search

azet / capirca

Fork: Multi-platform ACL generation system
https://code.google.com/p/capirca
Apache License 2.0
0 stars 0 forks source link

cisco mixed access-list naming #37

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Create policy with cisco mixed

header {
    comment:: "capirca test"
    target:: cisco capirca-test mixed
}

2. Run ./aclgen.py
3. Review filter output

What is the expected output? What do you see instead?

Expected:

no ip access-list extended capirca-test
ip access-list extended capirca-test
<SNIP>
no ipv6 access-list capirca-test-v6
ipv6 access-list capirca-test-v6
<SNIP>

Generated:

no ip access-list extended capirca-test
ip access-list extended capirca-test
<SNIP>
no ipv6 access-list capirca-test
ipv6 access-list capirca-test
<SNIP>

What version of the product are you using? On what operating system?

capirca-r245 on Xubuntu 14.04

Please provide any additional information below.

IOS 12.2(55)SE6 error:

Access-list type conflicts with prior definition
% A named extended IP access list with this name already exists

Changing the string on 711 and 712 of lib/cisco.py to %s-v6, making sure the 
name it generates for the IPv6 access-list differs from the extended 
access-list name.

Original issue reported on code.google.com by paulcorm...@gmail.com on 2 Apr 2015 at 9:15

GoogleCodeExporter commented 9 years ago 
Scrap the change to 711 and 712, introduces -v6 to the end of the access-list 
name even if you only want inet6.

Original comment by paulcorm...@gmail.com on 2 Apr 2015 at 10:49

GoogleCodeExporter commented 9 years ago 
Patch attached.

Original comment by paulcorm...@gmail.com on 2 Apr 2015 at 11:34

Attachments: