Add HP Comware config parser

networktocode · Feb 26, 2024 · 9481cad · 9481cad
1 parent e835dc3
commit 9481cad
Show file tree

Hide file tree

Showing 12 changed files with 299 additions and 0 deletions.
diff --git a/docs/dev/include_parser_list.md b/docs/dev/include_parser_list.md
@@ -11,6 +11,7 @@
 | citrix_netscaler | netutils.config.parser.NetscalerConfigParser |
 | extreme_netiron | netutils.config.parser.NetironConfigParser |
 | fortinet_fortios | netutils.config.parser.FortinetConfigParser |
+| hp_comware | netutils.config.parser.HPComwareConfigParser |
 | juniper_junos | netutils.config.parser.JunosConfigParser |
 | linux | netutils.config.parser.LINUXConfigParser |
 | mikrotik_routeros | netutils.config.parser.RouterOSConfigParser |

diff --git a/docs/user/lib_mapper/netutilsparser.md b/docs/user/lib_mapper/netutilsparser.md
@@ -11,6 +11,7 @@
 | citrix_netscaler | → | citrix_netscaler |
 | extreme_netiron | → | extreme_netiron |
 | fortinet_fortios | → | fortinet_fortios |
+| hp_comware | → | hp_comware |
 | juniper_junos | → | juniper_junos |
 | linux | → | linux |
 | mikrotik_routeros | → | mikrotik_routeros |

diff --git a/docs/user/lib_mapper/netutilsparser_reverse.md b/docs/user/lib_mapper/netutilsparser_reverse.md
@@ -11,6 +11,7 @@
 | citrix_netscaler | → | citrix_netscaler |
 | extreme_netiron | → | extreme_netiron |
 | fortinet_fortios | → | fortinet_fortios |
+| hp_comware | → | hp_comware |
 | juniper_junos | → | juniper_junos |
 | linux | → | linux |
 | mikrotik_routeros | → | mikrotik_routeros |

diff --git a/netutils/config/compliance.py b/netutils/config/compliance.py
@@ -18,6 +18,7 @@
     "citrix_netscaler": parser.NetscalerConfigParser,
     "extreme_netiron": parser.NetironConfigParser,
     "fortinet_fortios": parser.FortinetConfigParser,
+    "hp_comware": parser.HPComwareConfigParser,
     "juniper_junos": parser.JunosConfigParser,
     "linux": parser.LINUXConfigParser,
     "mikrotik_routeros": parser.RouterOSConfigParser,

diff --git a/netutils/config/parser.py b/netutils/config/parser.py
@@ -1612,3 +1612,55 @@ def config_lines_only(self) -> str:
                 config_lines.append(line)
 
         return "\n".join(config_lines)
+
+
+class HPComwareConfigParser(BaseSpaceConfigParser):
+    """HP Comware config parser."""
+
+    banner_start: t.List[str] = ["header motd"]
+    banner_end = "==#"
+    comment_chars: t.List[str] = ["#"]
+
+    def hp_banner_end(self, line: str) -> bool:
+        """
+        Checks if the given line contains the HP banner end string.
+
+        Args:
+            line (str): The line to check.
+
+        Returns:
+            bool: True if the line contains the HP banner end string, False otherwise.
+        """
+        if line.strip().find(self.banner_end) != -1:
+            return True
+        return False
+
+    def _build_banner(self, config_line: str) -> t.Optional[str]:
+        """
+        Builds a banner configuration based on the provided config_line.
+
+        Args:
+            config_line (str): The configuration line to build the banner from.
+
+        Returns:
+            str or None: The generated banner configuration, or None if the generator is exhausted.
+
+        Raises:
+            ValueError: If unable to parse the banner end.
+        """
+        self._update_config_lines(config_line)
+        self._current_parents += (config_line,)
+        banner_config = []
+        for line in self.generator_config:
+            if not self.hp_banner_end(line):
+                banner_config.append(line)
+            else:
+                banner_config.append(line)
+                line = "\n".join(banner_config)
+                self._update_config_lines(line)
+                self._current_parents = self._current_parents[:-1]
+                try:
+                    return next(self.generator_config)
+                except StopIteration:
+                    return None
+        raise ValueError("Unable to parse banner end.")
diff --git a/netutils/lib_mapper.py b/netutils/lib_mapper.py
@@ -370,6 +370,7 @@
     "citrix_netscaler": "citrix_netscaler",
     "extreme_netiron": "extreme_netiron",
     "fortinet_fortios": "fortinet_fortios",
+    "hp_comware": "hp_comware",
     "juniper_junos": "juniper_junos",
     "linux": "linux",
     "mikrotik_routeros": "mikrotik_routeros",
@@ -517,6 +518,7 @@
     "citrix_netscaler": "citrix_netscaler",
     "extreme_netiron": "extreme_netiron",
     "fortinet_fortios": "fortinet_fortios",
+    "hp_comware": "hp_comware",
     "juniper_junos": "juniper_junos",
     "linux": "linux",
     "mikrotik_routeros": "mikrotik_routeros",

diff --git a/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_backup.txt b/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_backup.txt
@@ -0,0 +1,48 @@
+sysname HP-JKT-01
+#
+dhcp enable
+dhcp server forbidden-ip 10.10.10.1 10.10.10.100
+dhcp server always-broadcast
+#
+dhcp server ip-pool CKP
+ gateway-list 10.10.10.1
+ domain-name intra.data.co.id
+ expired day 30
+ netbios-type b-node
+#
+bgp 65330
+ router-id 10.10.10.254
+ graceful-restart
+ graceful-restart timer restart 120
+ graceful-restart timer wait-for-rib 360
+ peer 10.20.240.1 description ***Point to Point Connection**
+ peer 10.20.240.1 ebgp-max-hop 10
+ peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==
+  address-family ipv4 unicast
+  balance 4
+  peer 10.30.240.1 enable
+  peer 10.30.240.1 route-policy P2P-FirstTry import
+  peer 10.30.240.1 route-policy P2P-FirstTry export
+#
+snmp-agent
+snmp-agent local-engineid 8000XXX123456789AB503C00000001
+snmp-agent community read RO
+snmp-agent community read read
+snmp-agent community read ro
+#
+acl advanced name HPE
+ rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0
+ rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0
+ rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0
+#
+header motd #
+===================================================
+
+!!! WARNING !!!
+system monitoring for law enforcement and other
+purpose. Unauthorized use of this machine may
+subject you to criminal prosecution and penalties
+
+==================================================#
+#
+return
diff --git a/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_feature.py b/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_feature.py
@@ -0,0 +1,7 @@
+features = [
+    {"name": "bgp", "ordered": True, "section": ["bgp "]},
+    {"name": "snmp-agent", "ordered": True, "section": ["snmp-server "]},
+    {"name": "dhcp", "ordered": False, "section": ["dhcp "]},
+    {"name": "header", "ordered": True, "section": ["header "]},
+    {"name": "acl", "ordered": True, "section": ["acl "]},
+]
diff --git a/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_intended.txt b/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_intended.txt
@@ -0,0 +1,48 @@
+sysname HP-JKT-01
+#
+dhcp enable
+dhcp server forbidden-ip 10.10.10.1 10.10.10.100
+dhcp server always-broadcast
+#
+dhcp server ip-pool CKP
+ gateway-list 10.10.10.1
+ domain-name intra.data.co.id
+ expired day 30
+ netbios-type b-node
+#
+bgp 65330
+ router-id 10.10.10.254
+ graceful-restart
+ graceful-restart timer restart 120
+ graceful-restart timer wait-for-rib 360
+ peer 10.20.240.1 description ***Point to Point Connection**
+ peer 10.20.240.1 ebgp-max-hop 10
+ peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==
+  address-family ipv4 unicast
+  balance 4
+  peer 10.30.240.1 enable
+  peer 10.30.240.1 route-policy P2P-FirstTry import
+  peer 10.30.240.1 route-policy P2P-FirstTry export
+#
+snmp-agent
+snmp-agent local-engineid 8000XXX123456789AB503C00000001
+snmp-agent community read RO
+snmp-agent community read read
+snmp-agent community read ro
+#
+acl advanced name HPE
+ rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0
+ rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0
+ rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0
+#
+header motd #
+===================================================
+
+!!! WARNING !!!
+system monitoring for law enforcement and other
+purpose. Unauthorized use of this machine may
+subject you to criminal prosecution and penalties
+
+==================================================#
+#
+return
diff --git a/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_received.json b/tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_received.json
@@ -0,0 +1,52 @@
+{
+   "bgp": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "bgp 65330\n router-id 10.10.10.254\n graceful-restart\n graceful-restart timer restart 120\n graceful-restart timer wait-for-rib 360\n peer 10.20.240.1 description ***Point to Point Connection**\n peer 10.20.240.1 ebgp-max-hop 10\n peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==\n  address-family ipv4 unicast\n  balance 4\n  peer 10.30.240.1 enable\n  peer 10.30.240.1 route-policy P2P-FirstTry import\n  peer 10.30.240.1 route-policy P2P-FirstTry export",
+      "intended": "bgp 65330\n router-id 10.10.10.254\n graceful-restart\n graceful-restart timer restart 120\n graceful-restart timer wait-for-rib 360\n peer 10.20.240.1 description ***Point to Point Connection**\n peer 10.20.240.1 ebgp-max-hop 10\n peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==\n  address-family ipv4 unicast\n  balance 4\n  peer 10.30.240.1 enable\n  peer 10.30.240.1 route-policy P2P-FirstTry import\n  peer 10.30.240.1 route-policy P2P-FirstTry export"
+   },
+   "snmp-agent": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "",
+      "intended": ""
+   },
+   "dhcp": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "dhcp enable\ndhcp server forbidden-ip 10.10.10.1 10.10.10.100\ndhcp server always-broadcast\ndhcp server ip-pool CKP\n gateway-list 10.10.10.1\n domain-name intra.data.co.id\n expired day 30\n netbios-type b-node",
+      "intended": "dhcp enable\ndhcp server forbidden-ip 10.10.10.1 10.10.10.100\ndhcp server always-broadcast\ndhcp server ip-pool CKP\n gateway-list 10.10.10.1\n domain-name intra.data.co.id\n expired day 30\n netbios-type b-node"
+   },
+   "header": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "header motd #\n===================================================\n!!! WARNING !!!\nsystem monitoring for law enforcement and other\npurpose. Unauthorized use of this machine may\nsubject you to criminal prosecution and penalties\n==================================================#",
+      "intended": "header motd #\n===================================================\n!!! WARNING !!!\nsystem monitoring for law enforcement and other\npurpose. Unauthorized use of this machine may\nsubject you to criminal prosecution and penalties\n==================================================#"
+   },
+   "acl": {
+      "compliant": false,
+      "missing": "acl advanced name HPE\n rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0",
+      "extra": "acl advanced name HPE\n rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0",
+      "cannot_parse": true,
+      "unordered_compliant": false,
+      "ordered_compliant": false,
+      "actual": "acl advanced name HPE\n rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0",
+      "intended": "acl advanced name HPE\n rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0"
+   }
+}
diff --git a/tests/unit/mock/config/parser/base/hp_comware/hp_comware_received.py b/tests/unit/mock/config/parser/base/hp_comware/hp_comware_received.py
@@ -0,0 +1,38 @@
+from netutils.config.parser import ConfigLine
+
+data = [
+    ConfigLine(config_line="sysname HP-JKT-01", parents=()),
+    ConfigLine(config_line="dhcp enable", parents=()),
+    ConfigLine(config_line="dhcp server forbidden-ip 10.10.10.1 10.10.10.100", parents=()),
+    ConfigLine(config_line="dhcp server always-broadcast", parents=()),
+    ConfigLine(config_line="dhcp server ip-pool CKP", parents=()),
+    ConfigLine(config_line=" gateway-list 10.10.10.1", parents=("dhcp server ip-pool CKP",)),
+    ConfigLine(config_line=" domain-name intra.data.co.id", parents=("dhcp server ip-pool CKP",)),
+    ConfigLine(config_line=" expired day 30", parents=("dhcp server ip-pool CKP",)),
+    ConfigLine(config_line=" netbios-type b-node", parents=("dhcp server ip-pool CKP",)),
+    ConfigLine(config_line="bgp 65330", parents=()),
+    ConfigLine(config_line=" router-id 10.10.10.254", parents=("bgp 65330",)),
+    ConfigLine(config_line=" graceful-restart", parents=("bgp 65330",)),
+    ConfigLine(config_line=" graceful-restart timer restart 120", parents=("bgp 65330",)),
+    ConfigLine(config_line=" graceful-restart timer wait-for-rib 360", parents=("bgp 65330",)),
+    ConfigLine(config_line=" peer 10.20.240.1 description ***Point to Point Connection**", parents=("bgp 65330",)),
+    ConfigLine(config_line=" peer 10.20.240.1 ebgp-max-hop 10", parents=("bgp 65330",)),
+    ConfigLine(config_line=" peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==", parents=("bgp 65330",)),
+    ConfigLine(config_line="  address-family ipv4 unicast", parents=("bgp 65330"," peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==")),
+    ConfigLine(config_line="  balance 4", parents=("bgp 65330"," peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==")),
+    ConfigLine(config_line="  peer 10.30.240.1 enable", parents=("bgp 65330"," peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==")),
+    ConfigLine(config_line="  peer 10.30.240.1 route-policy P2P-FirstTry import", parents=("bgp 65330"," peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==")),
+    ConfigLine(config_line="  peer 10.30.240.1 route-policy P2P-FirstTry export", parents=("bgp 65330"," peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==")),
+    ConfigLine(config_line="snmp-agent", parents=()),
+    ConfigLine(config_line="snmp-agent local-engineid 8000XXX123456789AB503C00000001", parents=()),
+    ConfigLine(config_line="snmp-agent community read RO", parents=()),
+    ConfigLine(config_line="snmp-agent community read read", parents=()),
+    ConfigLine(config_line="snmp-agent community read ro", parents=()),
+    ConfigLine(config_line="acl advanced name HPE", parents=()),
+    ConfigLine(config_line=" rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0", parents=("acl advanced name HPE",)),
+    ConfigLine(config_line=" rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0", parents=("acl advanced name HPE",)),
+    ConfigLine(config_line=" rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0", parents=("acl advanced name HPE",)),
+    ConfigLine(config_line="header motd #", parents=()),
+    ConfigLine(config_line="===================================================\n!!! WARNING !!!\nsystem monitoring for law enforcement and other\npurpose. Unauthorized use of this machine may\nsubject you to criminal prosecution and penalties\n==================================================#", parents=("header motd #",)),
+    ConfigLine(config_line="return", parents=()),
+]
diff --git a/tests/unit/mock/config/parser/base/hp_comware/hp_comware_sent.txt b/tests/unit/mock/config/parser/base/hp_comware/hp_comware_sent.txt
@@ -0,0 +1,48 @@
+sysname HP-JKT-01
+#
+dhcp enable
+dhcp server forbidden-ip 10.10.10.1 10.10.10.100
+dhcp server always-broadcast
+#
+dhcp server ip-pool CKP
+ gateway-list 10.10.10.1
+ domain-name intra.data.co.id
+ expired day 30
+ netbios-type b-node
+#
+bgp 65330
+ router-id 10.10.10.254
+ graceful-restart
+ graceful-restart timer restart 120
+ graceful-restart timer wait-for-rib 360
+ peer 10.20.240.1 description ***Point to Point Connection**
+ peer 10.20.240.1 ebgp-max-hop 10
+ peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==
+  address-family ipv4 unicast
+  balance 4
+  peer 10.30.240.1 enable
+  peer 10.30.240.1 route-policy P2P-FirstTry import
+  peer 10.30.240.1 route-policy P2P-FirstTry export
+#
+snmp-agent
+snmp-agent local-engineid 8000XXX123456789AB503C00000001
+snmp-agent community read RO
+snmp-agent community read read
+snmp-agent community read ro
+#
+acl advanced name HPE
+ rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0
+ rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0
+ rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0
+#
+header motd #
+===================================================
+
+!!! WARNING !!!
+system monitoring for law enforcement and other
+purpose. Unauthorized use of this machine may
+subject you to criminal prosecution and penalties
+
+==================================================#
+#
+return