Class: Rbeapi::Api::Acl

Inherits:
Entity
  • Object
show all
Defined in:
lib/rbeapi/api/acl.rb

Overview

The Acl class manages the set of standard ACLs.

Instance Attribute Summary

Attributes inherited from Entity

#config, #error, #node

Instance Method Summary collapse

Methods inherited from Entity

#command_builder, #configure, #configure_interface, #get_block, instance

Constructor Details

#initialize(node) ⇒ Acl

Returns a new instance of Acl.



44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/rbeapi/api/acl.rb', line 44

def initialize(node)
  super(node)
  @entry_re = Regexp.new(%r{(\d+)
                            (?:\ ([p|d]\w+))
                            (?:\ (any))?
                            (?:\ (host))?
                            (?:\ ([0-9]+(?:\.[0-9]+){3}))?
                            (?:/([0-9]{1,2}))?
                            (?:\ ([0-9]+(?:\.[0-9]+){3}))?
                            (?:\ (log))?}x)
end

Instance Method Details

#add_entry(name, entry) ⇒ Boolean

add_entry will add an entry to the specified ACL with the passed in parameters.

Parameters:

  • :name (String)

    The ACL name to add an entry to on the node.

  • :opts (Hash)

    the options for the entry

Returns:

  • (Boolean)

    returns true if the command complete successfully



252
253
254
255
256
257
 
# File 'lib/rbeapi/api/acl.rb', line 252

def add_entry(name, entry)
  cmds = ["ip access-list standard #{name}"]
  cmds << build_entry(entry)
  cmds << 'exit'
  configure(cmds)
end

#create(name) ⇒ Boolean

create will create a new ACL resource in the nodes current configuration with the specified name. If the create method is called and the ACL already exists, this method will still return true. The ACL will not have any entries. Use add_entry to add entries to the ACL.

Parameters:

  • :name (String)

    The ACL name to create on the node. Must begin with an alphabetic character. Cannot contain spaces or quotation marks.

Returns:

  • (Boolean)

    returns true if the command completed successfully



147
148
149
 
# File 'lib/rbeapi/api/acl.rb', line 147

def create(name)
  configure("ip access-list standard #{name}")
end

#default(name) ⇒ Boolean

default will configure the ACL using the default keyword. This command has the same effect as deleting the ACL from the nodes running configuration.

Parameters:

  • :name (String)

    The ACL name to set to the default value on the node.

Returns:

  • (Boolean)

    returns true if the command complete successfully



182
183
184
 
# File 'lib/rbeapi/api/acl.rb', line 182

def default(name)
  configure("default ip access-list standard #{name}")
end

#delete(name) ⇒ Boolean

delete will delete an existing ACL resource from the nodes current running configuration. If the delete method is called and the ACL does not exist, this method will succeed.

Parameters:

  • :name (String)

    The ACL name to delete on the node.

Returns:

  • (Boolean)

    returns true if the command completed successfully



164
165
166
 
# File 'lib/rbeapi/api/acl.rb', line 164

def delete(name)
  configure("no ip access-list standard #{name}")
end

#get(name) ⇒ nil, Hash<Symbol, Object>

get returns the specified ACL from the nodes current configuration.

Parameters:

  • :name (String)

    The ACL name.

Returns:

  • (nil, Hash<Symbol, Object>)

    Returns the ACL resource as a Hash.



63
64
65
66
67
68
 
# File 'lib/rbeapi/api/acl.rb', line 63

def get(name)
  config = get_block("ip access-list standard #{name}")
  return nil unless config

  parse_entries(config)
end

#getallnil, Hash<Symbol, Object>

getall returns the collection of ACLs from the nodes running configuration as a hash. The ACL resource collection hash is keyed by the ACL name.

Returns:

  • (nil, Hash<Symbol, Object>)

    Returns a hash that represents the entire ACL collection from the nodes running configuration. If there are no ACLs configured, this method will return an empty hash.



79
80
81
82
83
84
85
 
# File 'lib/rbeapi/api/acl.rb', line 79

def getall
  acls = config.scan(/ip access-list standard ([^\s]+)/)
  acls.each_with_object({}) do |name, hsh|
    resource = get(name[0])
    hsh[name[0]] = resource if resource
  end
end

#mask_to_prefixlen(mask) ⇒ String

mask_to_prefixlen converts a subnet mask from dotted decimal to bit length

Parameters:

  • :mask (String)

    The dotted decimal subnet mask to convert

Returns:

  • (String)

    The subnet mask as a valid prefix length



94
95
96
97
 
# File 'lib/rbeapi/api/acl.rb', line 94

def mask_to_prefixlen(mask)
  mask = '255.255.255.255' unless mask
  NetAddr::CIDR.create('0.0.0.0/' + mask).netmask_ext
end

#remove_entry(name, seqno) ⇒ Boolean

remove_entry will remove the entry specified by the seqno for the ACL specified by name.

Parameters:

  • :name (String)

    The ACL name to update on the node.

  • :seqno (String)

    The sequence number of the entry in the ACL to remove.

Returns:

  • (Boolean)

    returns true if the command complete successfully



270
271
272
273
 
# File 'lib/rbeapi/api/acl.rb', line 270

def remove_entry(name, seqno)
  cmds = ["ip access-list standard #{name}", "no #{seqno}", 'exit']
  configure(cmds)
end

#update_entry(name, entry) ⇒ Boolean

update_entry will update an entry, identified by the seqno in the ACL specified by name, with the passed in parameters.

Parameters:

  • :name (String)

    The ACL name to update on the node.

  • :opts (Hash)

    the options for the entry

Returns:

  • (Boolean)

    returns true if the command complete successfully



228
229
230
231
232
233
234
 
# File 'lib/rbeapi/api/acl.rb', line 228

def update_entry(name, entry)
  cmds = ["ip access-list standard #{name}"]
  cmds << "no #{entry[:seqno]}"
  cmds << build_entry(entry)
  cmds << 'exit'
  configure(cmds)
end