Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CISCO_ASA_SHOW_ASP_DROP: Add new template #338

Merged
merged 3 commits into from
Jan 19, 2019
Merged

CISCO_ASA_SHOW_ASP_DROP: Add new template #338

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5d3a2d0
added templates for asp drop, interface detail, resource usage
vaneuk Dec 19, 2018
e22bfc6
Limit new template to
jmcgill298 Jan 2, 2019
ebfc648
ASA ASP DROP: Make a few adjustments
jmcgill298 Jan 19, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
236 changes: 236 additions & 0 deletions templates/cisco_asa_show_asp_drop.template
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,236 @@
Value FLOW_DROP_ACL_DROP (\d+)
Value FLOW_DROP_SHUNNED (\d+)
Value FLOW_DROP_CLUSTER_REDIRECT (\d+)
Value FLOW_DROP_INSPECT_FAIL (\d+)
Value FLOW_DROP_NAT_RPF_FAILED (\d+)
Value FLOW_DROP_OUT_OF_MEMORY (\d+)
Value FLOW_DROP_SSL_BAD_RECORD_DETECT (\d+)
Value FLOW_DROP_SSL_HANDSHAKE_FAILED (\d+)
Value FLOW_DROP_VPN_OVERLAP_CONFLICT (\d+)
Value FLOW_DROP_VPN_MISSING_DECRYPT (\d+)
Value FLOW_DROP_SVC_REPLACEMENT_CONN (\d+)
Value FLOW_DROP_SVC_SELECTOR_FAILURE (\d+)
Value FLOW_DROP_SVC_FAILOVER (\d+)
Value FLOW_DROP_SSL_RECORD_DECRYPT_ERROR (\d+)
Value FLOW_DROP_CTM_CRYPTO_REQUEST_ERROR (\d+)
Value FLOW_DROP_VPN_HANDLE_NOT_FOUND (\d+)
Value FLOW_DROP_NP_SOCKET_DATA_MOVE_FAILURE (\d+)
Value FLOW_DROP_DTLS_HELLO_CLOSE (\d+)
Value ACL_DROP (\d+)
Value ASYNC_LOCK_QUEUE_LIMIT (\d+)
Value BAD_IPSEC_NATT (\d+)
Value BAD_TCP_CKSUM (\d+)
Value BAD_TCP_FLAGS (\d+)
Value CLUSTER_BAD_TRAILER (\d+)
Value CLUSTER_CCL_BACKUP (\d+)
Value CLUSTER_CCL_UNKNOWN (\d+)
Value CLUSTER_CCL_UNKNOWN_STUB (\d+)
Value CLUSTER_NON_IP_PKT (\d+)
Value CONN_LIMIT (\d+)
Value CONNECTION_LOCK (\d+)
Value CP_EVENT_QUEUE_ERROR (\d+)
Value CP_SYSLOG_EVENT_QUEUE_ERROR (\d+)
Value CTM_ERROR (\d+)
Value DISPATCH_QUEUE_LIMIT (\d+)
Value DISPATCH_BLOCK_ALLOC (\d+)
Value FLOW_BEING_FREED (\d+)
Value FLOW_EXPIRED (\d+)
Value FO_STANDBY (\d+)
Value FRAGMENT_REASSEMBLY_FAILED (\d+)
Value HOST_LIMIT (\d+)
Value IFC_CLASSIFY (\d+)
Value INSPECT_DNS_ID_NOT_MATCHED (\d+)
Value INSPECT_DNS_INVALID_DOMAIN_LABEL (\d+)
Value INSPECT_DNS_INVALID_PAK (\d+)
Value INSPECT_DNS_PAK_TOO_LONG (\d+)
Value INSPECT_DP_OUT_OF_MEMORY (\d+)
Value INSPECT_ICMP_BAD_CODE (\d+)
Value INSPECT_ICMP_ERROR_NO_EXISTING_CONN (\d+)
Value INSPECT_ICMP_INVALID_PAK (\d+)
Value INSPECT_ICMP_SEQ_NUM_NOT_MATCHED (\d+)
Value INTERCEPT_UNEXPECTED (\d+)
Value INTERFACE_DOWN (\d+)
Value INVALID_ENCAP (\d+)
Value INVALID_IP_HEADER (\d+)
Value INVALID_IP_LENGTH (\d+)
Value INVALID_IP_OPTION (\d+)
Value INVALID_TCP_HDR_LENGTH (\d+)
Value INVALID_UDP_LENGTH (\d+)
Value IPSEC_TUN_DOWN (\d+)
Value L2_ACL (\d+)
Value LAST_CLEARED (.+?)
Value LU_INVALID_PKT (\d+)
Value MCAST_IN_NONACTIVE_DEVICE (\d+)
Value MP_SVC_FLOW_CONTROL (\d+)
Value MP_SVC_NO_CHANNEL (\d+)
Value MP_SVC_NO_FRAGMENT (\d+)
Value MP_SVC_NO_SESSION (\d+)
Value NAT_FAILED (\d+)
Value NAT_NO_XLATE_TO_PAT_POOL (\d+)
Value NAT_XLATE_FAILED (\d+)
Value NATT_KEEPALIVE (\d+)
Value NO_ADJACENCY (\d+)
Value NO_INSPECT (\d+)
Value NO_ROUTE (\d+)
Value NP_SOCKET_CLOSED (\d+)
Value NP_SOCKET_LOCK_FAILURE (\d+)
Value NP_SP_INVALID_SPI (\d+)
Value OBJECT_GROUP_SEARCH_THRESHOLD_EXCEEDED (\d+)
Value PUNT_QUEUE_LIMIT (\d+)
Value PUNT_LIMIT (\d+)
Value PUNT_NO_MEM (\d+)
Value PUNT_RATE_LIMIT (\d+)
Value RM_CONN_RATE_LIMIT (\d+)
Value RM_INSPECT_RATE_LIMIT (\d+)
Value RPF_VIOLATED (\d+)
Value RULE_TRANSACTION_IN_PROGRESS (\d+)
Value SECURITY_FAILED (\d+)
Value SHUNNED (\d+)
Value SP_SECURITY_FAILED (\d+)
Value TCP_3WHS_FAILED (\d+)
Value TCP_ACK_SYN_DIFF (\d+)
Value TCP_BAD_OPTION_LIST (\d+)
Value TCP_BUFFER_FULL (\d+)
Value TCP_BUFFER_TIMEOUT (\d+)
Value TCP_CONN_LIMIT (\d+)
Value TCP_DATA_PAST_FIN (\d+)
Value TCP_DUAL_OPEN (\d+)
Value TCP_DUP_IN_QUEUE (\d+)
Value TCP_FO_DROP (\d+)
Value TCP_GLOBAL_BUFFER_FULL (\d+)
Value TCP_INVALID_ACK (\d+)
Value TCP_NOT_SYN (\d+)
Value TCP_PAWS_FAIL (\d+)
Value TCP_RST_SYN_IN_WIN (\d+)
Value TCP_RSTFIN_OOO (\d+)
Value TCP_SEQ_PAST_WIN (\d+)
Value TCP_SEQ_SYN_DIFF (\d+)
Value TCP_SYNACK_OOO (\d+)
Value TTL_EXCEEDED (\d+)
Value UNABLE_TO_ADD_FLOW (\d+)
Value UNABLE_TO_CREATE_FLOW (\d+)
Value UNSUPPORTED_IP_VERSION (\d+)

Start
^Frame\s+drop:
^\s+$$
^$$
^Last\s+clearing:\s+${LAST_CLEARED}\s*$$
^.+acl-drop\)\s+${ACL_DROP}
^.+async-lock-queue-limit\)\s+${ASYNC_LOCK_QUEUE_LIMIT}
^.+bad-ipsec-natt\)\s+${BAD_IPSEC_NATT}
^.+bad-tcp-cksum\)\s+${BAD_TCP_CKSUM}
^.+bad-tcp-flags\)\s+${BAD_TCP_FLAGS}
^.+cluster-bad-trailer\)\s+${CLUSTER_BAD_TRAILER}
^.+cluster-ccl-backup\)\s+${CLUSTER_CCL_BACKUP}
^.+cluster-ccl-unknown\)\s+${CLUSTER_CCL_UNKNOWN}
^.+cluster-ccl-unknown-stub\)\s+${CLUSTER_CCL_UNKNOWN_STUB}
^.+cluster-non-ip-pkt\)\s+${CLUSTER_NON_IP_PKT}
^.+conn-limit\)\s+${CONN_LIMIT}
^.+connection-lock\)\s+${CONNECTION_LOCK}
^.+cp-event-queue-error\)\s+${CP_EVENT_QUEUE_ERROR}
^.+cp-syslog-event-queue-error\)\s+${CP_SYSLOG_EVENT_QUEUE_ERROR}
^.+ctm-error\)\s+${CTM_ERROR}
^.+dispatch-queue-limit\)\s+${DISPATCH_QUEUE_LIMIT}
^.+dispatch-block-alloc\)\s+${DISPATCH_BLOCK_ALLOC}
^.+flow-being-freed\)\s+${FLOW_BEING_FREED}
^.+flow-expired\)\s+${FLOW_EXPIRED}
^.+fo-standby\)\s+${FO_STANDBY}
^.+fragment-reassembly-failed\)\s+${FRAGMENT_REASSEMBLY_FAILED}
^.+host-limit\)\s+${HOST_LIMIT}
^.+ifc-classify\)\s+${IFC_CLASSIFY}
^.+inspect-dns-id-not-matched\)\s+${INSPECT_DNS_ID_NOT_MATCHED}
^.+inspect-dns-invalid-domain-label\)\s+${INSPECT_DNS_INVALID_DOMAIN_LABEL}
^.+inspect-dns-invalid-pak\)\s+${INSPECT_DNS_INVALID_PAK}
^.+inspect-dns-pak-too-long\)\s+${INSPECT_DNS_PAK_TOO_LONG}
^.+inspect-dp-out-of-memory\)\s+${INSPECT_DP_OUT_OF_MEMORY}
^.+inspect-icmp-bad-code\)\s+${INSPECT_ICMP_BAD_CODE}
^.+inspect-icmp-error-no-existing-conn\)\s+${INSPECT_ICMP_ERROR_NO_EXISTING_CONN}
^.+inspect-icmp-invalid-pak\)\s+${INSPECT_ICMP_INVALID_PAK}
^.+inspect-icmp-seq-num-not-matched\)\s+${INSPECT_ICMP_SEQ_NUM_NOT_MATCHED}
^.+intercept-unexpected\)\s+${INTERCEPT_UNEXPECTED}
^.+interface-down\)\s+${INTERFACE_DOWN}
^.+invalid-encap\)\s+${INVALID_ENCAP}
^.+invalid-ip-header\)\s+${INVALID_IP_HEADER}
^.+invalid-ip-length\)\s+${INVALID_IP_LENGTH}
^.+invalid-ip-option\)\s+${INVALID_IP_OPTION}
^.+invalid-tcp-hdr-length\)\s+${INVALID_TCP_HDR_LENGTH}
^.+invalid-udp-length\)\s+${INVALID_UDP_LENGTH}
^.+ipsec-tun-down\)\s+${IPSEC_TUN_DOWN}
^.+l2_acl\)\s+${L2_ACL}
^.+lu-invalid-pkt\)\s+${LU_INVALID_PKT}
^.+mcast-in-nonactive-device\)\s+${MCAST_IN_NONACTIVE_DEVICE}
^.+mp-svc-flow-control\)\s+${MP_SVC_FLOW_CONTROL}
^.+mp-svc-no-channel\)\s+${MP_SVC_NO_CHANNEL}
^.+mp-svc-no-fragment\)\s+${MP_SVC_NO_FRAGMENT}
^.+mp-svc-no-session\)\s+${MP_SVC_NO_SESSION}
^.+nat-failed\)\s+${NAT_FAILED}
^.+nat-no-xlate-to-pat-pool\)\s+${NAT_NO_XLATE_TO_PAT_POOL}
^.+natt-keepalive\)\s+${NATT_KEEPALIVE}
^.+nat-xlate-failed\)\s+${NAT_XLATE_FAILED}
^.+no-adjacency\)\s+${NO_ADJACENCY}
^.+no-inspect\)\s+${NO_INSPECT}
^.+no-route\)\s+${NO_ROUTE}
^.+np-socket-closed\)\s+${NP_SOCKET_CLOSED}
^.+np-socket-lock-failu\s+${NP_SOCKET_LOCK_FAILURE}
^.+np-sp-invalid-spi\)\s+${NP_SP_INVALID_SPI}
^.+object-group-search-threshold-exceeded\)\s+${OBJECT_GROUP_SEARCH_THRESHOLD_EXCEEDED}
^.+punt-queue-limit\)\s+${PUNT_QUEUE_LIMIT}
^.+punt-limit\)\s+${PUNT_LIMIT}
^.+punt-no-mem\)\s+${PUNT_NO_MEM}
^.+punt-rate-limit\)\s+${PUNT_RATE_LIMIT}
^.+rm-conn-rate-limit\)\s+${RM_CONN_RATE_LIMIT}
^.+rm-inspect-rate-limit\)\s+${RM_INSPECT_RATE_LIMIT}
^.+rpf-violated\)\s+${RPF_VIOLATED}
^.+rule-transaction-in-progress\)\s+${RULE_TRANSACTION_IN_PROGRESS}
^.+security-failed\)\s+${SECURITY_FAILED}
^.+shunned\)\s+${SHUNNED}
^.+sp-security-failed\)\s+${SP_SECURITY_FAILED}
^.+tcp-3whs-failed\)\s+${TCP_3WHS_FAILED}
^.+tcp-ack-syn-diff\)\s+${TCP_ACK_SYN_DIFF}
^.+tcp-bad-option-list\)\s+${TCP_BAD_OPTION_LIST}
^.+tcp-buffer-full\)\s+${TCP_BUFFER_FULL}
^.+tcp-buffer-timeout\)\s+${TCP_BUFFER_TIMEOUT}
^.+tcp-conn-limit\)\s+${TCP_CONN_LIMIT}
^.+tcp-data-past-fin\)\s+${TCP_DATA_PAST_FIN}
^.+tcp-dual-open\)\s+${TCP_DUAL_OPEN}
^.+tcp-dup-in-queue\)\s+${TCP_DUP_IN_QUEUE}
^.+tcp-fo-drop\)\s+${TCP_FO_DROP}
^.+tcp-global-buffer-full\)\s+${TCP_GLOBAL_BUFFER_FULL}
^.+tcp-invalid-ack\)\s+${TCP_INVALID_ACK}
^.+tcp-not-syn\)\s+${TCP_NOT_SYN}
^.+tcp-paws-fail\)\s+${TCP_PAWS_FAIL}
^.+tcp-rst-syn-in-win\)\s+${TCP_RST_SYN_IN_WIN}
^.+tcp-rstfin-ooo\)\s+${TCP_RSTFIN_OOO}
^.+tcp-seq-past-win\)\s+${TCP_SEQ_PAST_WIN}
^.+tcp-seq-syn-diff\)\s+${TCP_SEQ_SYN_DIFF}
^.+tcp-synack-ooo\)\s+${TCP_SYNACK_OOO}
^.+ttl-exceeded\)\s+${TTL_EXCEEDED}
^.+unable-to-add-flow\)\s+${UNABLE_TO_ADD_FLOW}
^.+unable-to-create-flow\)\s+${UNABLE_TO_CREATE_FLOW}
^.+unsupported-ip-version\)\s+${UNSUPPORTED_IP_VERSION}
^Flow\s+drop: -> FLOW
^.* -> Error "LINE NOT FOUND"

FLOW
^\s+$$
^$$
^.+Flow\s+is\s+denied\s+by\s+access\s+rule\s+\(acl-drop\)\s+${FLOW_DROP_ACL_DROP}
^.+cluster-redirect\)\s+${FLOW_DROP_CLUSTER_REDIRECT}
^.+Flow\s+shunned \(shunned\)\s+${FLOW_DROP_SHUNNED}
^.+inspect-fail\)\s+${FLOW_DROP_INSPECT_FAIL}
^.+nat-rpf-failed\)\s+${FLOW_DROP_NAT_RPF_FAILED}
^.+out-of-memory\)\s+${FLOW_DROP_OUT_OF_MEMORY}
^.+ssl-bad-record-detect\)\s+${FLOW_DROP_SSL_BAD_RECORD_DETECT}
^.+ssl-handshake-failed\)\s+${FLOW_DROP_SSL_HANDSHAKE_FAILED}
^.+vpn-overlap-conflict\)\s+${FLOW_DROP_VPN_OVERLAP_CONFLICT}
^.+vpn-missing-decrypt\)\s+${FLOW_DROP_VPN_MISSING_DECRYPT}
^.+svc-replacement-conn\)\s+${FLOW_DROP_SVC_REPLACEMENT_CONN}
^.+svc-selector-failure\)\s+${FLOW_DROP_SVC_SELECTOR_FAILURE}
^.+svc-failover\)\s+${FLOW_DROP_SVC_FAILOVER}
^.+ssl-record-decrypt-error\)\s+${FLOW_DROP_SSL_RECORD_DECRYPT_ERROR}
^.+ctm-crypto-request-error\)\s+${FLOW_DROP_CTM_CRYPTO_REQUEST_ERROR}
^.+vpn-handle-not-found\)\s+${FLOW_DROP_VPN_HANDLE_NOT_FOUND}
^.+np-socket-data-move-failure\)\s+${FLOW_DROP_NP_SOCKET_DATA_MOVE_FAILURE}
^.+dtls-hello-close\)\s+${FLOW_DROP_DTLS_HELLO_CLOSE}
^.* -> Error "LINE NOT FOUND"
1 change: 1 addition & 0 deletions templates/index
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ cisco_asa_show_crypto_ipsec_sa.template, .*, cisco_asa, sh[[ow]] cry[[pto]] ip[[
cisco_asa_show_access-list.template, .*, cisco_asa, sh[[ow]] ac[[cess-list]]
cisco_asa_show_interface.template, .*, cisco_asa, sh[[ow]] int[[erface]]
cisco_asa_show_inventory.template, .*, cisco_asa, sh[[ow]] inven[[tory]]
cisco_asa_show_asp_drop.template, .*, cisco_asa, sh[[ow]] asp d[[rop]]
cisco_asa_show_failover.template, .*, cisco_asa, sh[[ow]] fa[[ilover]]
cisco_asa_show_version.template, .*, cisco_asa, sh[[ow]] ver[[sion]]
cisco_asa_show_route.template, .*, cisco_asa, sh[[ow]] ro[[ute]]
Expand Down
115 changes: 115 additions & 0 deletions tests/cisco_asa/show_asp_drop/cisco_asa_show_asp_drop.parsed
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
---
parsed_sample:

- acl_drop: '2077'
async_lock_queue_limit: '4926'
bad_ipsec_natt: '119'
bad_tcp_cksum: ''
bad_tcp_flags: '50'
cluster_bad_trailer: '309'
cluster_ccl_backup: '21121'
cluster_ccl_unknown: '185782'
cluster_ccl_unknown_stub: '9026'
cluster_non_ip_pkt: '41'
conn_limit: '18'
connection_lock: '1'
cp_event_queue_error: ''
cp_syslog_event_queue_error: ''
ctm_error: '22'
dispatch_block_alloc: '980'
dispatch_queue_limit: '770'
flow_being_freed: '4'
flow_drop_acl_drop: '192350'
flow_drop_cluster_redirect: '576'
flow_drop_ctm_crypto_request_error: '187'
flow_drop_dtls_hello_close: '90'
flow_drop_inspect_fail: '4'
flow_drop_nat_rpf_failed: '16'
flow_drop_np_socket_data_move_failure: '10'
flow_drop_out_of_memory: '2'
flow_drop_shunned: '2'
flow_drop_ssl_bad_record_detect: '1'
flow_drop_ssl_handshake_failed: '2181'
flow_drop_ssl_record_decrypt_error: '206'
flow_drop_svc_failover: '205'
flow_drop_svc_replacement_conn: '203'
flow_drop_svc_selector_failure: '204'
flow_drop_vpn_handle_not_found: '20'
flow_drop_vpn_missing_decrypt: '202'
flow_drop_vpn_overlap_conflict: '201'
flow_expired: '10'
fo_standby: '5'
fragment_reassembly_failed: ''
host_limit: ''
ifc_classify: '9'
inspect_dns_id_not_matched: '6'
inspect_dns_invalid_domain_label: '9'
inspect_dns_invalid_pak: '61'
inspect_dns_pak_too_long: '9'
inspect_dp_out_of_memory: ''
inspect_icmp_bad_code: '32'
inspect_icmp_error_no_existing_conn: '13'
inspect_icmp_invalid_pak: ''
inspect_icmp_seq_num_not_matched: '45'
intercept_unexpected: '4'
interface_down: '169'
invalid_encap: '1'
invalid_ip_header: '209'
invalid_ip_length: '166'
invalid_ip_option: '3'
invalid_tcp_hdr_length: '4'
invalid_udp_length: '6'
ipsec_tun_down: '118'
l2_acl: '150'
last_cleared: 'Never'
lu_invalid_pkt: '2'
mcast_in_nonactive_device: '4063'
mp_svc_flow_control: '114'
mp_svc_no_channel: '116'
mp_svc_no_fragment: '113'
mp_svc_no_session: '115'
nat_failed: ''
nat_no_xlate_to_pat_pool: '50'
nat_xlate_failed: '1'
natt_keepalive: '117'
no_adjacency: '8'
no_inspect: ''
no_route: '30'
np_socket_closed: '3'
np_socket_lock_failure: '61'
np_sp_invalid_spi: ''
object_group_search_threshold_exceeded: ''
punt_limit: ''
punt_no_mem: '1150'
punt_queue_limit: ''
punt_rate_limit: ''
rm_conn_rate_limit: '24'
rm_inspect_rate_limit: ''
rpf_violated: '1083'
rule_transaction_in_progress: ''
security_failed: '34'
shunned: '8'
sp_security_failed: ''
tcp_3whs_failed: '76'
tcp_ack_syn_diff: '130'
tcp_bad_option_list: '2'
tcp_buffer_full: '328'
tcp_buffer_timeout: '45'
tcp_conn_limit: ''
tcp_data_past_fin: '107'
tcp_dual_open: '6'
tcp_dup_in_queue: '112'
tcp_fo_drop: '6'
tcp_global_buffer_full: '53'
tcp_invalid_ack: '1'
tcp_not_syn: '205'
tcp_paws_fail: '1'
tcp_rst_syn_in_win: '30'
tcp_rstfin_ooo: '12678'
tcp_seq_past_win: '6'
tcp_seq_syn_diff: '404'
tcp_synack_ooo: '1345'
ttl_exceeded: '3'
unable_to_add_flow: ''
unable_to_create_flow: '1'
unsupported_ip_version: '111'
Loading