pyaoscx.acl module¶
-
class
pyaoscx.acl.
ACL
(session, name, list_type, uri=None, **kwargs)¶ Bases:
pyaoscx.pyaoscx_module.PyaoscxModule
Provide configuration management for ACL on AOS-CX devices.
-
add_acl_entry
(sequence_num, action, count=None, protocol=None, src_ip=None, dst_ip=None, dst_l4_port_min=None, dst_l4_port_max=None, src_mac=None, dst_mac=None, ethertype=None)¶ - Create an AclEntry object, ACL Entry already exists, value passed
- won’t update the entry.
Parameters: - sequence_num – Integer number of the sequence
- action – Action should be either “permit” or “deny”
- count – Optional boolean flag that when true, will make entry increment hit count for matched packets
- protocol – Optional integer IP protocol number
- src_ip – Optional source IP address. Both IPv4 and IPv6 are supported. Example: 10.10.12.11/255.255.255.255 2001:db8::11/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- dst_ip – Optional destination IP address. Both IPv4 and IPv6 are supported. Example: 10.10.12.11/255.255.255.255 2001:db8::11/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- dst_l4_port_min – Optional minimum L4 port number in range; used in conjunction with dst_l4_port_max.
- dst_l4_port_max – Optional maximum L4 port number in range; used in conjunction with dst_l4_port_min.
- src_mac – Optional source MAC address Example: ‘01:02:03:04:05:06’
- dst_mac – Optional destination MAC address Example: ‘01:02:03:04:05:06’
- ethertype – Optional integer EtherType number
Return acl_entry: A AclEntry object
-
apply
()¶ - Main method used to either create or update an existing ACL table
- entry. Checks whether the ACL exists in the switch. Calls self.update() if ACL being updated. Calls self.create() if a new ACL is being created.
Return modified: Boolean, True if object was created or modified.
-
base_uri
= 'system/acls'¶
-
cfg_aces
¶ - Attribute descriptor class to keep track of a list that contains
- pyaoscx_module objects simulating a Reference to a resource. If the list changes, then every pyaoscx_module object has to be changed.
-
create
()¶ - Perform a POST call to create a new ACL table entry. Only returns if no
- exception is raised.
Return modified: Boolean, True if entry was created.
-
delete
()¶ Perform DELETE call to delete ACL table entry.
-
delete_all_acl_entries
()¶ Delete all ACL Entries within an ACL.
Returns: True if object was changed
-
classmethod
from_response
(session, response_data)¶ Create a Acl object given a response_data.
Parameters: - cls – Object’s class.
- session – pyaoscx.Session object used to represent a logical connection to the device
- response_data – The response must be a dictionary of the form: { “{name},{list_type}”: URL }, with URL being of the form: “/rest/v10.04/system/acls/{name},{list_type}”
Returns: Acl object.
-
classmethod
from_uri
(session, uri)¶ Create a Acl object given a URI.
Parameters: - cls – Object’s class.
- session – pyaoscx.Session object used to represent a logical connection to the device.
- uri – a String with a URI
Return indices, acl: tuple containing both the indices and Acl object.
-
get
(depth=None, selector=None)¶ - Perform a GET call to retrieve data for an ACL table entry and fill
- the object with the incoming attributes.
Parameters: - depth – Integer deciding how many levels into the API JSON that references will be returned.
- selector – Alphanumeric option to select specific information to return.
Returns: Returns True if there is not an exception raised.
-
classmethod
get_all
(session)¶ - Perform a GET call to retrieve all system ACLs, and create a dictionary
- containing them.
Parameters: - cls – Object’s class.
- session – pyaoscx.Session object used to represent a logical connection to the device.
Returns: Dictionary containing ACLs IDs as keys and a Acl objects as values.
-
get_info_format
()¶ - Method used to obtain correct object format for referencing inside
- other objects.
return: Object format depending on the API Version.
-
get_uri
()¶ Method used to obtain the specific ACL URI.
return: Object’s URI.
-
indices
= ['name', 'list_type']¶
-
modified
¶ Return boolean with whether this object has been modified.
-
modify_acl_entry
(sequence_num, action, count=None, src_ip=None, dst_ip=None, dst_l4_port_min=None, dst_l4_port_max=None, src_mac=None, dst_mac=None, ethertype=None)¶ Modify an existing ACL Entry.
Parameters: - sequence_num – Integer number of the sequence.
- action – Action should be either “permit” or “deny”.
- count – Optional boolean flag that when true, will make entry increment hit count for matched packets.
- src_ip – Optional source IP address. Both IPv4 and IPv6 are supported. Example: 10.10.12.11/255.255.255.255 2001:db8::11/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- dst_ip – Optional destination IP address. Both IPv4 and IPv6 are supported. Example: 10.10.12.11/255.255.255.255 2001:db8::11/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- dst_l4_port_min – Optional minimum L4 port number in range; used in conjunction with dst_l4_port_max.
- dst_l4_port_max – Optional maximum L4 port number in range; used in conjunction with dst_l4_port_min.
- src_mac – Optional source MAC address Example: ‘01:02:03:04:05:06’
- dst_mac – Optional destination MAC address Example: ‘01:02:03:04:05:06’
- ethertype – Optional integer EtherType number.
Return acl_entry: A AclEntry object.
-
resource_uri_name
= 'acls'¶
-
update
()¶ Perform a PUT call to apply changes to an existing ACL table entry.
Return modified: True if Object was modified and a PUT request was made.
-
was_modified
()¶ Getter method for the __modified attribute.
Returns: Boolean True if the object was recently modified.
-