New Template: cisco_ios_show_crypto_session_details (#947)

ntc_templates/templates/cisco_ios_show_crypto_session_detail.textfsm

@@ -0,0 +1,46 @@
+Value Required INTERFACE (\S+)
+Value Required SESSION_STATUS (\S+)
+Value UPTIME (\S+)
+Value Required PEER (\S+)
+Value PORT (\d+)
+Value FVRF (\S+)
+Value IVRF (\S+)
+Value DESC (\S+)
+Value PHASE1_ID (\S+)
+Value SESSION_ID (\d+)
+Value LOCAL_IP (\S+)
+Value LOCAL_PORT (\d+)
+Value REMOTE_IP (\S+)
+Value REMOTE_PORT (\S+)
+Value IKEV1_STATUS (\S+)
+Value CAPABILITIES (\S+)
+Value CONN_ID (\d+)
+Value LIFETIME (\S+)
+Value PERMIT (\S+)
+Value SRC_HOST (\S+)
+Value DST_HOST (\S+)
+Value ACTIVE_SA (\d+)
+Value ORIGIN (.+)
+
+Start
+ ^Crypto\s+.*
+ ^Code:
+ ^K\s+-
+ ^X\s+-
+ ^R\s+-
+ ^Interface: -> Continue.Record
+ ^Interface:\s+${INTERFACE}
+ ^Session\s+status:\s+${SESSION_STATUS}
+ ^Uptime:\s+${UPTIME}
+ ^Peer:\s+${PEER}\s+port\s+${PORT}\s+fvrf:\s+${FVRF}\s+ivrf:\s+${IVRF}
+ ^\s+Desc:\s+${DESC}
+ ^\s+Phase1_id:\s+${PHASE1_ID}
+ ^\s+Session\s+ID:\s+${SESSION_ID}
+ ^\s+IKEv1\s+SA:\s+local\s+${LOCAL_IP}/${LOCAL_PORT}\s+remote\s+${REMOTE_IP}/${REMOTE_PORT}\s+${IKEV1_STATUS}
+ ^\s+Capabilities:${CAPABILITIES}\s+connid:${CONN_ID}\s+lifetime:${LIFETIME}
+ ^\s+IPSEC\s+FLOW:\s+permit\s+${PERMIT}\s+host\s+${SRC_HOST}\s+host\s+${DST_HOST}
+ ^\s+Active\s+SAs:\s+${ACTIVE_SA},\s+origin:\s+${ORIGIN}
+ ^\s+Inbound:\s+#.*
+ ^\s+Outbound:\s+#.*
+ ^\s*$$
+ ^. -> Error

ntc_templates/templates/index

@@ -186,6 +186,7 @@ cisco_ios_show_processes_memory_sorted.textfsm, .*, cisco_ios, sh[[ow]] pro[[ces
 cisco_ios_show_interfaces_description.textfsm, .*, cisco_ios, sh[[ow]] int[[erfaces]] des[[cription]]
 cisco_ios_show_ip_device_tracking_all.textfsm, .*, cisco_ios, sh[[ow]] ip de[[vice]] t[[racking]] a[[ll]]
 cisco_ios_show_bfd_neighbors_details.textfsm, .*, cisco_ios, sh[[ow]] bf[[d]] n[[eighbors]] (?:(?:ipv\d+|client \S+) )?de[[tails]]
+cisco_ios_show_crypto_session_detail.textfsm, .*, cisco_ios, sh[[ow]] cr[[ypto]] se[[ssion]] d[[etail]]
 cisco_ios_show_environment_power_all.textfsm, .*, cisco_ios, sh[[ow]] envi[[ronment]] p[[ower]] a[[ll]]
 cisco_ios_show_interface_transceiver.textfsm, .*, cisco_ios, sh[[ow]] int[[erface]] trans[[ceiver]]
 cisco_ios_show_interfaces_switchport.textfsm, .*, cisco_ios, sh[[ow]] int[[erfaces]] sw[[itchport]]

tests/cisco_ios/show_crypto_session_detail/cisco_ios_show_crypto_session_detail.raw

@@ -0,0 +1,52 @@
+Crypto session current status
+
+Code: C - IKE Configuration mode, D - Dead Peer Detection    
+K - Keepalives, N - NAT-traversal, T - cTCP encapsulation    
+X - IKE Extended Authentication, F - IKE Fragmentation
+R - IKE Auto Reconnect
+
+Interface: Tunnel1201
+Session status: DOWN-NEGOTIATING
+Peer: 10.161.255.14 port 500 fvrf: (none) ivrf: (none)
+      Desc: (none)
+      Phase1_id: (none)
+  Session ID: 0 
+  IKEv1 SA: local 10.175.200.116/500 remote 10.161.255.14/500 Inactive
+          Capabilities:(none) connid:0 lifetime:0
+  Session ID: 0 
+  IKEv1 SA: local 10.175.200.116/500 remote 10.161.255.14/500 Inactive
+          Capabilities:(none) connid:0 lifetime:0
+  IPSEC FLOW: permit 47 host 10.175.200.116 host 10.161.255.14
+        Active SAs: 0, origin: crypto map
+        Inbound:  #pkts dec'ed 0 drop 0 life (KB/Sec) 0/0
+        Outbound: #pkts enc'ed 0 drop 0 life (KB/Sec) 0/0
+
+Interface: Tunnel1101
+Uptime: 7w0d
+Session status: UP-ACTIVE    
+Peer: 192.168.0.1 port 4500 fvrf: (none) ivrf: (none)
+      Phase1_id: SOME_DEVICE1234.1pc.com
+      Desc: (none)
+  Session ID: 0 
+  IKEv1 SA: local 169.0.1.1/4500 remote 192.168.0.1/4500 Active
+          Capabilities:DN connid:2913 lifetime:09:03:41
+  IPSEC FLOW: permit 47 host 169.0.1.1 host 192.168.0.1
+        Active SAs: 2, origin: crypto map
+        Inbound:  #pkts dec'ed 15344097 drop 0 life (KB/Sec) 4236992/615
+        Outbound: #pkts enc'ed 18074395 drop 0 life (KB/Sec) 4236962/615
+
+Interface: Tunnel2201
+Session status: DOWN-NEGOTIATING
+Peer: 10.163.255.14 port 500 fvrf: (none) ivrf: (none)
+      Desc: (none)
+      Phase1_id: (none)
+  Session ID: 0 
+  IKEv1 SA: local 10.175.200.116/500 remote 10.163.255.14/500 Inactive
+          Capabilities:(none) connid:0 lifetime:0
+  Session ID: 0 
+  IKEv1 SA: local 10.175.200.116/500 remote 10.163.255.14/500 Inactive
+          Capabilities:(none) connid:0 lifetime:0
+  IPSEC FLOW: permit 47 host 10.175.200.116 host 10.163.255.14
+        Active SAs: 0, origin: crypto map
+        Inbound:  #pkts dec'ed 0 drop 0 life (KB/Sec) 0/0
+        Outbound: #pkts enc'ed 0 drop 0 life (KB/Sec) 0/0

tests/cisco_ios/show_crypto_session_detail/cisco_ios_show_crypto_session_detail.yml

@@ -0,0 +1,71 @@
+---
+parsed_sample:
+  - interface: "Tunnel1201"
+    session_status: "DOWN-NEGOTIATING"
+    uptime: ""
+    peer: "10.161.255.14"
+    port: "500"
+    fvrf: "(none)"
+    ivrf: "(none)"
+    desc: "(none)"
+    phase1_id: "(none)"
+    session_id: "0"
+    local_ip: "10.175.200.116"
+    local_port: "500"
+    remote_ip: "10.161.255.14"
+    remote_port: "500"
+    ikev1_status: "Inactive"
+    capabilities: "(none)"
+    conn_id: "0"
+    lifetime: "0"
+    permit: "47"
+    src_host: "10.175.200.116"
+    dst_host: "10.161.255.14"
+    active_sa: "0"
+    origin: "crypto map"
+  - interface: "Tunnel1101"
+    session_status: "UP-ACTIVE"
+    uptime: "7w0d"
+    peer: "192.168.0.1"
+    port: "4500"
+    fvrf: "(none)"
+    ivrf: "(none)"
+    desc: "(none)"
+    phase1_id: "SOME_DEVICE1234.1pc.com"
+    session_id: "0"
+    local_ip: "169.0.1.1"
+    local_port: "4500"
+    remote_ip: "192.168.0.1"
+    remote_port: "4500"
+    ikev1_status: "Active"
+    capabilities: "DN"
+    conn_id: "2913"
+    lifetime: "09:03:41"
+    permit: "47"
+    src_host: "169.0.1.1"
+    dst_host: "192.168.0.1"
+    active_sa: "2"
+    origin: "crypto map"
+  - interface: "Tunnel2201"
+    session_status: "DOWN-NEGOTIATING"
+    uptime: ""
+    peer: "10.163.255.14"
+    port: "500"
+    fvrf: "(none)"
+    ivrf: "(none)"
+    desc: "(none)"
+    phase1_id: "(none)"
+    session_id: "0"
+    local_ip: "10.175.200.116"
+    local_port: "500"
+    remote_ip: "10.163.255.14"
+    remote_port: "500"
+    ikev1_status: "Inactive"
+    capabilities: "(none)"
+    conn_id: "0"
+    lifetime: "0"
+    permit: "47"
+    src_host: "10.175.200.116"
+    dst_host: "10.163.255.14"
+    active_sa: "0"
+    origin: "crypto map"