Module: CiscoAclIntp::AceSearchUtility

Included in:

AclBase

Defined in:

lib/cisco_acl_intp/acl_utils.rb

Overview

Extended Ace utilities for ace search

Class Method Summary

• .generate_port_obj(proto, port = nil) ⇒ AceTcpProtoSpec, AceUdpProtoSpec

  TCP/UDP port object.

• .port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil) ⇒ AcePortSpec

  Generate port spec by protocol.

• .ptkey(pt, key) ⇒ Symbol

  Generate hash key to slice.

• .search_conditions(opts) ⇒ Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec>

  Generate ACE components.

• .select_proto_class(proto) ⇒ Class

  Select protocol spec class for tcp/udp.

• .slice_contains_opts(proto_cond, pt, opts) ⇒ Object

  Generate list of values sliced hash (args of srcdst_condition).

• .srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil) ⇒ Object

  Generate Src/Dst search condition.

• .target_ace(opts) ⇒ ExtendedAce

  Generate ACE search(contains?) conditions.

Instance Method Summary

• #generate_port_obj(proto, port = nil) ⇒ AceTcpProtoSpec, AceUdpProtoSpec private

  TCP/UDP port object.

• #port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil) ⇒ AcePortSpec private

  Generate port spec by protocol.

• #ptkey(pt, key) ⇒ Symbol private

  Generate hash key to slice.

• #search_conditions(opts) ⇒ Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec> private

  Generate ACE components.

• #select_proto_class(proto) ⇒ Class private

  Select protocol spec class for tcp/udp.

• #slice_contains_opts(proto_cond, pt, opts) ⇒ Object private

  Generate list of values sliced hash (args of srcdst_condition).

• #srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil) ⇒ Object private

  Generate Src/Dst search condition.

• #target_ace(opts) ⇒ ExtendedAce private

  Generate ACE search(contains?) conditions.

Class Method Details

.generate_port_obj(proto, port = nil) ⇒ AceTcpProtoSpec, AceUdpProtoSpec

Returns TCP/UDP port object.

Parameters:

• proto (String) —

  Protocol name.

• port (Integer, String) (defaults to: nil) —

  Port No./Name.

Returns:

• (AceTcpProtoSpec, AceUdpProtoSpec) —

  TCP/UDP port object.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 24

def generate_port_obj(proto, port = nil)
  port.nil? ? nil : select_proto_class(proto).new(port)
end

.port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil) ⇒ AcePortSpec

Generate port spec by protocol

Parameters:

• proto (String) —

  Protocol name.

• opr (String, Symbol) —

  Port operator.

• begin_port (Integer, String) (defaults to: nil) —

  Port No./Name.

• end_port (Integer, String) (defaults to: nil) —

  Port No./Name.

Returns:

• (AcePortSpec) —

  Port spec.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 34

def port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil)
  if opr.nil?
    AcePortSpec.new(operator: :any) # any
  else
    AcePortSpec.new(
      operator: opr,
      begin_port: generate_port_obj(proto, begin_port),
      end_port: generate_port_obj(proto, end_port)
    )
  end
end

.ptkey(pt, key) ⇒ Symbol

Generate hash key to slice

Parameters:

• pt (Symbol) —

  Prefix of key

• key (Symbol) —

  Postfix of key

Returns:

• (Symbol)

# File 'lib/cisco_acl_intp/acl_utils.rb', line 71

def ptkey(pt, key)
  [pt.to_s, key.to_s].join('_').intern
end

.search_conditions(opts) ⇒ Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec>

Generate ACE components

Parameters:

• opts (Hash) —

  Options (target packet info)

Returns:

• (Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec>)

See Also:

• is same as ExtendedAce#contains?

# File 'lib/cisco_acl_intp/acl_utils.rb', line 93

def search_conditions(opts)
  proto_cond = AceIpProtoSpec.new(opts[:protocol])
  [
    proto_cond,
    srcdst_condition(*slice_contains_opts(proto_cond, :src, opts)),
    srcdst_condition(*slice_contains_opts(proto_cond, :dst, opts))
  ]
end

.select_proto_class(proto) ⇒ Class

Select protocol spec class for tcp/udp.

Parameters:

• proto (String) —

  Protocol name.

Returns:

• (Class) —

  Class name.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 12

def select_proto_class(proto)
  case proto
  when 'tcp'
    AceTcpProtoSpec
  when 'udp'
    AceUdpProtoSpec
  end
end

.slice_contains_opts(proto_cond, pt, opts) ⇒ Object

Generate list of values sliced hash (args of srcdst_condition)

Parameters:

• proto_cond (AceIpProtoSpec) —

  IP protocol condition

• pt (Symbol) —

  Prefix of key

• opts (Hash) —

  Option hash for slice

# File 'lib/cisco_acl_intp/acl_utils.rb', line 79

def slice_contains_opts(proto_cond, pt, opts)
  [
    proto_cond,
    opts[ptkey(pt, :ip)],
    opts[ptkey(pt, :operator)],
    (opts[ptkey(pt, :port)] || opts[ptkey(pt, :begin_port)]),
    opts[ptkey(pt, :end_port)]
  ]
end

.srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil) ⇒ Object

Generate Src/Dst search condition

Parameters:

• proto (AceIpProtoSpec) —

  IP protocol info

• ip (String) —

  IP address info

• opr (String, Symbol) —

  Port operator

• begin_port (Integer, String) (defaults to: nil) —

  Port No./Name.

• end_port (Integer, String) (defaults to: nil) —

  Port No./Name.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 52

def srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil)
  case proto.name
  when 'tcp', 'udp'
    AceSrcDstSpec.new(
      ipaddr: ip,
      port_spec: port_spec_by_protocol(
        proto.name, opr, begin_port, end_port
      )
    )
  else
    # if L3 protocol is not tcp/udp, it did not need port condition
    AceSrcDstSpec.new(ipaddr: ip)
  end
end

.target_ace(opts) ⇒ ExtendedAce

Generate ACE search(contains?) conditions

Parameters:

• opts (Hash) —

  Options (target packet info)

Returns:

• (ExtendedAce)

See Also:

• is same as ExtendedAce#contains?

# File 'lib/cisco_acl_intp/acl_utils.rb', line 106

def target_ace(opts)
  (proto_cond, src_cond, dst_cond) = search_conditions(opts)
  ExtendedAce.new(
    action: 'permit', protocol: proto_cond.name,
    src: src_cond, dst: dst_cond
  )
end

Instance Method Details

#generate_port_obj(proto, port = nil) ⇒ AceTcpProtoSpec, AceUdpProtoSpec (private)

Returns TCP/UDP port object.

Parameters:

• proto (String) —

  Protocol name.

• port (Integer, String) (defaults to: nil) —

  Port No./Name.

Returns:

• (AceTcpProtoSpec, AceUdpProtoSpec) —

  TCP/UDP port object.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 24

def generate_port_obj(proto, port = nil)
  port.nil? ? nil : select_proto_class(proto).new(port)
end

#port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil) ⇒ AcePortSpec (private)

Generate port spec by protocol

Parameters:

• proto (String) —

  Protocol name.

• opr (String, Symbol) —

  Port operator.

• begin_port (Integer, String) (defaults to: nil) —

  Port No./Name.

• end_port (Integer, String) (defaults to: nil) —

  Port No./Name.

Returns:

• (AcePortSpec) —

  Port spec.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 34

def port_spec_by_protocol(proto, opr, begin_port = nil, end_port = nil)
  if opr.nil?
    AcePortSpec.new(operator: :any) # any
  else
    AcePortSpec.new(
      operator: opr,
      begin_port: generate_port_obj(proto, begin_port),
      end_port: generate_port_obj(proto, end_port)
    )
  end
end

#ptkey(pt, key) ⇒ Symbol (private)

Generate hash key to slice

Parameters:

• pt (Symbol) —

  Prefix of key

• key (Symbol) —

  Postfix of key

Returns:

• (Symbol)

# File 'lib/cisco_acl_intp/acl_utils.rb', line 71

def ptkey(pt, key)
  [pt.to_s, key.to_s].join('_').intern
end

#search_conditions(opts) ⇒ Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec> (private)

Generate ACE components

Parameters:

• opts (Hash) —

  Options (target packet info)

Returns:

• (Array<AceIpProtoSpec, AceSrcDstSpec, AceSrcDstSpec>)

See Also:

• is same as ExtendedAce#contains?

# File 'lib/cisco_acl_intp/acl_utils.rb', line 93

def search_conditions(opts)
  proto_cond = AceIpProtoSpec.new(opts[:protocol])
  [
    proto_cond,
    srcdst_condition(*slice_contains_opts(proto_cond, :src, opts)),
    srcdst_condition(*slice_contains_opts(proto_cond, :dst, opts))
  ]
end

#select_proto_class(proto) ⇒ Class (private)

Select protocol spec class for tcp/udp.

Parameters:

• proto (String) —

  Protocol name.

Returns:

• (Class) —

  Class name.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 12

def select_proto_class(proto)
  case proto
  when 'tcp'
    AceTcpProtoSpec
  when 'udp'
    AceUdpProtoSpec
  end
end

#slice_contains_opts(proto_cond, pt, opts) ⇒ Object (private)

Generate list of values sliced hash (args of srcdst_condition)

Parameters:

• proto_cond (AceIpProtoSpec) —

  IP protocol condition

• pt (Symbol) —

  Prefix of key

• opts (Hash) —

  Option hash for slice

# File 'lib/cisco_acl_intp/acl_utils.rb', line 79

def slice_contains_opts(proto_cond, pt, opts)
  [
    proto_cond,
    opts[ptkey(pt, :ip)],
    opts[ptkey(pt, :operator)],
    (opts[ptkey(pt, :port)] || opts[ptkey(pt, :begin_port)]),
    opts[ptkey(pt, :end_port)]
  ]
end

#srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil) ⇒ Object (private)

Generate Src/Dst search condition

Parameters:

• proto (AceIpProtoSpec) —

  IP protocol info

• ip (String) —

  IP address info

• opr (String, Symbol) —

  Port operator

• begin_port (Integer, String) (defaults to: nil) —

  Port No./Name.

• end_port (Integer, String) (defaults to: nil) —

  Port No./Name.

# File 'lib/cisco_acl_intp/acl_utils.rb', line 52

def srcdst_condition(proto, ip, opr, begin_port = nil, end_port = nil)
  case proto.name
  when 'tcp', 'udp'
    AceSrcDstSpec.new(
      ipaddr: ip,
      port_spec: port_spec_by_protocol(
        proto.name, opr, begin_port, end_port
      )
    )
  else
    # if L3 protocol is not tcp/udp, it did not need port condition
    AceSrcDstSpec.new(ipaddr: ip)
  end
end

#target_ace(opts) ⇒ ExtendedAce (private)

Generate ACE search(contains?) conditions

Parameters:

• opts (Hash) —

  Options (target packet info)

Returns:

• (ExtendedAce)

See Also:

• is same as ExtendedAce#contains?

# File 'lib/cisco_acl_intp/acl_utils.rb', line 106

def target_ace(opts)
  (proto_cond, src_cond, dst_cond) = search_conditions(opts)
  ExtendedAce.new(
    action: 'permit', protocol: proto_cond.name,
    src: src_cond, dst: dst_cond
  )
end