy link
Contributor

ISSUE TYPE
  • Bug Report
TEMPLATE USING

https://github.com/networktocode/ntc-templates/blob/master/ntc_templates/templates/cisco_ios_show_ip_access-lists.textfsm

Value Required,Filldown ACL_TYPE (Standard|Extended)
Value Required,Filldown ACL_NAME (\S+)
Value LINE_NUM (\d+)
Value ACTION (permit|deny)
Value PROTOCOL (\S+)
Value SRC_HOST (\d+\.\d+\.\d+\.\d+)
Value SRC_ANY (any)
Value SRC_NETWORK (\d+\.\d+\.\d+\.\d+)
Value SRC_WILDCARD (\d+\.\d+\.\d+\.\d+)
Value SRC_PORT_MATCH (eq|neq|range|lt|gt)
Value SRC_PORT ((?<!range\s).+?)
Value SRC_PORT_RANGE_START ((?<=range\s)\S+)
Value SRC_PORT_RANGE_END (\S+)
Value DST_HOST (\d+\.\d+\.\d+\.\d+)
Value DST_ANY (any)
Value DST_NETWORK (\d+\.\d+\.\d+\.\d+)
Value DST_WILDCARD (\d+\.\d+\.\d+\.\d+)
Value DST_PORT_MATCH (eq|neq|range|lt|gt)
Value DST_PORT ((?<!range\s).+?)
Value DST_PORT_RANGE_START ((?<=range\s)\S+)
Value DST_PORT_RANGE_END (\S+)
Value FLAGS_MATCH (match-all|match-any)
Value TCP_FLAG (((\+|-|)ack(\s*?)|(\+|-|)established(\s*?)|(\+|-|)fin(\s*?)|(\+|-|)fragments(\s*?)|(\+|-|)psh(\s*?)|(\+|-|)rst(\s*?)|(\+|-|)syn(\s*?)|urg(\s*?))+)
Value LOG (log-input|log)
Value ICMP_TYPE (echo|echo-reply|administratively-prohibited|unreachable|port-unreachable|redirect|router-advertisement|router-solicitation|packet-too-big|time-exceeded|ttl-exceeded|parameter-problem)
Value TIME (\S+)
Value STATE (inactive|active)
Value MATCHES (\d+)

Start
  ^(Standard|Extended) -> Continue.Clearall
  ^${ACL_TYPE}\s+IP\s+access\s+list\s+${ACL_NAME}\s* -> Record
  ^\s+${LINE_NUM}\s+${ACTION}\s+${PROTOCOL}\s+(host\s+${SRC_HOST}|${SRC_ANY}|${SRC_NETWORK}\s+${SRC_WILDCARD})(\s+${SRC_PORT_MATCH}\s+|)(${SRC_PORT_RANGE_START}\s+${SRC_PORT_RANGE_END}|${SRC_PORT}|)\s+(host\s+${DST_HOST}|${DST_ANY}|${DST_NETWORK}\s+${DST_WILDCARD})(\s+${DST_PORT_MATCH}\s+(${DST_PORT_RANGE_START}\s+${DST_PORT_RANGE_END}|${DST_PORT}|)|\s+(${FLAGS_MATCH}\s+|)${TCP_FLAG}|)(\s+${ICMP_TYPE}|)(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)(?:\s+\(${MATCHES}\s+\S+\)|)\s*$$ -> Record
  ^\s+${LINE_NUM}\s+${ACTION}\s+(${SRC_NETWORK},\s+wildcard\s+bits\s+${SRC_WILDCARD}|${SRC_HOST}|${SRC_ANY})(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)(?:\s+\(${MATCHES}\s+matches\)|)\s*$$ -> Record
  ^\s*$$
  # Capture time-stamp if vty line has command time-stamping turned on
  ^Load\s+for\s+
  ^Time\s+source\s+is
  ^.* -> Error "Could not parse line:"

EOF
SAMPLE COMMAND OUTPUT
Extended IP access list 111
 10 deny esp any any precedence internet
 20 deny esp any any tos normal
SUMMARY

Value SRC_PORT_MATCH (eq|neq|range|lt|gt)
Value DST_PORT_MATCH (eq|neq|range|lt|gt)
needs to be
Value SRC_PORT_MATCH (eq|neq|precedence|range|tos|lt|gt)
Value DST_PORT_MATCH (eq|neq|precedence|range|tos|lt|gt)

STEPS TO REPRODUCE
Execute above template against raw output.
EXPECTED RESULTS

For the template to return with the lines provided in raw as parsed objects.

ACTUAL RESULTS

The textfsm parser failed.

TextFSMError Error occurred while running "show ip access-list".
Error: "Could not parse line:".
nsnelson402 pushed a commit to nsnelson402/ntc-templates that referenced this issue Jul 30, 2021
Fixes:networktocode#954
9a351d2
@nsnelson402 nsnelson402 mentioned this issue Jul 30, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

954 template update - Fixes #954 nsnelson402/ntc-templates
1 participant
@nsnelson402