"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "go/testdata/virtual-interface.t" between
Netspoc-6.025.tar.gz and Netspoc-6.026.tar.gz

About: NetSPoC is a network security policy compiler (using its own description language) to manage all the packet filter devices inside your network topology.

virtual-interface.t  (Netspoc-6.025):virtual-interface.t  (Netspoc-6.026)
skipping to change at line 94 skipping to change at line 94
user = interface:r1.[auto], interface:r2.[auto]; user = interface:r1.[auto], interface:r2.[auto];
permit src = user; dst = network:n2; prt = udp 123; permit src = user; dst = network:n2; prt = udp 123;
} }
=END= =END=
=ERROR= =ERROR=
Error: interface:r1.n1.virtual must be located inside cyclic sub-graph Error: interface:r1.n1.virtual must be located inside cyclic sub-graph
Error: interface:r2.n1.virtual must be located inside cyclic sub-graph Error: interface:r2.n1.virtual must be located inside cyclic sub-graph
=END= =END=
############################################################ ############################################################
=TITLE=Virtual interfaces prevent valid path
# Implicit pathrestriction would permit path,
# but virtual interfaces let path be pruned later.
=INPUT=
network:n1 = { ip = 10.1.1.0/24; }
network:n2 = { ip = 10.1.2.0/24; }
network:n3 = { ip = 10.1.3.0/24; }
router:r1 = {
model = IOS;
managed;
interface:n1 = { ip = 10.1.1.1; hardware = n1; }
interface:n2 = { ip = 10.1.2.2; virtual = { ip = 10.1.2.1; } hardware = n2; }
}
router:r2 = {
interface:n2 = { ip = 10.1.2.3; virtual = { ip = 10.1.2.1; } }
interface:n3;
}
router:r3 = {
model = IOS;
managed;
routing = manual;
interface:n3 = { ip = 10.1.3.1; hardware = n3; }
interface:n1 = { ip = 10.1.1.2; hardware = n1; }
}
pathrestriction:r3 =
interface:r3.n1,
interface:r3.n3,
;
service:s1 = {
user = network:n3;
permit src = user; dst = interface:r1.n2; prt = tcp 22;
}
=END=
=ERROR=
Error: No valid path
from any:[network:n3]
to interface:r1.n2.virtual
for rule permit src=network:n3; dst=interface:r1.n2; prt=tcp 22; of service:s1
Check path restrictions and crypto interfaces.
=END=
############################################################
=TITLE=Different protocol / id at related virtual interfaces =TITLE=Different protocol / id at related virtual interfaces
=INPUT= =INPUT=
network:n1 = { ip = 10.1.1.0/24; } network:n1 = { ip = 10.1.1.0/24; }
network:n2 = { ip = 10.1.2.0/24; } network:n2 = { ip = 10.1.2.0/24; }
router:r1 = { router:r1 = {
managed; managed;
model = ASA; model = ASA;
interface:n1 = { interface:n1 = {
ip = 10.1.1.2; ip = 10.1.1.2;
virtual = { ip = 10.1.1.1; type = HSRP; } virtual = { ip = 10.1.1.1; type = HSRP; }
 End of changes. 1 change blocks. 
0 lines changed or deleted 47 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)