From 5c1b8ecd106a6165bb05c45c43a495829f7fd0f4 Mon Sep 17 00:00:00 2001 From: ProtonBruno <105855897+ProtonBruno@users.noreply.github.com> Date: Wed, 30 Nov 2022 16:09:37 +0100 Subject: [PATCH 1/5] add ethernet switching support --- capirca/lib/juniper.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/capirca/lib/juniper.py b/capirca/lib/juniper.py index 8bc66670..0301f971 100644 --- a/capirca/lib/juniper.py +++ b/capirca/lib/juniper.py @@ -170,6 +170,12 @@ class Term(aclgenerator.Term): 'protocol': 'ip-protocol', 'protocol-except': 'ip-protocol-except', 'tcp-est': 'tcp-flags "(ack|rst)"'} + 'ethernet-switching': {'addr': 'ip-address', + 'saddr': 'ip-source-address', + 'daddr': 'ip-destination-address', + 'protocol': 'ip-protocol', + 'protocol-except': 'ip-protocol-except', + 'tcp-est': 'tcp-established'} } def __init__(self, term, term_type, enable_dsmo, noverbose, filter_direction=None, interface_type=None): From 08038712bc55f697023350252b322a73c6be7644 Mon Sep 17 00:00:00 2001 From: ProtonBruno <105855897+ProtonBruno@users.noreply.github.com> Date: Wed, 30 Nov 2022 16:14:36 +0100 Subject: [PATCH 2/5] add no syn+ack option --- capirca/lib/juniper.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/capirca/lib/juniper.py b/capirca/lib/juniper.py index 0301f971..4cf6a7f0 100644 --- a/capirca/lib/juniper.py +++ b/capirca/lib/juniper.py @@ -284,7 +284,8 @@ def __str__(self): from_str.append('tcp-initial;') elif opt.startswith('first-fragment'): from_str.append('first-fragment;') - + elif opt.startswith('no-syn-ack'): + from_str.append('tcp-flags "!(syn&ack)";') # we don't have a special way of dealing with this, so we output it and # hope the user knows what they're doing. else: From 5d636947750009244c3306a41edaa488e840524a Mon Sep 17 00:00:00 2001 From: ProtonBruno <105855897+ProtonBruno@users.noreply.github.com> Date: Wed, 30 Nov 2022 18:53:41 +0100 Subject: [PATCH 3/5] fix dict typo --- capirca/lib/juniper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/capirca/lib/juniper.py b/capirca/lib/juniper.py index 4cf6a7f0..9702a6cb 100644 --- a/capirca/lib/juniper.py +++ b/capirca/lib/juniper.py @@ -169,7 +169,7 @@ class Term(aclgenerator.Term): 'daddr': 'ip-destination-address', 'protocol': 'ip-protocol', 'protocol-except': 'ip-protocol-except', - 'tcp-est': 'tcp-flags "(ack|rst)"'} + 'tcp-est': 'tcp-flags "(ack|rst)"'}, 'ethernet-switching': {'addr': 'ip-address', 'saddr': 'ip-source-address', 'daddr': 'ip-destination-address', From df24b1e177c81d67df7e735586320dbfb68e05e8 Mon Sep 17 00:00:00 2001 From: ProtonBruno <105855897+ProtonBruno@users.noreply.github.com> Date: Thu, 1 Dec 2022 13:58:09 +0100 Subject: [PATCH 4/5] add ethernet-switching as supported --- capirca/lib/juniper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/capirca/lib/juniper.py b/capirca/lib/juniper.py index 9702a6cb..d79569e4 100644 --- a/capirca/lib/juniper.py +++ b/capirca/lib/juniper.py @@ -902,7 +902,7 @@ class Juniper(aclgenerator.ACLGenerator): _PLATFORM = 'juniper' _DEFAULT_PROTOCOL = 'ip' - _SUPPORTED_AF = frozenset(('inet', 'inet6', 'bridge', 'mixed')) + _SUPPORTED_AF = frozenset(('inet', 'inet6', 'bridge', 'ethernet-switching', 'mixed')) _TERM = Term SUFFIX = '.jcl' From 30fd9a065f549df889b73adeeea60efabfbb84ba Mon Sep 17 00:00:00 2001 From: ProtonBruno <105855897+ProtonBruno@users.noreply.github.com> Date: Fri, 2 Dec 2022 14:53:27 +0100 Subject: [PATCH 5/5] add ethernet-switching support --- capirca/lib/aclgenerator.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/capirca/lib/aclgenerator.py b/capirca/lib/aclgenerator.py index 8366fd7c..75474081 100644 --- a/capirca/lib/aclgenerator.py +++ b/capirca/lib/aclgenerator.py @@ -99,7 +99,8 @@ class Term: } AF_MAP = {'inet': 4, 'inet6': 6, - 'bridge': 4 # if this doesn't exist, output includes v4 & v6 + 'bridge': 4, # if this doesn't exist, output includes v4 & v6 + 'ethernet-switching': 4 } # These protos are always expressed as numbers instead of name # due to inconsistencies on the end platform's name-to-number