From 5b3e820e2307dcb9d4a0d8159e92a108e9a5f153 Mon Sep 17 00:00:00 2001 From: mitchell-foxworth <71849794+mitchell-foxworth@users.noreply.github.com> Date: Mon, 30 Aug 2021 18:14:26 -0400 Subject: [PATCH] Bugfix: cisco_ios_show_ip_access-lists - Account for single match (#973) --- .../cisco_ios_show_ip_access-lists.textfsm | 2 +- .../cisco_ios_show_ip_access-lists_969.raw | 3 +- .../cisco_ios_show_ip_access-lists_969.yml | 31 ++++++++++++++++++- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/ntc_templates/templates/cisco_ios_show_ip_access-lists.textfsm b/ntc_templates/templates/cisco_ios_show_ip_access-lists.textfsm index bcba1152ea..b36c1738e5 100644 --- a/ntc_templates/templates/cisco_ios_show_ip_access-lists.textfsm +++ b/ntc_templates/templates/cisco_ios_show_ip_access-lists.textfsm @@ -32,7 +32,7 @@ Start ^(Standard|Extended) -> Continue.Clearall ^${ACL_TYPE}\s+IP\s+access\s+list\s+${ACL_NAME}\s* -> Record ^\s+${LINE_NUM}\s+${ACTION}\s+${PROTOCOL}\s+(host\s+${SRC_HOST}|${SRC_ANY}|${SRC_NETWORK}\s+${SRC_WILDCARD})(\s+${SRC_PORT_MATCH}\s+|)(${SRC_PORT_RANGE_START}\s+${SRC_PORT_RANGE_END}|${SRC_PORT}|)\s+(host\s+${DST_HOST}|${DST_ANY}|${DST_NETWORK}\s+${DST_WILDCARD})(\s+${DST_PORT_MATCH}\s+(${DST_PORT_RANGE_START}\s+${DST_PORT_RANGE_END}|${DST_PORT}|)|\s+(${FLAGS_MATCH}\s+|)${TCP_FLAG}|)(\s+${ICMP_TYPE}|)(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)(?:\s+\(${MATCHES}\s+\S+\)|)(\s+\(tag\s+=\s+${LOG_TAG}\)|)\s*$$ -> Record - ^\s+${LINE_NUM}\s+${ACTION}\s+(${SRC_NETWORK},\s+wildcard\s+bits\s+${SRC_WILDCARD}|${SRC_HOST}|${SRC_ANY})(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)(?:\s+\(${MATCHES}\s+matches\)|)(\s+\(tag\s+=\s+${LOG_TAG}\)|)\s*$$ -> Record + ^\s+${LINE_NUM}\s+${ACTION}\s+(${SRC_NETWORK},\s+wildcard\s+bits\s+${SRC_WILDCARD}|${SRC_HOST}|${SRC_ANY})(\s+${LOG}|)(\s+time-range\s+${TIME}\s+\(${STATE}\)|)(?:\s+\(${MATCHES}\s+\S+\)|)(\s+\(tag\s+=\s+${LOG_TAG}\)|)\s*$$ -> Record ^\s*$$ # Capture time-stamp if vty line has command time-stamping turned on ^Load\s+for\s+ diff --git a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.raw b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.raw index e602f780bd..abcd38f349 100644 --- a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.raw +++ b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.raw @@ -4,6 +4,7 @@ Standard IP access list 99 30 permit 10.0.10.0, wildcard bits 0.255.0.255 (20 matches) Standard IP access list stdacl 10 permit 10.1.1.1 + 20 deny 10.1.1.2 (1 match) Extended IP access list test Extended IP access list 101 10 permit tcp any host 10.1.1.1 eq www @@ -60,7 +61,7 @@ Extended IP access list sample 380 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.144 eq 4320 390 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4000 400 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4010 - 410 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4020 + 410 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4020 (1 match) 420 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4300 430 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4310 440 permit tcp 10.10.37.24 0.0.0.7 host 10.10.6.146 eq 4320 diff --git a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.yml b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.yml index 970250a2a4..06b84da3e1 100644 --- a/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.yml +++ b/tests/cisco_ios/show_ip_access-lists/cisco_ios_show_ip_access-lists_969.yml @@ -174,6 +174,35 @@ parsed_sample: time: "" state: "" matches: "" + - acl_type: "Standard" + acl_name: "stdacl" + line_num: "20" + action: "deny" + protocol: "" + src_host: "10.1.1.2" + src_any: "" + src_network: "" + src_wildcard: "" + src_port_match: "" + src_port: "" + src_port_range_start: "" + src_port_range_end: "" + dst_host: "" + dst_any: "" + dst_network: "" + dst_wildcard: "" + dst_port_match: "" + dst_port: "" + dst_port_range_start: "" + dst_port_range_end: "" + flags_match: "" + tcp_flag: "" + log: "" + log_tag: "" + icmp_type: "" + time: "" + state: "" + matches: "1" - acl_type: "Extended" acl_name: "test" line_num: "" @@ -1826,7 +1855,7 @@ parsed_sample: icmp_type: "" time: "" state: "" - matches: "" + matches: "1" - acl_type: "Extended" acl_name: "sample" line_num: "420"