Cisco remarks missing quotes

[pims848]

Hi, We are using Capirca to generate Cisco like ACLs and we came across a weird issue. When adding multiple words comments in the policies the required quotes are not in the generated filters.

See example:

Policy file:

term allow-ping {
 comment:: "allow ping from NET to NET_GW"

The output is:

 remark allow-ping
 remark allow ping from NET to NET_GW

Obviously the second remark is invalid since it should be rendered like: remark "allow ping from NET to NET_GW"

Are we missing something here or is it something that needs to be fixed? Thank al lot.

[abhindes]

Hi,

Cisco IOS does not seem to require remarks to be in quotes, and this is what the device usually returns. So the ACL is generated with remarks without the enclosing quotes.

Do you have a specific Cisco OS you are using where you see issues with the generated ACL? If you have, could you please share the documentation so we can evaluate how best to incorporate a change?

[0] https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/remark.htm [1] https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-acl-comm-ipacl.html

[pims848]

Hi @abhindes and thank you for the answer,

Sorry but I did not mention one important part: we are using this generator to render ACLs for Aruba AOS-S switches which have Cisco like syntax but obviously not 100%... The comment syntax seems to be different: see p271 here: https://support.hpe.com/hpesc/public/docDisplay?docId=a00112861en_us

Do you think it would it be possible adding a new Aruba generator based on the current Cisco IOS? or make the Cisco also compatible with Aruba Switches?

Thanks,