Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding support for Cisco ASA banner when nested underneath a parent config #590

Closed
wants to merge 2 commits into from
Closed

Adding support for Cisco ASA banner when nested underneath a parent config #590

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b70e8e5
Banner for Cisco ASA could be a child config, and would start with a …
carlitos75 Oct 29, 2024
33413ae
Adding basic test, checking if config line is a banner or not
carlitos75 Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions netutils/config/parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ class BaseSpaceConfigParser(BaseConfigParser):
# pylint: disable=abstract-method

comment_chars = ["!"]
banner_start = ["banner", "vacant-message"]
banner_start = ["banner", "vacant-message", " banner", " banner"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand this, why are we adding banner_start multiple times?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The first one has has 1 white space and the second one has two.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would not think this is how we want to do this then. I would think we would understand the parent / child relationship would be how we determine it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Check in with @jmcgill298

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Understood, thank you

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ya, that banner is a child of the group-policy, so it should be captured there. I guess for this case the banner is not multiline?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The banner is a bit odd. It seems that each line of the banner begins with "banner value". Yes, it is a child config of group-policy


def __init__(self, config: str):
"""Create ConfigParser Object.
Expand Down Expand Up @@ -522,7 +522,7 @@ def _build_multiline_config(self, delimiter: str) -> t.Optional[ConfigLine]:
class CiscoConfigParser(BaseSpaceConfigParser):
"""Cisco Implementation of ConfigParser Class."""

regex_banner = re.compile(r"^(banner\s+\S+|\s*vacant-message)\s+(?P<banner_delimiter>\^C|.)")
regex_banner = re.compile(r"^(banner\s+\S+|\s*vacant-message|\s*banner)\s+(?P<banner_delimiter>\^C|.)")

def __init__(self, config: str):
"""Create ConfigParser Object.
Expand Down
3 changes: 3 additions & 0 deletions tests/unit/mock/config/parser/base/cisco_asa/asa_nested_banner.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
group-policy PolicyName attribute
banner value If you are not authorized to use this system, disconnect now
banner value This system may be monitored or recorded
28 changes: 28 additions & 0 deletions tests/unit/test_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

import glob
import os
import re
from pathlib import Path

import pytest
from netutils.config import compliance
Expand Down Expand Up @@ -79,3 +81,29 @@ def test_duplicate_line():
)
with pytest.raises(IndexError, match=r".*This error is likely from a duplicate line detected.*"):
compliance.parser_map["cisco_ios"](logging).config_lines # pylint: disable=expression-not-assigned


def test_cisco_nested_banner():
"""Test Cisco ASA config parser with nested banner."""
current_dir = Path(__file__).parent
path_to_mock = "mock/config/parser/base/cisco_asa/"
mock_file_name = "asa_nested_banner.txt"
mock_file_full_path = Path.joinpath(current_dir, path_to_mock, mock_file_name)

with open(file=mock_file_full_path, mode="r", encoding="utf-8") as mock_file:
mock_content = mock_file.read()

asa_parser = compliance.parser_map["cisco_asa"](mock_content)
banner_lines = []
non_banner_lines = []
for line in mock_content.splitlines():
if re.match(pattern=r"^\s*banner", string=line):
banner_lines.append(line)
else:
non_banner_lines.append(line)

for line in banner_lines:
assert asa_parser.is_banner_start(line=line) is True

for line in non_banner_lines:
assert asa_parser.is_banner_start(line=line) is False
Loading