"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "go/testdata/crypto.t" between
Netspoc-6.026.tar.gz and Netspoc-6.027.tar.gz

About: NetSPoC is a network security policy compiler (using its own description language) to manage all the packet filter devices inside your network topology.

crypto.t  (Netspoc-6.026):crypto.t  (Netspoc-6.027)
skipping to change at line 1529 skipping to change at line 1529
${crypto_vpn} ${crypto_vpn}
network:intern = { ip = 10.1.2.0/24; } network:intern = { ip = 10.1.2.0/24; }
router:r = { router:r = {
model = IOS; model = IOS;
managed = routing_only; managed = routing_only;
interface:intern = { ip = 10.1.2.1; hardware = e0; } interface:intern = { ip = 10.1.2.1; hardware = e0; }
interface:trans = { ip = 10.9.9.1; hardware = e1; } interface:trans = { ip = 10.9.9.1; hardware = e1; }
} }
network:trans = { ip = 10.9.9.0/24; } network:trans = { ip = 10.9.9.0/24; }
router:gw = { router:gw = {
interface:trans = { ip = 10.9.9.2; } model = IOS;
interface:dmz = { ip = 192.168.0.2; } managed;
routing = manual;
interface:trans = { ip = 10.9.9.2; hardware = e0; }
interface:dmz = { ip = 192.168.0.2; hardware = e1; }
} }
router:asavpn = { router:asavpn = {
model = ASA, VPN; model = ASA, VPN;
managed; managed;
general_permit = icmp 3; general_permit = icmp 3;
radius_attributes = { radius_attributes = {
trust-point = ASDM_TrustPoint1; trust-point = ASDM_TrustPoint1;
} }
interface:dmz = { interface:dmz = {
ip = 192.168.0.101; ip = 192.168.0.101;
skipping to change at line 1574 skipping to change at line 1577
host:id:long-first-name.long-second-name@long-domain.xyz.customers1; host:id:long-first-name.long-second-name@long-domain.xyz.customers1;
permit src = user; dst = network:intern; prt = tcp 80, protocol:ping_net; permit src = user; dst = network:intern; prt = tcp 80, protocol:ping_net;
permit src = network:intern; dst = user; prt = protocol:ping_net; permit src = network:intern; dst = user; prt = protocol:ping_net;
} }
=END= =END=
=INPUT=${input} =INPUT=${input}
=OUTPUT= =OUTPUT=
--r --r
! [ Routing ] ! [ Routing ]
ip route 10.99.1.0 255.255.255.0 10.9.9.2 ip route 10.99.1.0 255.255.255.0 10.9.9.2
ip route 192.168.0.0 255.255.255.0 10.9.9.2
--asavpn --asavpn
! [ Routing ] ! [ Routing ]
route outside 10.1.2.0 255.255.255.0 192.168.0.2 route outside 10.1.2.0 255.255.255.0 192.168.0.2
route outside 10.9.9.0 255.255.255.0 192.168.0.2 route outside 10.9.9.0 255.255.255.0 192.168.0.2
route outside 10.99.1.0 255.255.255.0 192.168.0.2 route outside 10.99.1.0 255.255.255.0 192.168.0.2
-- --
tunnel-group VPN-single type remote-access tunnel-group VPN-single type remote-access
tunnel-group VPN-single general-attributes tunnel-group VPN-single general-attributes
authorization-server-group LOCAL authorization-server-group LOCAL
default-group-policy global default-group-policy global
skipping to change at line 1642 skipping to change at line 1644
access-list outside_in extended deny ip any4 any4 access-list outside_in extended deny ip any4 any4
access-group outside_in in interface outside access-group outside_in in interface outside
=END= =END=
=OPTIONS=--auto_default_route=0 =OPTIONS=--auto_default_route=0
############################################################ ############################################################
=TITLE=Missing route for VPN ASA with internal software clients =TITLE=Missing route for VPN ASA with internal software clients
=INPUT= =INPUT=
${input} ${input}
router:gw2 = { router:gw2 = {
interface:trans = { ip = 10.9.9.4; } model = IOS;
interface:dmz = { ip = 192.168.0.4; } managed;
routing = manual;
interface:trans = { ip = 10.9.9.4; hardware = e0; }
interface:dmz = { ip = 192.168.0.4; hardware = e1; }
} }
=END= =END=
=ERROR= =ERROR=
Error: Can't determine next hop to reach network:trans while moving routes Error: Can't determine next hop to reach network:trans while moving routes
of interface:asavpn.tunnel:softclients to interface:asavpn.dmz. of interface:asavpn.tunnel:softclients to interface:asavpn.dmz.
Exactly one route is needed, but 2 candidates were found: Exactly one route is needed, but 2 candidates were found:
- interface:gw.dmz - interface:gw.dmz
- interface:gw2.dmz - interface:gw2.dmz
Error: Two static routes for network:intern Error: Ambiguous static routes for network:intern at interface:asavpn.dmz via
at interface:asavpn.dmz via interface:gw2.dmz and interface:gw.dmz - interface:gw.dmz
Error: Two static routes for network:trans - interface:gw2.dmz
at interface:asavpn.dmz via interface:gw2.dmz and interface:gw.dmz Error: Ambiguous static routes for network:trans at interface:asavpn.dmz via
Error: Two static routes for network:customers1 - interface:gw.dmz
at interface:r.trans via interface:gw2.trans and interface:gw.trans - interface:gw2.dmz
Error: Two static routes for network:dmz Error: Ambiguous static routes for network:customers1 at interface:r.trans via
at interface:r.trans via interface:gw2.trans and interface:gw.trans - interface:gw.trans
- interface:gw2.trans
=END= =END=
############################################################ ############################################################
=TITLE=NAT with VPN ASA =TITLE=NAT with VPN ASA
=INPUT= =INPUT=
${crypto_vpn} ${crypto_vpn}
network:intern = { ip = 10.1.2.0/24; nat:E = { ip = 192.168.2.0/24; } } network:intern = { ip = 10.1.2.0/24; nat:E = { ip = 192.168.2.0/24; } }
network:trans = { ip = 10.9.9.0/24; } network:trans = { ip = 10.9.9.0/24; }
router:gw = { router:gw = {
interface:intern = { ip = 10.1.2.1; hardware = e0; } interface:intern = { ip = 10.1.2.1; hardware = e0; }
 End of changes. 4 change blocks. 
13 lines changed or deleted 19 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)