Class: CiscoAclIntp::AceSrcDstSpec

Inherits:

AceSpecBase

• Object
• AccessControlContainer
• AceSpecBase
• CiscoAclIntp::AceSrcDstSpec

Defined in:

lib/cisco_acl_intp/acespec_srcdst.rb

Overview

TODO:

Src/Dst takes Network Object Group or IP/wildcard. “object-group” is not implemented yet.

IP Address and TCP/UDP Port Info

Constant Summary

Constants inherited from AccessControlContainer

CiscoAclIntp::AccessControlContainer::TERM_COLOR_TABLE

Instance Attribute Summary

• #ip_spec ⇒ AceIpSpec
• #port_spec ⇒ AcePortSpec

Instance Method Summary

• #==(other) ⇒ Boolean
• #contains?(other) ⇒ Boolean

  Check address and port number contains this object or not.

• #contains_address?(ip_spec = nil) ⇒ Boolean private

  Check address match (by NetAddr).

• #contains_port?(port_spec = nil) ⇒ Boolean private

  Check port match.

• #define_ipspec ⇒ AceIpSpec private

  Set instance variables.

• #define_portspec ⇒ AcePortSpec private

  Set instance variables.

• #initialize(opts) ⇒ AceSrcDstSpec constructor

  Constructor.

• #to_s ⇒ String

  Generate string for Cisco IOS access list.

Methods inherited from AccessControlContainer

#clean_acl_string, disable_color, #generate_tag_footer, #generate_tag_header, #generate_tagged_str, #method_missing

Constructor Details

#initialize(opts) ⇒ AceSrcDstSpec

Note:

When it does not specified port in opts, (:port_spec or :operator, :begin_port, :end_port) it assumed with ANY port.

Constructor

Parameters:

• opts (Hash) —

  Options

Options Hash (opts):

• :ip_spec (AceIpSpec) —

  IP address/Mask object

• :ipaddr (String) —

  IP Address (dotted notation)

• :wildcard (String) —

  Wildcard mask (dotted/bit-flipped notation)

• :netmask (Integer) —

  Subnet mask length (e.g. 24)

• :port_spec (AcePortSpec) —

  Port/Operator object

• :operator (String, Symbol) —

  Port operator

• :port (AceProtoSpecBase) —

  port number (single/lower) (same as :begin_port, alias for unary operator)

• :begin_port (AceProtoSpecBase) —

  port number (single/lower)

• :end_port (AceProtoSpecBase) —

  port number (higher)

Raises:

• (AclArgumentError)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 39

def initialize(opts)
  @options = opts
  @ip_spec = define_ipspec
  @port_spec = define_portspec
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class CiscoAclIntp::AccessControlContainer

Instance Attribute Details

#ip_spec ⇒ AceIpSpec

Parameters:

• value (AceIpSpec) —

  IP address and Wildcard-mask

Returns:

• (AceIpSpec)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 15

def ip_spec
  @ip_spec
end

#port_spec ⇒ AcePortSpec

Parameters:

• value (AcePortSpec) —

  Port number(s) and Operator

Returns:

• (AcePortSpec)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 19

def port_spec
  @port_spec
end

Instance Method Details

#==(other) ⇒ Boolean

Parameters:

• other (AceSrcDstSpec) —

  RHS Object

Returns:

• (Boolean)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 47

def ==(other)
  @port_spec == other.port_spec &&
    @ip_spec == other.ip_spec
end

#contains?(other) ⇒ Boolean

Check address and port number contains this object or not.

Parameters:

• other (AceSrcDstSpec) —

  Conditions to compare

Returns:

• (Boolean)

Raises:

• (AclArgumentError)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 62

def contains?(other)
  contains_address?(other.ip_spec) &&
    contains_port?(other.port_spec)
end

#contains_address?(ip_spec = nil) ⇒ Boolean (private)

Check address match (by NetAddr)

Parameters:

• ip_spec (AceIpSpec) (defaults to: nil) —

  IP address spec.

Returns:

• (Boolean)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 80

def contains_address?(ip_spec = nil)
  case ip_spec
  when nil # 'any', '0.0.0.0/0'
    true
  else
    # IP match/contain checks are delegated to NetAddr
    if @ip_spec.netmask.nil?
      # check by wildcard
      @ip_spec.matches?(ip_spec.ipaddr)
    else
      # check by CIDR(netmask)
      @ip_spec.contains?(ip_spec.ipaddr)
    end
  end
end

#contains_port?(port_spec = nil) ⇒ Boolean (private)

Check port match

Parameters:

• port_spec (AcePortSpec) (defaults to: nil) —

  TCP/UDP Port spec

Returns:

• (Boolean)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 72

def contains_port?(port_spec = nil)
  port_spec = AcePortSpec.new(operator: :any) if port_spec.nil?
  @port_spec.contains?(port_spec)
end

#define_ipspec ⇒ AceIpSpec (private)

Set instance variables

Returns:

• (AceIpSpec) —

  IP address/Mask object

Raises:

• (AclArgumentError)

See Also:

• #initialize

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 100

def define_ipspec
  if @options.key?(:ip_spec) # AceIpSpec Obj
    @options[:ip_spec]
  elsif @options.key?(:ipaddr)
    AceIpSpec.new(@options)
  else
    raise AclArgumentError, 'Not specified: ip spec'
  end
end

#define_portspec ⇒ AcePortSpec (private)

Set instance variables

Returns:

• (AcePortSpec) —

  Port/Operator object

See Also:

• #initialize

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 113

def define_portspec
  if @options.key?(:port_spec) &&
     @options[:port_spec].is_a?(AcePortSpec)
    @options[:port_spec]
  elsif @options.key?(:operator)
    AcePortSpec.new(
      operator: @options[:operator],
      begin_port: @options[:port] || @options[:begin_port],
      end_port: @options[:end_port]
    )
  else
    # in standard acl, not used port_spec
    # if not specified port spec: default: any port.
    # port spec should be ignored except tcp/udp protocol.
    AcePortSpec.new(operator: 'any')
  end
end

#to_s ⇒ String

Generate string for Cisco IOS access list

Returns:

• (String)

# File 'lib/cisco_acl_intp/acespec_srcdst.rb', line 54

def to_s
  format '%s %s', @ip_spec, @port_spec
end