diff --git a/CHANGELOG.md b/CHANGELOG.md index c2b21bc5..baa02f6b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,8 @@ ## upcoming release ENHANCEMENTS: * resource/`junos_security`: add `policies` argument with `policy_rematch` and `policy_rematch_extensive` arguments inside (Fixes #185) Thanks @Sha-San-P +* clean code: remove override of the lists of 1 map to handle directly the map +* clean code: fix lll linter errors with a var to map BUG FIXES: diff --git a/junos/func_resource_bgp.go b/junos/func_resource_bgp.go index c0732a86..2ccd71d1 100644 --- a/junos/func_resource_bgp.go +++ b/junos/func_resource_bgp.go @@ -492,27 +492,8 @@ func setBgpOptsBfd(setPrefix string, bfdLivenessDetection []interface{}, return nil } -func readBgpOptsBfd(item string, bfdOpts []map[string]interface{}) ([]map[string]interface{}, error) { +func readBgpOptsBfd(item string, bfdRead map[string]interface{}) error { itemTrim := strings.TrimPrefix(item, "bfd-liveness-detection ") - bfdRead := map[string]interface{}{ - "authentication_algorithm": "", - "authentication_key_chain": "", - "authentication_loose_check": false, - "detection_time_threshold": 0, - "holddown_interval": 0, - "minimum_interval": 0, - "minimum_receive_interval": 0, - "multiplier": 0, - "session_mode": "", - "transmit_interval_minimum_interval": 0, - "transmit_interval_threshold": 0, - "version": "", - } - if len(bfdOpts) > 0 { - for k, v := range bfdOpts[0] { - bfdRead[k] = v - } - } switch { case strings.HasPrefix(itemTrim, "authentication algorithm "): bfdRead["authentication_algorithm"] = strings.TrimPrefix(itemTrim, "authentication algorithm ") @@ -524,36 +505,31 @@ func readBgpOptsBfd(item string, bfdOpts []map[string]interface{}) ([]map[string var err error bfdRead["detection_time_threshold"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "detection-time threshold ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "holddown-interval "): var err error bfdRead["holddown_interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "holddown-interval ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "minimum-interval "): var err error bfdRead["minimum_interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "minimum-interval ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "minimum-receive-interval "): var err error bfdRead["minimum_receive_interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "minimum-receive-interval ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "multiplier "): var err error bfdRead["multiplier"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "multiplier ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "session-mode "): bfdRead["session_mode"] = strings.TrimPrefix(itemTrim, "session-mode ") @@ -562,23 +538,20 @@ func readBgpOptsBfd(item string, bfdOpts []map[string]interface{}) ([]map[string bfdRead["transmit_interval_threshold"], err = strconv.Atoi( strings.TrimPrefix(itemTrim, "transmit-interval threshold ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "transmit-interval minimum-interval "): var err error bfdRead["transmit_interval_minimum_interval"], err = strconv.Atoi( strings.TrimPrefix(itemTrim, "transmit-interval minimum-interval ")) if err != nil { - return []map[string]interface{}{bfdRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "version "): bfdRead["version"] = strings.TrimPrefix(itemTrim, "version ") } - // override (maxItem = 1) - return []map[string]interface{}{bfdRead}, nil + return nil } func setBgpOptsFamily(setPrefix, familyType string, familyOptsList []interface{}, @@ -651,8 +624,8 @@ func setBgpOptsFamilyPrefixLimit(setPrefix string, prefixLimit map[string]interf func readBgpOptsFamily(item, familyType string, opts []map[string]interface{}) ([]map[string]interface{}, error) { readOpts := map[string]interface{}{ "nlri_type": "", - "accepted_prefix_limit": make([]map[string]interface{}, 0, 1), - "prefix_limit": make([]map[string]interface{}, 0, 1), + "accepted_prefix_limit": make([]map[string]interface{}, 0), + "prefix_limit": make([]map[string]interface{}, 0), } setPrefix := "family " switch familyType { @@ -669,17 +642,16 @@ func readBgpOptsFamily(item, familyType string, opts []map[string]interface{}) ( itemTrim := strings.TrimPrefix(item, setPrefix+readOpts["nlri_type"].(string)+" ") switch { case strings.HasPrefix(itemTrim, "accepted-prefix-limit "): - readOptsPL := map[string]interface{}{ - "maximum": 0, - "teardown": 0, - "teardown_idle_timeout": 0, - "teardown_idle_timeout_forever": false, - } - if len(readOpts["accepted_prefix_limit"].([]map[string]interface{})) > 0 { - for k, v := range readOpts["accepted_prefix_limit"].([]map[string]interface{})[0] { - readOptsPL[k] = v - } - } + if len(readOpts["accepted_prefix_limit"].([]map[string]interface{})) == 0 { + readOpts["accepted_prefix_limit"] = append(readOpts["accepted_prefix_limit"].([]map[string]interface{}), + map[string]interface{}{ + "maximum": 0, + "teardown": 0, + "teardown_idle_timeout": 0, + "teardown_idle_timeout_forever": false, + }) + } + readOptsPL := readOpts["accepted_prefix_limit"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemTrim, "accepted-prefix-limit maximum"): var err error @@ -706,20 +678,17 @@ func readBgpOptsFamily(item, familyType string, opts []map[string]interface{}) ( return append(opts, readOpts), fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } } - // override (maxItem = 1) - readOpts["accepted_prefix_limit"] = []map[string]interface{}{readOptsPL} case strings.HasPrefix(itemTrim, "prefix-limit "): - readOptsPL := map[string]interface{}{ - "maximum": 0, - "teardown": 0, - "teardown_idle_timeout": 0, - "teardown_idle_timeout_forever": false, - } - if len(readOpts["prefix_limit"].([]map[string]interface{})) > 0 { - for k, v := range readOpts["prefix_limit"].([]map[string]interface{})[0] { - readOptsPL[k] = v - } - } + if len(readOpts["prefix_limit"].([]map[string]interface{})) == 0 { + readOpts["prefix_limit"] = append(readOpts["prefix_limit"].([]map[string]interface{}), + map[string]interface{}{ + "maximum": 0, + "teardown": 0, + "teardown_idle_timeout": 0, + "teardown_idle_timeout_forever": false, + }) + } + readOptsPL := readOpts["prefix_limit"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemTrim, "prefix-limit maximum "): var err error @@ -745,8 +714,6 @@ func readBgpOptsFamily(item, familyType string, opts []map[string]interface{}) ( return append(opts, readOpts), fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } } - // override (maxItem = 1) - readOpts["prefix_limit"] = []map[string]interface{}{readOptsPL} } return append(opts, readOpts), nil @@ -783,18 +750,8 @@ func setBgpOptsGrafefulRestart(setPrefix string, gracefulRestarts []interface{}, return nil } -func readBgpOptsGracefulRestart(item string, grOpts []map[string]interface{}) ([]map[string]interface{}, error) { +func readBgpOptsGracefulRestart(item string, grRead map[string]interface{}) error { itemTrim := strings.TrimPrefix(item, "graceful-restart ") - grRead := map[string]interface{}{ - "disable": false, - "restart_time": 0, - "stale_route_time": 0, - } - if len(grOpts) > 0 { - for k, v := range grOpts[0] { - grRead[k] = v - } - } switch { case itemTrim == disableW: grRead["disable"] = true @@ -802,17 +759,15 @@ func readBgpOptsGracefulRestart(item string, grOpts []map[string]interface{}) ([ var err error grRead["restart_time"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "restart-time ")) if err != nil { - return []map[string]interface{}{grRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "stale-routes-time "): var err error grRead["stale_route_time"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "stale-routes-time ")) if err != nil { - return []map[string]interface{}{grRead}, - fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } } - // override (maxItem = 1) - return []map[string]interface{}{grRead}, nil + + return nil } diff --git a/junos/resource_bgp_group.go b/junos/resource_bgp_group.go index e24975b1..d0de0011 100644 --- a/junos/resource_bgp_group.go +++ b/junos/resource_bgp_group.go @@ -878,8 +878,24 @@ func readBgpGroup(bgpGroup, instance string, m interface{}, jnprSess *NetconfObj itemTrim := strings.TrimPrefix(item, setLineStart) switch { case strings.HasPrefix(itemTrim, "bfd-liveness-detection "): - confRead.bfdLivenessDetection, err = readBgpOptsBfd(itemTrim, confRead.bfdLivenessDetection) - if err != nil { + if len(confRead.bfdLivenessDetection) == 0 { + confRead.bfdLivenessDetection = append(confRead.bfdLivenessDetection, + map[string]interface{}{ + "authentication_algorithm": "", + "authentication_key_chain": "", + "authentication_loose_check": false, + "detection_time_threshold": 0, + "holddown_interval": 0, + "minimum_interval": 0, + "minimum_receive_interval": 0, + "multiplier": 0, + "session_mode": "", + "transmit_interval_minimum_interval": 0, + "transmit_interval_threshold": 0, + "version": "", + }) + } + if err := readBgpOptsBfd(itemTrim, confRead.bfdLivenessDetection[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrim, "family evpn "): @@ -898,8 +914,14 @@ func readBgpGroup(bgpGroup, instance string, m interface{}, jnprSess *NetconfObj return confRead, err } case strings.HasPrefix(itemTrim, "graceful-restart "): - confRead.gracefulRestart, err = readBgpOptsGracefulRestart(itemTrim, confRead.gracefulRestart) - if err != nil { + if len(confRead.gracefulRestart) == 0 { + confRead.gracefulRestart = append(confRead.gracefulRestart, map[string]interface{}{ + "disable": false, + "restart_time": 0, + "stale_route_time": 0, + }) + } + if err := readBgpOptsGracefulRestart(itemTrim, confRead.gracefulRestart[0]); err != nil { return confRead, err } default: diff --git a/junos/resource_bgp_neighbor.go b/junos/resource_bgp_neighbor.go index 91011785..a36ce38a 100644 --- a/junos/resource_bgp_neighbor.go +++ b/junos/resource_bgp_neighbor.go @@ -898,13 +898,35 @@ func readBgpNeighbor(ip, instance, group string, m interface{}, jnprSess *Netcon return confRead, err } case strings.HasPrefix(itemTrim, "bfd-liveness-detection "): - confRead.bfdLivenessDetection, err = readBgpOptsBfd(itemTrim, confRead.bfdLivenessDetection) - if err != nil { + if len(confRead.bfdLivenessDetection) == 0 { + confRead.bfdLivenessDetection = append(confRead.bfdLivenessDetection, + map[string]interface{}{ + "authentication_algorithm": "", + "authentication_key_chain": "", + "authentication_loose_check": false, + "detection_time_threshold": 0, + "holddown_interval": 0, + "minimum_interval": 0, + "minimum_receive_interval": 0, + "multiplier": 0, + "session_mode": "", + "transmit_interval_minimum_interval": 0, + "transmit_interval_threshold": 0, + "version": "", + }) + } + if err := readBgpOptsBfd(itemTrim, confRead.bfdLivenessDetection[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrim, "graceful-restart "): - confRead.gracefulRestart, err = readBgpOptsGracefulRestart(itemTrim, confRead.gracefulRestart) - if err != nil { + if len(confRead.gracefulRestart) == 0 { + confRead.gracefulRestart = append(confRead.gracefulRestart, map[string]interface{}{ + "disable": false, + "restart_time": 0, + "stale_route_time": 0, + }) + } + if err := readBgpOptsGracefulRestart(itemTrim, confRead.gracefulRestart[0]); err != nil { return confRead, err } default: diff --git a/junos/resource_firewall_filter.go b/junos/resource_firewall_filter.go index cd1e70a1..6219cd5e 100644 --- a/junos/resource_firewall_filter.go +++ b/junos/resource_firewall_filter.go @@ -521,11 +521,19 @@ func readFirewallFilter(filter, family string, m interface{}, jnprSess *NetconfO case strings.HasPrefix(itemTrimTerm, "filter "): termOptions["filter"] = strings.TrimPrefix(itemTrimTerm, "filter ") case strings.HasPrefix(itemTrimTerm, "from "): - termOptions["from"] = readFirewallFilterOptsFrom(strings.TrimPrefix(itemTrimTerm, "from "), - termOptions["from"].([]map[string]interface{})) + if len(termOptions["from"].([]map[string]interface{})) == 0 { + termOptions["from"] = append(termOptions["from"].([]map[string]interface{}), + genMapFirewallFilterOptsFrom()) + } + readFirewallFilterOptsFrom(strings.TrimPrefix(itemTrimTerm, "from "), + termOptions["from"].([]map[string]interface{})[0]) case strings.HasPrefix(itemTrimTerm, "then "): - termOptions["then"] = readFirewallFilterOptsThen(strings.TrimPrefix(itemTrimTerm, "then "), - termOptions["then"].([]map[string]interface{})) + if len(termOptions["then"].([]map[string]interface{})) == 0 { + termOptions["then"] = append(termOptions["then"].([]map[string]interface{}), + genMapFirewallFilterOptsThen()) + } + readFirewallFilterOptsThen(strings.TrimPrefix(itemTrimTerm, "then "), + termOptions["then"].([]map[string]interface{})[0]) } confRead.term = append(confRead.term, termOptions) } @@ -735,14 +743,7 @@ func setFirewallFilterOptsThen(setPrefixTermThen string, configSet []string, the return configSet } -func readFirewallFilterOptsFrom(item string, - confReadElement []map[string]interface{}) []map[string]interface{} { - fromMap := genMapFirewallFilterOptsFrom() - if len(confReadElement) > 0 { - for k, v := range confReadElement[0] { - fromMap[k] = v - } - } +func readFirewallFilterOptsFrom(item string, fromMap map[string]interface{}) { switch { case strings.HasPrefix(item, "address "): if strings.HasSuffix(item, " except") { @@ -840,19 +841,9 @@ func readFirewallFilterOptsFrom(item string, case item == "tcp-initial": fromMap["tcp_initial"] = true } - - // override (maxItem = 1) - return []map[string]interface{}{fromMap} } -func readFirewallFilterOptsThen(item string, - confReadElement []map[string]interface{}) []map[string]interface{} { - thenMap := genMapFirewallFilterOptsThen() - if len(confReadElement) > 0 { - for k, v := range confReadElement[0] { - thenMap[k] = v - } - } +func readFirewallFilterOptsThen(item string, thenMap map[string]interface{}) { switch { case item == "accept", item == "reject", @@ -876,8 +867,6 @@ func readFirewallFilterOptsThen(item string, case item == "syslog": thenMap["syslog"] = true } - // override (maxItem = 1) - return []map[string]interface{}{thenMap} } func genMapFirewallFilterOptsFrom() map[string]interface{} { diff --git a/junos/resource_firewall_policer.go b/junos/resource_firewall_policer.go index 4410737c..dd87ec79 100644 --- a/junos/resource_firewall_policer.go +++ b/junos/resource_firewall_policer.go @@ -343,53 +343,44 @@ func readFirewallPolicer(policer string, m interface{}, jnprSess *NetconfObject) case itemTrim == "filter-specific": confRead.filterSpecific = true case strings.HasPrefix(itemTrim, "if-exceeding "): - ifExceeding := map[string]interface{}{ - "bandwidth_percent": 0, - "bandwidth_limit": "", - "burst_size_limit": "", - } - if len(confRead.ifExceeding) > 0 { - for k, v := range confRead.ifExceeding[0] { - ifExceeding[k] = v - } + if len(confRead.ifExceeding) == 0 { + confRead.ifExceeding = append(confRead.ifExceeding, map[string]interface{}{ + "bandwidth_percent": 0, + "bandwidth_limit": "", + "burst_size_limit": "", + }) } switch { case strings.HasPrefix(itemTrim, "if-exceeding bandwidth-percent "): - ifExceeding["bandwidth_percent"], err = strconv.Atoi( + confRead.ifExceeding[0]["bandwidth_percent"], err = strconv.Atoi( strings.TrimPrefix(itemTrim, "if-exceeding bandwidth-percent ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "if-exceeding bandwidth-limit "): - ifExceeding["bandwidth_limit"] = strings.TrimPrefix(itemTrim, "if-exceeding bandwidth-limit ") + confRead.ifExceeding[0]["bandwidth_limit"] = strings.TrimPrefix(itemTrim, "if-exceeding bandwidth-limit ") case strings.HasPrefix(itemTrim, "if-exceeding burst-size-limit "): - ifExceeding["burst_size_limit"] = strings.TrimPrefix(itemTrim, "if-exceeding burst-size-limit ") + confRead.ifExceeding[0]["burst_size_limit"] = strings.TrimPrefix(itemTrim, "if-exceeding burst-size-limit ") } - // override (maxItem = 1) - confRead.ifExceeding = []map[string]interface{}{ifExceeding} case strings.HasPrefix(itemTrim, "then "): - then := map[string]interface{}{ - "discard": false, - "forwarding_class": "", - "loss_priority": "", - "out_of_profile": false, - } - if len(confRead.then) > 0 { - for k, v := range confRead.then[0] { - then[k] = v - } + if len(confRead.then) == 0 { + confRead.then = append(confRead.then, map[string]interface{}{ + "discard": false, + "forwarding_class": "", + "loss_priority": "", + "out_of_profile": false, + }) } switch { case itemTrim == "then discard": - then["discard"] = true + confRead.then[0]["discard"] = true case strings.HasPrefix(itemTrim, "then forwarding-class "): - then["forwarding_class"] = strings.TrimPrefix(itemTrim, "then forwarding-class ") + confRead.then[0]["forwarding_class"] = strings.TrimPrefix(itemTrim, "then forwarding-class ") case strings.HasPrefix(itemTrim, "then loss-priority "): - then["loss_priority"] = strings.TrimPrefix(itemTrim, "then loss-priority ") + confRead.then[0]["loss_priority"] = strings.TrimPrefix(itemTrim, "then loss-priority ") case itemTrim == "then out-of-profile": - then["out_of_profile"] = true + confRead.then[0]["out_of_profile"] = true } - confRead.then = []map[string]interface{}{then} } } } diff --git a/junos/resource_interface_physical.go b/junos/resource_interface_physical.go index f6afba20..7fb4c557 100644 --- a/junos/resource_interface_physical.go +++ b/junos/resource_interface_physical.go @@ -1392,78 +1392,74 @@ func readInterfacePhysicalParentEtherOpts(confRead *interfacePhysicalOptions, it "version": "", }) } + parentEtherOptsBFDLiveDetect := confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0] itemTrimBfdLiveDet := strings.TrimPrefix(itemTrim, "bfd-liveness-detection ") switch { case strings.HasPrefix(itemTrimBfdLiveDet, "local-address "): - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["local_address"] = - strings.TrimPrefix(itemTrimBfdLiveDet, "local-address ") + parentEtherOptsBFDLiveDetect["local_address"] = strings.TrimPrefix(itemTrimBfdLiveDet, "local-address ") case strings.HasPrefix(itemTrimBfdLiveDet, "authentication algorithm "): - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["authentication_algorithm"] = + parentEtherOptsBFDLiveDetect["authentication_algorithm"] = strings.TrimPrefix(itemTrimBfdLiveDet, "authentication algorithm ") case strings.HasPrefix(itemTrimBfdLiveDet, "authentication key-chain "): - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["authentication_key_chain"] = + parentEtherOptsBFDLiveDetect["authentication_key_chain"] = strings.TrimPrefix(itemTrimBfdLiveDet, "authentication key-chain ") case itemTrimBfdLiveDet == "authentication loose-check": - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["authentication_loose_check"] = - true + parentEtherOptsBFDLiveDetect["authentication_loose_check"] = true case strings.HasPrefix(itemTrimBfdLiveDet, "detection-time threshold "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["detection_time_threshold"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "detection-time threshold ")) + parentEtherOptsBFDLiveDetect["detection_time_threshold"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "detection-time threshold ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "holddown-interval "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["holddown_interval"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "holddown-interval ")) + parentEtherOptsBFDLiveDetect["holddown_interval"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "holddown-interval ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "minimum-interval "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["minimum_interval"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "minimum-interval ")) + parentEtherOptsBFDLiveDetect["minimum_interval"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "minimum-interval ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "minimum-receive-interval "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["minimum_receive_interval"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "minimum-receive-interval ")) + parentEtherOptsBFDLiveDetect["minimum_receive_interval"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "minimum-receive-interval ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "multiplier "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["multiplier"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "multiplier ")) + parentEtherOptsBFDLiveDetect["multiplier"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "multiplier ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "neighbor "): - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["neighbor"] = - strings.TrimPrefix(itemTrimBfdLiveDet, "neighbor ") + parentEtherOptsBFDLiveDetect["neighbor"] = strings.TrimPrefix(itemTrimBfdLiveDet, "neighbor ") case itemTrimBfdLiveDet == "no-adaptation": - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["no_adaptation"] = - true + parentEtherOptsBFDLiveDetect["no_adaptation"] = true case strings.HasPrefix(itemTrimBfdLiveDet, "transmit-interval minimum-interval "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["transmit_interval_minimum_interval"], // nolint: lll - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "transmit-interval minimum-interval ")) + parentEtherOptsBFDLiveDetect["transmit_interval_minimum_interval"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "transmit-interval minimum-interval ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "transmit-interval threshold "): var err error - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["transmit_interval_threshold"], - err = strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "transmit-interval threshold ")) + parentEtherOptsBFDLiveDetect["transmit_interval_threshold"], err = + strconv.Atoi(strings.TrimPrefix(itemTrimBfdLiveDet, "transmit-interval threshold ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrimBfdLiveDet, "version "): - confRead.parentEtherOpts[0]["bfd_liveness_detection"].([]map[string]interface{})[0]["version"] = - strings.TrimPrefix(itemTrimBfdLiveDet, "version ") + parentEtherOptsBFDLiveDetect["version"] = strings.TrimPrefix(itemTrimBfdLiveDet, "version ") } case itemTrim == flowControlWords: confRead.parentEtherOpts[0]["flow_control"] = true diff --git a/junos/resource_policyoptions_policy_statement.go b/junos/resource_policyoptions_policy_statement.go index 63dabff8..c63d3ac6 100644 --- a/junos/resource_policyoptions_policy_statement.go +++ b/junos/resource_policyoptions_policy_statement.go @@ -948,38 +948,53 @@ func readPolicyStatement(policyStatement string, termOptions, confRead.term = copyAndRemoveItemMapList("name", false, termOptions, confRead.term) switch { case strings.HasPrefix(itemTrimTerm, "from "): - termOptions["from"], err = readPolicyStatementOptsFrom(strings.TrimPrefix(itemTrimTerm, "from "), - termOptions["from"].([]map[string]interface{})) - if err != nil { + if len(termOptions["from"].([]map[string]interface{})) == 0 { + termOptions["from"] = append(termOptions["from"].([]map[string]interface{}), + genMapPolicyStatementOptsFrom()) + } + if err := readPolicyStatementOptsFrom(strings.TrimPrefix(itemTrimTerm, "from "), + termOptions["from"].([]map[string]interface{})[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrimTerm, "then "): - termOptions["then"], err = readPolicyStatementOptsThen(strings.TrimPrefix(itemTrimTerm, "then "), - termOptions["then"].([]map[string]interface{})) - if err != nil { + if len(termOptions["then"].([]map[string]interface{})) == 0 { + termOptions["then"] = append(termOptions["then"].([]map[string]interface{}), + genMapPolicyStatementOptsThen()) + } + if err := readPolicyStatementOptsThen(strings.TrimPrefix(itemTrimTerm, "then "), + termOptions["then"].([]map[string]interface{})[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrimTerm, "to "): - termOptions["to"], err = readPolicyStatementOptsTo(strings.TrimPrefix(itemTrimTerm, "to "), - termOptions["to"].([]map[string]interface{})) - if err != nil { + if len(termOptions["to"].([]map[string]interface{})) == 0 { + termOptions["to"] = append(termOptions["to"].([]map[string]interface{}), + genMapPolicyStatementOptsTo()) + } + if err := readPolicyStatementOptsTo(strings.TrimPrefix(itemTrimTerm, "to "), + termOptions["to"].([]map[string]interface{})[0]); err != nil { return confRead, err } } confRead.term = append(confRead.term, termOptions) case strings.HasPrefix(itemTrim, "from "): - confRead.from, err = readPolicyStatementOptsFrom(strings.TrimPrefix(itemTrim, "from "), confRead.from) - if err != nil { + if len(confRead.from) == 0 { + confRead.from = append(confRead.from, genMapPolicyStatementOptsFrom()) + } + if err := readPolicyStatementOptsFrom(strings.TrimPrefix(itemTrim, "from "), confRead.from[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrim, "then "): - confRead.then, err = readPolicyStatementOptsThen(strings.TrimPrefix(itemTrim, "then "), confRead.then) - if err != nil { + if len(confRead.then) == 0 { + confRead.then = append(confRead.then, genMapPolicyStatementOptsThen()) + } + if err := readPolicyStatementOptsThen(strings.TrimPrefix(itemTrim, "then "), confRead.then[0]); err != nil { return confRead, err } case strings.HasPrefix(itemTrim, "to "): - confRead.to, err = readPolicyStatementOptsTo(strings.TrimPrefix(itemTrim, "to "), confRead.to) - if err != nil { + if len(confRead.to) == 0 { + confRead.to = append(confRead.to, genMapPolicyStatementOptsTo()) + } + if err := readPolicyStatementOptsTo(strings.TrimPrefix(itemTrim, "to "), confRead.to[0]); err != nil { return confRead, err } } @@ -1211,15 +1226,7 @@ func setPolicyStatementOptsTo(setPrefix string, opts map[string]interface{}) []s return configSet } -func readPolicyStatementOptsFrom(item string, - confReadElement []map[string]interface{}) ([]map[string]interface{}, error) { - fromMap := genMapPolicyStatementOptsFrom() - var err error - if len(confReadElement) > 0 { - for k, v := range confReadElement[0] { - fromMap[k] = v - } - } +func readPolicyStatementOptsFrom(item string, fromMap map[string]interface{}) error { switch { case item == "aggregate-contributor": fromMap["aggregate_contributor"] = true @@ -1235,18 +1242,20 @@ func readPolicyStatementOptsFrom(item string, case strings.HasPrefix(item, "family "): fromMap["family"] = strings.TrimPrefix(item, "family ") case strings.HasPrefix(item, "local-preference "): + var err error fromMap["local_preference"], err = strconv.Atoi(strings.TrimPrefix(item, "local-preference ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "instance "): fromMap["routing_instance"] = strings.TrimPrefix(item, "instance ") case strings.HasPrefix(item, "interface "): fromMap["interface"] = append(fromMap["interface"].([]string), strings.TrimPrefix(item, "interface ")) case strings.HasPrefix(item, "metric "): + var err error fromMap["metric"], err = strconv.Atoi(strings.TrimPrefix(item, "metric ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "neighbor "): fromMap["neighbor"] = append(fromMap["neighbor"].([]string), strings.TrimPrefix(item, "neighbor ")) @@ -1257,9 +1266,10 @@ func readPolicyStatementOptsFrom(item string, case strings.HasPrefix(item, "policy "): fromMap["policy"] = append(fromMap["policy"].([]string), strings.TrimPrefix(item, "policy ")) case strings.HasPrefix(item, "preference "): + var err error fromMap["preference"], err = strconv.Atoi(strings.TrimPrefix(item, "preference ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "prefix-list "): fromMap["prefix_list"] = append(fromMap["prefix_list"].([]string), strings.TrimPrefix(item, "prefix-list ")) @@ -1280,19 +1290,10 @@ func readPolicyStatementOptsFrom(item string, fromMap["route_filter"] = append(fromMap["route_filter"].([]map[string]interface{}), routeFilterMap) } - // override (maxItem = 1) - return []map[string]interface{}{fromMap}, nil + return nil } -func readPolicyStatementOptsThen(item string, - confReadElement []map[string]interface{}) ([]map[string]interface{}, error) { - thenMap := genMapPolicyStatementOptsThen() - var err error - if len(confReadElement) > 0 { - for k, v := range confReadElement[0] { - thenMap[k] = v - } - } +func readPolicyStatementOptsThen(item string, thenMap map[string]interface{}) error { switch { case strings.HasPrefix(item, "accept"), strings.HasPrefix(item, "reject"): @@ -1320,17 +1321,18 @@ func readPolicyStatementOptsThen(item string, "value": 0, } itemSplit := strings.Split(item, " ") + var err error if len(itemSplit) == 2 { localPreferenceMap["action"] = actionNoneWord localPreferenceMap["value"], err = strconv.Atoi(itemSplit[1]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } else { localPreferenceMap["action"] = itemSplit[1] localPreferenceMap["value"], err = strconv.Atoi(itemSplit[2]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } @@ -1345,17 +1347,18 @@ func readPolicyStatementOptsThen(item string, "value": 0, } itemSplit := strings.Split(item, " ") + var err error if len(itemSplit) == 2 { metricMap["action"] = actionNoneWord metricMap["value"], err = strconv.Atoi(itemSplit[1]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } else { metricMap["action"] = itemSplit[1] metricMap["value"], err = strconv.Atoi(itemSplit[2]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } thenMap["metric"] = append(thenMap["metric"].([]map[string]interface{}), metricMap) @@ -1367,35 +1370,27 @@ func readPolicyStatementOptsThen(item string, "value": 0, } itemSplit := strings.Split(item, " ") + var err error if len(itemSplit) == 2 { preferenceMap["action"] = actionNoneWord preferenceMap["value"], err = strconv.Atoi(itemSplit[1]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } else { preferenceMap["action"] = itemSplit[1] preferenceMap["value"], err = strconv.Atoi(itemSplit[2]) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } } thenMap["preference"] = append(thenMap["preference"].([]map[string]interface{}), preferenceMap) } - // override (maxItem = 1) - return []map[string]interface{}{thenMap}, nil + return nil } -func readPolicyStatementOptsTo(item string, - confReadElement []map[string]interface{}) ([]map[string]interface{}, error) { - toMap := genMapPolicyStatementOptsTo() - var err error - if len(confReadElement) > 0 { - for k, v := range confReadElement[0] { - toMap[k] = v - } - } +func readPolicyStatementOptsTo(item string, toMap map[string]interface{}) error { switch { case strings.HasPrefix(item, "as-path "): toMap["bgp_as_path"] = append(toMap["bgp_as_path"].([]string), strings.TrimPrefix(item, "as-path ")) @@ -1408,18 +1403,20 @@ func readPolicyStatementOptsTo(item string, case strings.HasPrefix(item, "family "): toMap["family"] = strings.TrimPrefix(item, "family ") case strings.HasPrefix(item, "local-preference "): + var err error toMap["local_preference"], err = strconv.Atoi(strings.TrimPrefix(item, "local-preference ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "instance "): toMap["routing_instance"] = strings.TrimPrefix(item, "instance ") case strings.HasPrefix(item, "interface "): toMap["interface"] = append(toMap["interface"].([]string), strings.TrimPrefix(item, "interface ")) case strings.HasPrefix(item, "metric "): + var err error toMap["metric"], err = strconv.Atoi(strings.TrimPrefix(item, "metric ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "neighbor "): toMap["neighbor"] = append(toMap["neighbor"].([]string), strings.TrimPrefix(item, "neighbor ")) @@ -1430,16 +1427,16 @@ func readPolicyStatementOptsTo(item string, case strings.HasPrefix(item, "policy "): toMap["policy"] = append(toMap["policy"].([]string), strings.TrimPrefix(item, "policy ")) case strings.HasPrefix(item, "preference "): + var err error toMap["preference"], err = strconv.Atoi(strings.TrimPrefix(item, "preference ")) if err != nil { - return nil, fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) + return fmt.Errorf("failed to convert value from '%s' to integer : %w", item, err) } case strings.HasPrefix(item, "protocol "): toMap["protocol"] = append(toMap["protocol"].([]string), strings.TrimPrefix(item, "protocol ")) } - // override (maxItem = 1) - return []map[string]interface{}{toMap}, nil + return nil } func genMapPolicyStatementOptsFrom() map[string]interface{} { diff --git a/junos/resource_security.go b/junos/resource_security.go index 68244f41..5a0b4d62 100644 --- a/junos/resource_security.go +++ b/junos/resource_security.go @@ -1609,23 +1609,23 @@ func readSecurityFlow(confRead *securityOptions, itemTrimFlow string) error { "no_packet_flooding": make([]map[string]interface{}, 0), }) } + flowEthernetSwitching := confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0] switch { case itemTrim == "ethernet-switching block-non-ip-all": - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["block_non_ip_all"] = true + flowEthernetSwitching["block_non_ip_all"] = true case itemTrim == "ethernet-switching bypass-non-ip-unicast": - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["bypass_non_ip_unicast"] = true + flowEthernetSwitching["bypass_non_ip_unicast"] = true case itemTrim == "ethernet-switching bpdu-vlan-flooding": - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["bpdu_vlan_flooding"] = true + flowEthernetSwitching["bpdu_vlan_flooding"] = true case strings.HasPrefix(itemTrim, "ethernet-switching no-packet-flooding"): - if len(confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["no_packet_flooding"].([]map[string]interface{})) == 0 { // nolint: lll - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["no_packet_flooding"] = append( - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["no_packet_flooding"].([]map[string]interface{}), // nolint: lll - map[string]interface{}{ + if len(flowEthernetSwitching["no_packet_flooding"].([]map[string]interface{})) == 0 { + flowEthernetSwitching["no_packet_flooding"] = append( + flowEthernetSwitching["no_packet_flooding"].([]map[string]interface{}), map[string]interface{}{ "no_trace_route": false, }) } if itemTrim == "ethernet-switching no-packet-flooding no-trace-route" { - confRead.flow[0]["ethernet_switching"].([]map[string]interface{})[0]["no_packet_flooding"].([]map[string]interface{})[0]["no_trace_route"] = true // nolint: lll + flowEthernetSwitching["no_packet_flooding"].([]map[string]interface{})[0]["no_trace_route"] = true } } case itemTrim == "force-ip-reassembly": @@ -1732,35 +1732,34 @@ func readSecurityFlow(confRead *securityOptions, itemTrimFlow string) error { "time_wait_state": make([]map[string]interface{}, 0), }) } + flowTCPSession := confRead.flow[0]["tcp_session"].([]map[string]interface{})[0] switch { case itemTrim == "tcp-session fin-invalidate-session": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["fin_invalidate_session"] = true + flowTCPSession["fin_invalidate_session"] = true case strings.HasPrefix(itemTrim, "tcp-session maximum-window "): - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["maximum_window"] = - strings.TrimPrefix(itemTrim, "tcp-session maximum-window ") + flowTCPSession["maximum_window"] = strings.TrimPrefix(itemTrim, "tcp-session maximum-window ") case itemTrim == "tcp-session no-sequence-check": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["no_sequence_check"] = true + flowTCPSession["no_sequence_check"] = true case itemTrim == "tcp-session no-syn-check": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["no_syn_check"] = true + flowTCPSession["no_syn_check"] = true case itemTrim == "tcp-session no-syn-check-in-tunnel": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["no_syn_check_in_tunnel"] = true + flowTCPSession["no_syn_check_in_tunnel"] = true case itemTrim == "tcp-session rst-invalidate-session": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["rst_invalidate_session"] = true + flowTCPSession["rst_invalidate_session"] = true case itemTrim == "tcp-session rst-sequence-check": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["rst_sequence_check"] = true + flowTCPSession["rst_sequence_check"] = true case itemTrim == "tcp-session strict-syn-check": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["strict_syn_check"] = true + flowTCPSession["strict_syn_check"] = true case strings.HasPrefix(itemTrim, "tcp-session tcp-initial-timeout "): var err error - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["tcp_initial_timeout"], err = + flowTCPSession["tcp_initial_timeout"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "tcp-session tcp-initial-timeout ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "tcp-session time-wait-state"): - if len(confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"].([]map[string]interface{})) == 0 { // nolint: lll - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"] = append( - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"].([]map[string]interface{}), + if len(flowTCPSession["time_wait_state"].([]map[string]interface{})) == 0 { + flowTCPSession["time_wait_state"] = append(flowTCPSession["time_wait_state"].([]map[string]interface{}), map[string]interface{}{ "apply_to_half_close_state": false, "session_ageout": false, @@ -1769,12 +1768,12 @@ func readSecurityFlow(confRead *securityOptions, itemTrimFlow string) error { } switch { case itemTrim == "tcp-session time-wait-state apply-to-half-close-state": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"].([]map[string]interface{})[0]["apply_to_half_close_state"] = true // nolint: lll + flowTCPSession["time_wait_state"].([]map[string]interface{})[0]["apply_to_half_close_state"] = true case itemTrim == "tcp-session time-wait-state session-ageout": - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"].([]map[string]interface{})[0]["session_ageout"] = true // nolint: lll + flowTCPSession["time_wait_state"].([]map[string]interface{})[0]["session_ageout"] = true case strings.HasPrefix(itemTrim, "tcp-session time-wait-state session-timeout "): var err error - confRead.flow[0]["tcp_session"].([]map[string]interface{})[0]["time_wait_state"].([]map[string]interface{})[0]["session_timeout"], err = // nolint: lll + flowTCPSession["time_wait_state"].([]map[string]interface{})[0]["session_timeout"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "tcp-session time-wait-state session-timeout ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) @@ -2006,23 +2005,22 @@ func readSecurityUtm(confRead *securityOptions, itemTrimUtm string) error { }) } itemTrimServer := strings.TrimPrefix(itemTrimUtm, "utm feature-profile web-filtering juniper-enhanced server") + utmFeatProfWebFiltJunEnhServer := + confRead.utm[0]["feature_profile_web_filtering_juniper_enhanced_server"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemTrimServer, " host "): - confRead.utm[0]["feature_profile_web_filtering_juniper_enhanced_server"].([]map[string]interface{})[0]["host"] = - strings.TrimPrefix(itemTrimServer, " host ") + utmFeatProfWebFiltJunEnhServer["host"] = strings.TrimPrefix(itemTrimServer, " host ") case strings.HasPrefix(itemTrimServer, " port "): var err error - confRead.utm[0]["feature_profile_web_filtering_juniper_enhanced_server"].([]map[string]interface{})[0]["port"], err = - strconv.Atoi(strings.TrimPrefix(itemTrimServer, " port ")) + utmFeatProfWebFiltJunEnhServer["port"], err = strconv.Atoi(strings.TrimPrefix(itemTrimServer, " port ")) if err != nil { return fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrimUtm, err) } case strings.HasPrefix(itemTrimServer, " proxy-profile "): - confRead.utm[0]["feature_profile_web_filtering_juniper_enhanced_server"].([]map[string]interface{})[0]["proxy_profile"] = //nolint: lll + utmFeatProfWebFiltJunEnhServer["proxy_profile"] = strings.Trim(strings.TrimPrefix(itemTrimServer, " proxy-profile "), "\"") case strings.HasPrefix(itemTrimServer, " routing-instance "): - confRead.utm[0]["feature_profile_web_filtering_juniper_enhanced_server"].([]map[string]interface{})[0]["routing_instance"] = //nolint: lll - strings.TrimPrefix(itemTrimServer, " routing-instance ") + utmFeatProfWebFiltJunEnhServer["routing_instance"] = strings.TrimPrefix(itemTrimServer, " routing-instance ") } } diff --git a/junos/resource_security_global_policy.go b/junos/resource_security_global_policy.go index c2f62bfc..865d67ee 100644 --- a/junos/resource_security_global_policy.go +++ b/junos/resource_security_global_policy.go @@ -449,8 +449,25 @@ func readSecurityGlobalPolicy(m interface{}, jnprSess *NetconfObject) (globalPol policy["log_close"] = true case strings.HasPrefix(itemTrimPolicy, "then permit application-services"): policy["then"] = permitWord - policy["permit_application_services"] = readGlobalPolicyPermitApplicationServices(itemTrimPolicy, - policy["permit_application_services"]) + if len(policy["permit_application_services"].([]map[string]interface{})) == 0 { + policy["permit_application_services"] = append( + policy["permit_application_services"].([]map[string]interface{}), + map[string]interface{}{ + "application_firewall_rule_set": "", + "application_traffic_control_rule_set": "", + "gprs_gtp_profile": "", + "gprs_sctp_profile": "", + "idp": false, + "redirect_wx": false, + "reverse_redirect_wx": false, + "security_intelligence_policy": "", + "ssl_proxy": make([]map[string]interface{}, 0, 1), + "uac_policy": make([]map[string]interface{}, 0, 1), + "utm_policy": "", + }) + } + readGlobalPolicyPermitApplicationServices(itemTrimPolicy, + policy["permit_application_services"].([]map[string]interface{})[0]) } } policyList = append(policyList, policy) @@ -495,26 +512,7 @@ func genMapGlobalPolicyWithName(name string) map[string]interface{} { } } -func readGlobalPolicyPermitApplicationServices(itemTrimPolicy string, - permitApplicationServices interface{}) []map[string]interface{} { - applicationServices := map[string]interface{}{ - "application_firewall_rule_set": "", - "application_traffic_control_rule_set": "", - "gprs_gtp_profile": "", - "gprs_sctp_profile": "", - "idp": false, - "redirect_wx": false, - "reverse_redirect_wx": false, - "security_intelligence_policy": "", - "ssl_proxy": make([]map[string]interface{}, 0, 1), - "uac_policy": make([]map[string]interface{}, 0, 1), - "utm_policy": "", - } - if len(permitApplicationServices.([]map[string]interface{})) > 0 { - for k, v := range permitApplicationServices.([]map[string]interface{})[0] { - applicationServices[k] = v - } - } +func readGlobalPolicyPermitApplicationServices(itemTrimPolicy string, applicationServices map[string]interface{}) { itemTrimPolicyPermitAppSvc := strings.TrimPrefix(itemTrimPolicy, "then permit application-services ") switch { case strings.HasPrefix(itemTrimPolicyPermitAppSvc, "application-firewall rule-set "): @@ -565,9 +563,6 @@ func readGlobalPolicyPermitApplicationServices(itemTrimPolicy string, case strings.HasPrefix(itemTrimPolicyPermitAppSvc, "utm-policy "): applicationServices["utm_policy"] = strings.Trim(strings.TrimPrefix(itemTrimPolicyPermitAppSvc, "utm-policy "), "\"") } - - // override (maxItem = 1) - return []map[string]interface{}{applicationServices} } func setGlobalPolicyPermitApplicationServices(setPrefixPolicy string, diff --git a/junos/resource_security_ike_gateway.go b/junos/resource_security_ike_gateway.go index ff176eb9..ec24040e 100644 --- a/junos/resource_security_ike_gateway.go +++ b/junos/resource_security_ike_gateway.go @@ -678,68 +678,51 @@ func readIkeGateway(ikeGateway string, m interface{}, jnprSess *NetconfObject) ( confRead.aaa[0]["client_username"] = strings.TrimPrefix(itemTrim, "aaa client username ") } case strings.HasPrefix(itemTrim, "dead-peer-detection"): - deadPeerOptions := map[string]interface{}{ - "interval": 0, - "send_mode": "", - "threshold": 0, - } - if len(confRead.deadPeerDetection) > 0 { - for k, v := range confRead.deadPeerDetection[0] { - deadPeerOptions[k] = v - } + if len(confRead.deadPeerDetection) == 0 { + confRead.deadPeerDetection = append(confRead.deadPeerDetection, map[string]interface{}{ + "interval": 0, + "send_mode": "", + "threshold": 0, + }) } switch { case strings.HasPrefix(itemTrim, "dead-peer-detection interval "): - deadPeerOptions["interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, + confRead.deadPeerDetection[0]["interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "dead-peer-detection interval ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasSuffix(itemTrim, " always-send"): - deadPeerOptions["send_mode"] = "always-send" + confRead.deadPeerDetection[0]["send_mode"] = "always-send" case strings.HasSuffix(itemTrim, " optimized"): - deadPeerOptions["send_mode"] = "optimized" + confRead.deadPeerDetection[0]["send_mode"] = "optimized" case strings.HasSuffix(itemTrim, " probe-idle-tunnel"): - deadPeerOptions["send_mode"] = "probe-idle-tunnel" + confRead.deadPeerDetection[0]["send_mode"] = "probe-idle-tunnel" case strings.HasPrefix(itemTrim, "dead-peer-detection threshold "): - deadPeerOptions["threshold"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, + confRead.deadPeerDetection[0]["threshold"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "dead-peer-detection threshold ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } } - // override (maxItem = 1) - confRead.deadPeerDetection = []map[string]interface{}{deadPeerOptions} case itemTrim == "general-ikeid": confRead.generalIkeid = true case strings.HasPrefix(itemTrim, "local-address "): confRead.localAddress = strings.TrimPrefix(itemTrim, "local-address ") case strings.HasPrefix(itemTrim, "local-identity "): - localIdentityOptions := map[string]interface{}{ - "type": "", - "value": "", - } - readLocalIdentity := strings.TrimPrefix(itemTrim, "local-identity ") - readLocalIdentityList := strings.Split(readLocalIdentity, " ") - localIdentityOptions["type"] = readLocalIdentityList[0] - if len(readLocalIdentityList) > 1 { - localIdentityOptions["value"] = readLocalIdentityList[1] - } - // override (maxItem = 1) - confRead.localIdentity = []map[string]interface{}{localIdentityOptions} + readLocalIdentityList := strings.Split(strings.TrimPrefix(itemTrim, "local-identity "), " ") + confRead.localIdentity = append(confRead.localIdentity, map[string]interface{}{ + "type": readLocalIdentityList[0], + "value": readLocalIdentityList[1], + }) case itemTrim == "no-nat-traversal": confRead.noNatTraversal = true case strings.HasPrefix(itemTrim, "remote-identity "): - remoteIdentityOptions := map[string]interface{}{ - "type": "", - "value": "", - } - readRemoteIdentity := strings.TrimPrefix(itemTrim, "remote-identity ") - readRemoteIdentityList := strings.Split(readRemoteIdentity, " ") - remoteIdentityOptions["type"] = readRemoteIdentityList[0] - remoteIdentityOptions["value"] = readRemoteIdentityList[1] - // override (maxItem = 1) - confRead.remoteIdentity = []map[string]interface{}{remoteIdentityOptions} + readRemoteIdentityList := strings.Split(strings.TrimPrefix(itemTrim, "remote-identity "), " ") + confRead.remoteIdentity = append(confRead.remoteIdentity, map[string]interface{}{ + "type": readRemoteIdentityList[0], + "value": readRemoteIdentityList[1], + }) case strings.HasPrefix(itemTrim, "version "): confRead.version = strings.TrimPrefix(itemTrim, "version ") } diff --git a/junos/resource_security_ipsec_vpn.go b/junos/resource_security_ipsec_vpn.go index ae448998..8e598c38 100644 --- a/junos/resource_security_ipsec_vpn.go +++ b/junos/resource_security_ipsec_vpn.go @@ -236,9 +236,7 @@ func resourceIpsecVpnReadWJnprSess(d *schema.ResourceData, m interface{}, jnprSe for _, v := range d.Get("vpn_monitor").([]interface{}) { if v != nil { stateMonitor := v.(map[string]interface{}) - vpnMonitor := ipsecVpnOptions.vpnMonitor[0] - vpnMonitor["source_interface_auto"] = stateMonitor["source_interface_auto"].(bool) - ipsecVpnOptions.vpnMonitor = []map[string]interface{}{vpnMonitor} + ipsecVpnOptions.vpnMonitor[0]["source_interface_auto"] = stateMonitor["source_interface_auto"].(bool) } } } @@ -460,32 +458,27 @@ func readIpsecVpn(ipsecVpn string, m interface{}, jnprSess *NetconfObject) (ipse case strings.HasPrefix(itemTrim, "establish-tunnels "): confRead.establishTunnels = strings.TrimPrefix(itemTrim, "establish-tunnels ") case strings.HasPrefix(itemTrim, "ike "): - ikeOptions := map[string]interface{}{ - "gateway": "", - "policy": "", - "identity_local": "", - "identity_remote": "", - "identity_service": "", - } - if len(confRead.ike) > 0 { - for k, v := range confRead.ike[0] { - ikeOptions[k] = v - } + if len(confRead.ike) == 0 { + confRead.ike = append(confRead.ike, map[string]interface{}{ + "gateway": "", + "policy": "", + "identity_local": "", + "identity_remote": "", + "identity_service": "", + }) } switch { case strings.HasPrefix(itemTrim, "ike gateway "): - ikeOptions["gateway"] = strings.TrimPrefix(itemTrim, "ike gateway ") + confRead.ike[0]["gateway"] = strings.TrimPrefix(itemTrim, "ike gateway ") case strings.HasPrefix(itemTrim, "ike ipsec-policy "): - ikeOptions["policy"] = strings.TrimPrefix(itemTrim, "ike ipsec-policy ") + confRead.ike[0]["policy"] = strings.TrimPrefix(itemTrim, "ike ipsec-policy ") case strings.HasPrefix(itemTrim, "ike proxy-identity local "): - ikeOptions["identity_local"] = strings.TrimPrefix(itemTrim, "ike proxy-identity local ") + confRead.ike[0]["identity_local"] = strings.TrimPrefix(itemTrim, "ike proxy-identity local ") case strings.HasPrefix(itemTrim, "ike proxy-identity remote "): - ikeOptions["identity_remote"] = strings.TrimPrefix(itemTrim, "ike proxy-identity remote ") + confRead.ike[0]["identity_remote"] = strings.TrimPrefix(itemTrim, "ike proxy-identity remote ") case strings.HasPrefix(itemTrim, "ike proxy-identity service "): - ikeOptions["identity_service"] = strings.TrimPrefix(itemTrim, "ike proxy-identity service ") + confRead.ike[0]["identity_service"] = strings.TrimPrefix(itemTrim, "ike proxy-identity service ") } - // override (maxItem = 1) - confRead.ike = []map[string]interface{}{ikeOptions} case strings.HasPrefix(itemTrim, "traffic-selector "): tsSplit := strings.Split(strings.TrimPrefix(itemTrim, "traffic-selector "), " ") tsOptions := map[string]interface{}{ @@ -505,26 +498,21 @@ func readIpsecVpn(ipsecVpn string, m interface{}, jnprSess *NetconfObject) (ipse } confRead.trafficSelector = append(confRead.trafficSelector, tsOptions) case strings.HasPrefix(itemTrim, "vpn-monitor "): - monitorOptions := map[string]interface{}{ - "destination_ip": "", - "optimized": false, - "source_interface": "", - } - if len(confRead.vpnMonitor) > 0 { - for k, v := range confRead.vpnMonitor[0] { - monitorOptions[k] = v - } + if len(confRead.vpnMonitor) == 0 { + confRead.vpnMonitor = append(confRead.vpnMonitor, map[string]interface{}{ + "destination_ip": "", + "optimized": false, + "source_interface": "", + }) } switch { case strings.HasPrefix(itemTrim, "vpn-monitor destination-ip "): - monitorOptions["destination_ip"] = strings.TrimPrefix(itemTrim, "vpn-monitor destination-ip ") + confRead.vpnMonitor[0]["destination_ip"] = strings.TrimPrefix(itemTrim, "vpn-monitor destination-ip ") case itemTrim == "vpn-monitor optimized": - monitorOptions["optimized"] = true + confRead.vpnMonitor[0]["optimized"] = true case strings.HasPrefix(itemTrim, "vpn-monitor source-interface "): - monitorOptions["source_interface"] = strings.TrimPrefix(itemTrim, "vpn-monitor source-interface ") + confRead.vpnMonitor[0]["source_interface"] = strings.TrimPrefix(itemTrim, "vpn-monitor source-interface ") } - // override (maxItem = 1) - confRead.vpnMonitor = []map[string]interface{}{monitorOptions} } } } diff --git a/junos/resource_security_nat_destination.go b/junos/resource_security_nat_destination.go index 695c4d74..0b9fb9ca 100644 --- a/junos/resource_security_nat_destination.go +++ b/junos/resource_security_nat_destination.go @@ -335,26 +335,20 @@ func readSecurityNatDestination(natDestination string, itemTrim := strings.TrimPrefix(item, setLineStart) switch { case strings.HasPrefix(itemTrim, "from "): - fromOptions := map[string]interface{}{ - "type": "", - "value": []string{}, - } - if len(confRead.from) > 0 { - for k, v := range confRead.from[0] { - fromOptions[k] = v - } - } fromWords := strings.Split(strings.TrimPrefix(itemTrim, "from "), " ") - fromOptions["type"] = fromWords[0] - fromOptions["value"] = append(fromOptions["value"].([]string), fromWords[1]) - confRead.from = []map[string]interface{}{fromOptions} + if len(confRead.from) == 0 { + confRead.from = append(confRead.from, map[string]interface{}{ + "type": fromWords[0], + "value": make([]string, 0), + }) + } + confRead.from[0]["value"] = append(confRead.from[0]["value"].([]string), fromWords[1]) case strings.HasPrefix(itemTrim, "rule "): ruleConfig := strings.Split(strings.TrimPrefix(itemTrim, "rule "), " ") - ruleOptions := map[string]interface{}{ "name": ruleConfig[0], "destination_address": "", - thenWord: make([]map[string]interface{}, 0), + "then": make([]map[string]interface{}, 0), } ruleOptions, confRead.rule = copyAndRemoveItemMapList("name", false, ruleOptions, confRead.rule) switch { @@ -363,15 +357,13 @@ func readSecurityNatDestination(natDestination string, "rule "+ruleConfig[0]+" match destination-address ") case strings.HasPrefix(itemTrim, "rule "+ruleConfig[0]+" then destination-nat "): itemTrimThen := strings.TrimPrefix(itemTrim, "rule "+ruleConfig[0]+" then destination-nat ") - ruleThenOptions := map[string]interface{}{ - "type": "", - "pool": "", - } - if len(ruleOptions[thenWord].([]map[string]interface{})) > 0 { - for k, v := range ruleOptions[thenWord].([]map[string]interface{})[0] { - ruleThenOptions[k] = v - } + if len(ruleOptions["then"].([]map[string]interface{})) == 0 { + ruleOptions["then"] = append(ruleOptions["then"].([]map[string]interface{}), map[string]interface{}{ + "type": "", + "pool": "", + }) } + ruleThenOptions := ruleOptions["then"].([]map[string]interface{})[0] if strings.HasPrefix(itemTrimThen, "pool ") { thenSplit := strings.Split(itemTrimThen, " ") ruleThenOptions["type"] = thenSplit[0] @@ -379,7 +371,6 @@ func readSecurityNatDestination(natDestination string, } else { ruleThenOptions["type"] = itemTrimThen } - ruleOptions[thenWord] = []map[string]interface{}{ruleThenOptions} } confRead.rule = append(confRead.rule, ruleOptions) } diff --git a/junos/resource_security_nat_source.go b/junos/resource_security_nat_source.go index b62a6f34..0b64c876 100644 --- a/junos/resource_security_nat_source.go +++ b/junos/resource_security_nat_source.go @@ -400,55 +400,43 @@ func readSecurityNatSource(natSource string, m interface{}, jnprSess *NetconfObj itemTrim := strings.TrimPrefix(item, setLineStart) switch { case strings.HasPrefix(itemTrim, "from "): - fromOptions := map[string]interface{}{ - "type": "", - "value": []string{}, - } - if len(confRead.from) > 0 { - for k, v := range confRead.from[0] { - fromOptions[k] = v - } - } fromWords := strings.Split(strings.TrimPrefix(itemTrim, "from "), " ") - fromOptions["type"] = fromWords[0] - fromOptions["value"] = append(fromOptions["value"].([]string), fromWords[1]) - confRead.from = []map[string]interface{}{fromOptions} - case strings.HasPrefix(itemTrim, "to "): - toOptions := map[string]interface{}{ - "type": "", - "value": []string{}, - } - if len(confRead.to) > 0 { - for k, v := range confRead.to[0] { - toOptions[k] = v - } + if len(confRead.from) == 0 { + confRead.from = append(confRead.from, map[string]interface{}{ + "type": fromWords[0], + "value": make([]string, 0), + }) } + confRead.from[0]["value"] = append(confRead.from[0]["value"].([]string), fromWords[1]) + case strings.HasPrefix(itemTrim, "to "): toWords := strings.Split(strings.TrimPrefix(itemTrim, "to "), " ") - toOptions["type"] = toWords[0] - toOptions["value"] = append(toOptions["value"].([]string), toWords[1]) - confRead.to = []map[string]interface{}{toOptions} + if len(confRead.to) == 0 { + confRead.to = append(confRead.to, map[string]interface{}{ + "type": toWords[0], + "value": make([]string, 0), + }) + } + confRead.to[0]["value"] = append(confRead.to[0]["value"].([]string), toWords[1]) case strings.HasPrefix(itemTrim, "rule "): ruleConfig := strings.Split(strings.TrimPrefix(itemTrim, "rule "), " ") - ruleOptions := map[string]interface{}{ - "name": ruleConfig[0], - matchWord: make([]map[string]interface{}, 0), - thenWord: make([]map[string]interface{}, 0), + "name": ruleConfig[0], + "match": make([]map[string]interface{}, 0), + "then": make([]map[string]interface{}, 0), } ruleOptions, confRead.rule = copyAndRemoveItemMapList("name", false, ruleOptions, confRead.rule) switch { case strings.HasPrefix(itemTrim, "rule "+ruleConfig[0]+" match "): itemTrimMatch := strings.TrimPrefix(itemTrim, "rule "+ruleConfig[0]+" match ") - ruleMatchOptions := map[string]interface{}{ - "destination_address": []string{}, - "protocol": []string{}, - "source_address": []string{}, - } - if len(ruleOptions[matchWord].([]map[string]interface{})) > 0 { - for k, v := range ruleOptions[matchWord].([]map[string]interface{})[0] { - ruleMatchOptions[k] = v - } + if len(ruleOptions["match"].([]map[string]interface{})) == 0 { + ruleOptions["match"] = append(ruleOptions["match"].([]map[string]interface{}), + map[string]interface{}{ + "destination_address": make([]string, 0), + "protocol": make([]string, 0), + "source_address": make([]string, 0), + }) } + ruleMatchOptions := ruleOptions["match"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemTrimMatch, "destination-address "): ruleMatchOptions["destination_address"] = append(ruleMatchOptions["destination_address"].([]string), @@ -460,19 +448,16 @@ func readSecurityNatSource(natSource string, m interface{}, jnprSess *NetconfObj ruleMatchOptions["source_address"] = append(ruleMatchOptions["source_address"].([]string), strings.TrimPrefix(itemTrimMatch, "source-address ")) } - // override (maxItem = 1) - ruleOptions[matchWord] = []map[string]interface{}{ruleMatchOptions} case strings.HasPrefix(itemTrim, "rule "+ruleConfig[0]+" then source-nat "): itemTrimThen := strings.TrimPrefix(itemTrim, "rule "+ruleConfig[0]+" then source-nat ") - ruleThenOptions := map[string]interface{}{ - "type": "", - "pool": "", - } - if len(ruleOptions[thenWord].([]map[string]interface{})) > 0 { - for k, v := range ruleOptions[thenWord].([]map[string]interface{})[0] { - ruleThenOptions[k] = v - } + if len(ruleOptions["then"].([]map[string]interface{})) == 0 { + ruleOptions["then"] = append(ruleOptions["then"].([]map[string]interface{}), + map[string]interface{}{ + "type": "", + "pool": "", + }) } + ruleThenOptions := ruleOptions["then"].([]map[string]interface{})[0] if strings.HasPrefix(itemTrimThen, "pool ") { thenSplit := strings.Split(itemTrimThen, " ") ruleThenOptions["type"] = thenSplit[0] @@ -480,8 +465,6 @@ func readSecurityNatSource(natSource string, m interface{}, jnprSess *NetconfObj } else { ruleThenOptions["type"] = itemTrimThen } - // override (maxItem = 1) - ruleOptions[thenWord] = []map[string]interface{}{ruleThenOptions} } confRead.rule = append(confRead.rule, ruleOptions) } diff --git a/junos/resource_security_nat_static.go b/junos/resource_security_nat_static.go index 2fd6a7cf..3a22e351 100644 --- a/junos/resource_security_nat_static.go +++ b/junos/resource_security_nat_static.go @@ -347,26 +347,20 @@ func readSecurityNatStatic(natStatic string, m interface{}, jnprSess *NetconfObj itemTrim := strings.TrimPrefix(item, setLineStart) switch { case strings.HasPrefix(itemTrim, "from "): - fromOptions := map[string]interface{}{ - "type": "", - "value": []string{}, - } - if len(confRead.from) > 0 { - for k, v := range confRead.from[0] { - fromOptions[k] = v - } - } fromWords := strings.Split(strings.TrimPrefix(itemTrim, "from "), " ") - fromOptions["type"] = fromWords[0] - fromOptions["value"] = append(fromOptions["value"].([]string), fromWords[1]) - confRead.from = []map[string]interface{}{fromOptions} + if len(confRead.from) == 0 { + confRead.from = append(confRead.from, map[string]interface{}{ + "type": fromWords[0], + "value": make([]string, 0), + }) + } + confRead.from[0]["value"] = append(confRead.from[0]["value"].([]string), fromWords[1]) case strings.HasPrefix(itemTrim, "rule "): ruleConfig := strings.Split(strings.TrimPrefix(itemTrim, "rule "), " ") - ruleOptions := map[string]interface{}{ "name": ruleConfig[0], "destination_address": "", - thenWord: make([]map[string]interface{}, 0), + "then": make([]map[string]interface{}, 0), } ruleOptions, confRead.rule = copyAndRemoveItemMapList("name", false, ruleOptions, confRead.rule) switch { @@ -375,16 +369,15 @@ func readSecurityNatStatic(natStatic string, m interface{}, jnprSess *NetconfObj "rule "+ruleConfig[0]+" match destination-address ") case strings.HasPrefix(itemTrim, "rule "+ruleConfig[0]+" then static-nat "): itemThen := strings.TrimPrefix(itemTrim, "rule "+ruleConfig[0]+" then static-nat ") - ruleThenOptions := map[string]interface{}{ - "type": "", - prefixWord: "", - "routing_instance": "", - } - if len(ruleOptions[thenWord].([]map[string]interface{})) > 0 { - for k, v := range ruleOptions[thenWord].([]map[string]interface{})[0] { - ruleThenOptions[k] = v - } + if len(ruleOptions["then"].([]map[string]interface{})) == 0 { + ruleOptions["then"] = append(ruleOptions["then"].([]map[string]interface{}), + map[string]interface{}{ + "type": "", + "prefix": "", + "routing_instance": "", + }) } + ruleThenOptions := ruleOptions["then"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemThen, "prefix "): ruleThenOptions["type"] = prefixWord @@ -397,8 +390,6 @@ func readSecurityNatStatic(natStatic string, m interface{}, jnprSess *NetconfObj ruleThenOptions["type"] = inetWord ruleThenOptions["routing_instance"] = strings.TrimPrefix(itemThen, "inet routing-instance ") } - // override (maxItem = 1) - ruleOptions[thenWord] = []map[string]interface{}{ruleThenOptions} } confRead.rule = append(confRead.rule, ruleOptions) } diff --git a/junos/resource_security_policy.go b/junos/resource_security_policy.go index 35de08de..8d25a83b 100644 --- a/junos/resource_security_policy.go +++ b/junos/resource_security_policy.go @@ -508,8 +508,25 @@ func readSecurityPolicy(idPolicy string, m interface{}, jnprSess *NetconfObject) "then permit tunnel ipsec-vpn ") case strings.HasPrefix(itemTrimPolicy, "then permit application-services"): policy["then"] = permitWord - policy["permit_application_services"] = readPolicyPermitApplicationServices(itemTrimPolicy, - policy["permit_application_services"]) + if len(policy["permit_application_services"].([]map[string]interface{})) == 0 { + policy["permit_application_services"] = append( + policy["permit_application_services"].([]map[string]interface{}), + map[string]interface{}{ + "application_firewall_rule_set": "", + "application_traffic_control_rule_set": "", + "gprs_gtp_profile": "", + "gprs_sctp_profile": "", + "idp": false, + "redirect_wx": false, + "reverse_redirect_wx": false, + "security_intelligence_policy": "", + "ssl_proxy": make([]map[string]interface{}, 0, 1), + "uac_policy": make([]map[string]interface{}, 0, 1), + "utm_policy": "", + }) + } + readPolicyPermitApplicationServices(itemTrimPolicy, + policy["permit_application_services"].([]map[string]interface{})[0]) } } policyList = append(policyList, policy) @@ -559,26 +576,7 @@ func genMapPolicyWithName(name string) map[string]interface{} { } } -func readPolicyPermitApplicationServices(itemTrimPolicy string, - permitApplicationServices interface{}) []map[string]interface{} { - applicationServices := map[string]interface{}{ - "application_firewall_rule_set": "", - "application_traffic_control_rule_set": "", - "gprs_gtp_profile": "", - "gprs_sctp_profile": "", - "idp": false, - "redirect_wx": false, - "reverse_redirect_wx": false, - "security_intelligence_policy": "", - "ssl_proxy": make([]map[string]interface{}, 0, 1), - "uac_policy": make([]map[string]interface{}, 0, 1), - "utm_policy": "", - } - if len(permitApplicationServices.([]map[string]interface{})) > 0 { - for k, v := range permitApplicationServices.([]map[string]interface{})[0] { - applicationServices[k] = v - } - } +func readPolicyPermitApplicationServices(itemTrimPolicy string, applicationServices map[string]interface{}) { itemTrimPolicyPermitAppSvc := strings.TrimPrefix(itemTrimPolicy, "then permit application-services ") switch { case strings.HasPrefix(itemTrimPolicyPermitAppSvc, "application-firewall rule-set "): @@ -629,9 +627,6 @@ func readPolicyPermitApplicationServices(itemTrimPolicy string, case strings.HasPrefix(itemTrimPolicyPermitAppSvc, "utm-policy "): applicationServices["utm_policy"] = strings.Trim(strings.TrimPrefix(itemTrimPolicyPermitAppSvc, "utm-policy "), "\"") } - - // override (maxItem = 1) - return []map[string]interface{}{applicationServices} } func setPolicyPermitApplicationServices(setPrefixPolicy string, diff --git a/junos/resource_security_screen.go b/junos/resource_security_screen.go index 2e067b1d..0d8e2563 100644 --- a/junos/resource_security_screen.go +++ b/junos/resource_security_screen.go @@ -1410,17 +1410,18 @@ func readSecurityScreenIP(confRead *screenOptions, itemTrim string) error { "user_defined_header_type": make([]string, 0), }) } + ipIPv6ExtensionHeader := confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0] switch { case strings.HasPrefix(itemTrim, "ip ipv6-extension-header AH-header"): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["ah_header"] = true + ipIPv6ExtensionHeader["ah_header"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header ESP-header"): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["esp_header"] = true + ipIPv6ExtensionHeader["esp_header"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header HIP-header"): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hip_header"] = true + ipIPv6ExtensionHeader["hip_header"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header destination-header"): - if len(confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})) == 0 { // nolint: lll - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"] = append( - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{}), // nolint: lll + if len(ipIPv6ExtensionHeader["destination_header"].([]map[string]interface{})) == 0 { + ipIPv6ExtensionHeader["destination_header"] = append( + ipIPv6ExtensionHeader["destination_header"].([]map[string]interface{}), map[string]interface{}{ "ilnp_nonce_option": false, "home_address_option": false, @@ -1429,31 +1430,27 @@ func readSecurityScreenIP(confRead *screenOptions, itemTrim string) error { "user_defined_option_type": make([]string, 0), }) } + ipIPv6ExtensionHeaderDstHeader := ipIPv6ExtensionHeader["destination_header"].([]map[string]interface{})[0] switch { case itemTrim == "ip ipv6-extension-header destination-header ILNP-nonce-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["ilnp_nonce_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderDstHeader["ilnp_nonce_option"] = true case itemTrim == "ip ipv6-extension-header destination-header home-address-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["home_address_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderDstHeader["home_address_option"] = true case itemTrim == "ip ipv6-extension-header destination-header line-identification-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["line_identification_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderDstHeader["line_identification_option"] = true case itemTrim == "ip ipv6-extension-header destination-header tunnel-encapsulation-limit-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["tunnel_encapsulation_limit_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderDstHeader["tunnel_encapsulation_limit_option"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header destination-header user-defined-option-type "): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["user_defined_option_type"] = // nolint: lll - append( - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["destination_header"].([]map[string]interface{})[0]["user_defined_option_type"].([]string), // nolint: lll - strings.TrimPrefix(itemTrim, "ip ipv6-extension-header destination-header user-defined-option-type ")) + ipIPv6ExtensionHeaderDstHeader["user_defined_option_type"] = append( + ipIPv6ExtensionHeaderDstHeader["user_defined_option_type"].([]string), + strings.TrimPrefix(itemTrim, "ip ipv6-extension-header destination-header user-defined-option-type ")) } case strings.HasPrefix(itemTrim, "ip ipv6-extension-header fragment-header"): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["fragment_header"] = true + ipIPv6ExtensionHeader["fragment_header"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header hop-by-hop-header"): - if len(confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})) == 0 { // nolint: lll - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"] = append( - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{}), // nolint: lll + if len(ipIPv6ExtensionHeader["hop_by_hop_header"].([]map[string]interface{})) == 0 { + ipIPv6ExtensionHeader["hop_by_hop_header"] = append( + ipIPv6ExtensionHeader["hop_by_hop_header"].([]map[string]interface{}), map[string]interface{}{ "calipso_option": false, "rpl_option": false, @@ -1464,42 +1461,36 @@ func readSecurityScreenIP(confRead *screenOptions, itemTrim string) error { "user_defined_option_type": make([]string, 0), }) } + ipIPv6ExtensionHeaderHopByHopHeader := ipIPv6ExtensionHeader["hop_by_hop_header"].([]map[string]interface{})[0] switch { case itemTrim == "ip ipv6-extension-header hop-by-hop-header CALIPSO-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["calipso_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["calipso_option"] = true case itemTrim == "ip ipv6-extension-header hop-by-hop-header RPL-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["rpl_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["rpl_option"] = true case itemTrim == "ip ipv6-extension-header hop-by-hop-header SMF-DPD-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["smf_dpd_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["smf_dpd_option"] = true case itemTrim == "ip ipv6-extension-header hop-by-hop-header jumbo-payload-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["jumbo_payload_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["jumbo_payload_option"] = true case itemTrim == "ip ipv6-extension-header hop-by-hop-header quick-start-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["quick_start_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["quick_start_option"] = true case itemTrim == "ip ipv6-extension-header hop-by-hop-header router-alert-option": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["router_alert_option"] = // nolint: lll - true + ipIPv6ExtensionHeaderHopByHopHeader["router_alert_option"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header hop-by-hop-header user-defined-option-type "): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["user_defined_option_type"] = // nolint: lll - append( - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["hop_by_hop_header"].([]map[string]interface{})[0]["user_defined_option_type"].([]string), // nolint: lll - strings.TrimPrefix(itemTrim, "ip ipv6-extension-header hop-by-hop-header user-defined-option-type ")) + ipIPv6ExtensionHeaderHopByHopHeader["user_defined_option_type"] = append( + ipIPv6ExtensionHeaderHopByHopHeader["user_defined_option_type"].([]string), + strings.TrimPrefix(itemTrim, "ip ipv6-extension-header hop-by-hop-header user-defined-option-type ")) } case itemTrim == "ip ipv6-extension-header mobility-header": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["mobility_header"] = true + ipIPv6ExtensionHeader["mobility_header"] = true case itemTrim == "ip ipv6-extension-header no-next-header": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["no_next_header"] = true + ipIPv6ExtensionHeader["no_next_header"] = true case itemTrim == "ip ipv6-extension-header routing-header": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["routing_header"] = true + ipIPv6ExtensionHeader["routing_header"] = true case itemTrim == "ip ipv6-extension-header shim6-header": - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["shim6_header"] = true + ipIPv6ExtensionHeader["shim6_header"] = true case strings.HasPrefix(itemTrim, "ip ipv6-extension-header user-defined-header-type "): - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["user_defined_header_type"] = append( - confRead.ip[0]["ipv6_extension_header"].([]map[string]interface{})[0]["user_defined_header_type"].([]string), + ipIPv6ExtensionHeader["user_defined_header_type"] = append( + ipIPv6ExtensionHeader["user_defined_header_type"].([]string), strings.TrimPrefix(itemTrim, "ip ipv6-extension-header user-defined-header-type ")) } case strings.HasPrefix(itemTrim, "ip ipv6-extension-header-limit "): diff --git a/junos/resource_services.go b/junos/resource_services.go index 460aa2ef..ce3ed4f5 100644 --- a/junos/resource_services.go +++ b/junos/resource_services.go @@ -702,13 +702,12 @@ func readServicesApplicationIdentification(confRead *servicesOptions, itemTrimAp "security_services": false, }) } + applicationSystemCache := confRead.appIdent[0]["application_system_cache"].([]map[string]interface{})[0] switch { case itemTrim == "application-system-cache no-miscellaneous-services": - confRead.appIdent[0]["application_system_cache"].([]map[string]interface{})[0]["no_miscellaneous_services"] = // nolint: lll - true + applicationSystemCache["no_miscellaneous_services"] = true case itemTrim == "application-system-cache security-services": - confRead.appIdent[0]["application_system_cache"].([]map[string]interface{})[0]["security_services"] = - true + applicationSystemCache["security_services"] = true } case itemTrim == "no-application-system-cache": confRead.appIdent[0]["no_application_system_cache"] = true diff --git a/junos/resource_system_syslog_file.go b/junos/resource_system_syslog_file.go index 45a0a073..e2e7f99e 100644 --- a/junos/resource_system_syslog_file.go +++ b/junos/resource_system_syslog_file.go @@ -567,14 +567,14 @@ func readSystemSyslogFile(filename string, m interface{}, jnprSess *NetconfObjec confRead.matchStrings = append(confRead.matchStrings, strings.Trim(strings.TrimPrefix(itemTrim, "match-strings "), "\"")) case strings.HasPrefix(itemTrim, "structured-data"): - structuredData := map[string]interface{}{ - "brief": false, + if len(confRead.structuredData) == 0 { + confRead.structuredData = append(confRead.structuredData, map[string]interface{}{ + "brief": false, + }) } if itemTrim == "structured-data brief" { - structuredData["brief"] = true + confRead.structuredData[0]["brief"] = true } - // override (maxItem = 1) - confRead.structuredData = []map[string]interface{}{structuredData} case strings.HasPrefix(itemTrim, "any "): confRead.anySeverity = strings.TrimPrefix(itemTrim, "any ") case strings.HasPrefix(itemTrim, "authorization "): @@ -606,49 +606,49 @@ func readSystemSyslogFile(filename string, m interface{}, jnprSess *NetconfObjec case strings.HasPrefix(itemTrim, "user "): confRead.userSeverity = strings.TrimPrefix(itemTrim, "user ") case strings.HasPrefix(itemTrim, "archive"): - archiveM := map[string]interface{}{ - "sites": make([]map[string]interface{}, 0), - "binary_data": false, - "no_binary_data": false, - "world_readable": false, - "no_world_readable": false, - "files": 0, - "size": 0, - "transfer_interval": 0, - "start_time": "", - } - if len(confRead.archive) == 1 { - archiveM = confRead.archive[0] + if len(confRead.archive) == 0 { + confRead.archive = append(confRead.archive, map[string]interface{}{ + "sites": make([]map[string]interface{}, 0), + "binary_data": false, + "no_binary_data": false, + "world_readable": false, + "no_world_readable": false, + "files": 0, + "size": 0, + "transfer_interval": 0, + "start_time": "", + }) } switch { case itemTrim == "archive binary-data": - archiveM["binary_data"] = true + confRead.archive[0]["binary_data"] = true case itemTrim == "archive no-binary-data": - archiveM["no_binary_data"] = true + confRead.archive[0]["no_binary_data"] = true case itemTrim == "archive world-readable": - archiveM["world_readable"] = true + confRead.archive[0]["world_readable"] = true case itemTrim == "archive no-world-readable": - archiveM["no_world_readable"] = true + confRead.archive[0]["no_world_readable"] = true case strings.HasPrefix(itemTrim, "archive files "): var err error - archiveM["files"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "archive files ")) + confRead.archive[0]["files"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "archive files ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "archive size "): var err error - archiveM["size"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "archive size ")) + confRead.archive[0]["size"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "archive size ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "archive transfer-interval "): var err error - archiveM["transfer_interval"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "archive transfer-interval ")) + confRead.archive[0]["transfer_interval"], err = + strconv.Atoi(strings.TrimPrefix(itemTrim, "archive transfer-interval ")) if err != nil { return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } case strings.HasPrefix(itemTrim, "archive start-time "): - archiveM["start_time"] = strings.TrimPrefix(itemTrim, "archive start-time ") + confRead.archive[0]["start_time"] = strings.TrimPrefix(itemTrim, "archive start-time ") case strings.HasPrefix(itemTrim, "archive archive-sites "): itemTrimArchSitesSplit := strings.Split( strings.TrimPrefix(itemTrim, "archive archive-sites "), " ") @@ -658,8 +658,8 @@ func readSystemSyslogFile(filename string, m interface{}, jnprSess *NetconfObjec "password": "", "routing_instance": "", } - sitesOptions, archiveM["sites"] = copyAndRemoveItemMapList("url", false, sitesOptions, - archiveM["sites"].([]map[string]interface{})) + sitesOptions, confRead.archive[0]["sites"] = copyAndRemoveItemMapList("url", false, sitesOptions, + confRead.archive[0]["sites"].([]map[string]interface{})) switch { case strings.HasPrefix(itemTrimArchSites, "password "): var err error @@ -671,11 +671,8 @@ func readSystemSyslogFile(filename string, m interface{}, jnprSess *NetconfObjec case strings.HasPrefix(itemTrimArchSites, "routing-instance "): sitesOptions["routing_instance"] = strings.TrimPrefix(itemTrimArchSites, "routing-instance ") } - archiveM["sites"] = append(archiveM["sites"].([]map[string]interface{}), sitesOptions) + confRead.archive[0]["sites"] = append(confRead.archive[0]["sites"].([]map[string]interface{}), sitesOptions) } - - // override (maxItem = 1) - confRead.archive = []map[string]interface{}{archiveM} } } } diff --git a/junos/resource_system_syslog_host.go b/junos/resource_system_syslog_host.go index 0546adab..78cbfc7b 100644 --- a/junos/resource_system_syslog_host.go +++ b/junos/resource_system_syslog_host.go @@ -505,14 +505,14 @@ func readSystemSyslogHost(host string, m interface{}, jnprSess *NetconfObject) ( case strings.HasPrefix(itemTrim, "source-address "): confRead.sourceAddress = strings.TrimPrefix(itemTrim, "source-address ") case strings.HasPrefix(itemTrim, "structured-data"): - structuredData := map[string]interface{}{ - "brief": false, + if len(confRead.structuredData) == 0 { + confRead.structuredData = append(confRead.structuredData, map[string]interface{}{ + "brief": false, + }) } if itemTrim == "structured-data brief" { - structuredData["brief"] = true + confRead.structuredData[0]["brief"] = true } - // override (maxItem = 1) - confRead.structuredData = []map[string]interface{}{structuredData} case strings.HasPrefix(itemTrim, "any "): confRead.anySeverity = strings.TrimPrefix(itemTrim, "any ") case strings.HasPrefix(itemTrim, "authorization "): diff --git a/junos/resource_vlan.go b/junos/resource_vlan.go index 53a0cfe0..39371b96 100644 --- a/junos/resource_vlan.go +++ b/junos/resource_vlan.go @@ -461,20 +461,18 @@ func readVlan(vlan string, m interface{}, jnprSess *NetconfObject) (vlanOptions, case strings.HasPrefix(itemTrim, "vlan-id-list "): confRead.vlanIDList = append(confRead.vlanIDList, strings.TrimPrefix(itemTrim, "vlan-id-list ")) case strings.HasPrefix(itemTrim, "vxlan "): - vxlan := map[string]interface{}{ - "vni": -1, - "vni_extend_evpn": false, - "encapsulate_inner_vlan": false, - "ingress_node_replication": false, - "multicast_group": "", - "ovsdb_managed": false, - "unreachable_vtep_aging_timer": 0, - } - if len(confRead.vxlan) > 0 { - for k, v := range confRead.vxlan[0] { - vxlan[k] = v - } + if len(confRead.vxlan) == 0 { + confRead.vxlan = append(confRead.vxlan, map[string]interface{}{ + "vni": -1, + "vni_extend_evpn": false, + "encapsulate_inner_vlan": false, + "ingress_node_replication": false, + "multicast_group": "", + "ovsdb_managed": false, + "unreachable_vtep_aging_timer": 0, + }) } + vxlan := confRead.vxlan[0] switch { case strings.HasPrefix(itemTrim, "vxlan vni "): vxlan["vni"], err = strconv.Atoi(strings.TrimPrefix(itemTrim, "vxlan vni ")) @@ -516,7 +514,6 @@ func readVlan(vlan string, m interface{}, jnprSess *NetconfObject) (vlanOptions, return confRead, fmt.Errorf("failed to convert value from '%s' to integer : %w", itemTrim, err) } } - confRead.vxlan = []map[string]interface{}{vxlan} } } }