oidValue = swACLEtherRuleDstMacAddress;
oidValue += acl.getSuffix();
}
- stream << oidValue << ":" << acl._mac << " ";
+ stream << oidValue << " x " << acl._mac << " ";
// Permit rule
oidValue = swACLEtherRulePermit;
oidValue += acl.getSuffix();
- stream << oidValue << ":" << 2 << " ";
+ stream << oidValue << " i " << 2 << " ";
// Port
oidValue = swACLEtherRulePort;
oidValue += acl.getSuffix();
- stream << oidValue << ":" << acl._port << " ";
+ stream << oidValue << " x " << acl._port << " ";
// Shape
oidValue = swACLEtherRuleRxRate;
oidValue += acl.getSuffix();
- stream << oidValue << ":" << acl._shape << " ";
+ stream << oidValue << " i " << acl._shape << " ";
// Create ACL
oidValue = swACLEtherRuleRowStatus;
oidValue += acl.getSuffix();
- stream << oidValue << ":" << 4;
+ stream << oidValue << " i " << 4;
return stream;
}
+#include <cstdio>
+#include <fstream>
#include <boost/lexical_cast.hpp>
#include "snmp_pp/snmp_pp.h"
return;
}
- if (!dropACLs(target)) {
+ if (!dropACLs(target, std::cerr)) {
logger << "Switch::~Switch() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl;
return;
}
return;
}
- if (!dropACLs(target)) {
- logger << "Switch::sync() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl;
- return;
- }
+ {
+ std::string fileName(_ip + ".sh");
+ std::string newFileName(fileName + ".new");
+ std::ofstream script(newFileName.c_str());
+ script << "#!/bin/sh\n";
+ if (!dropACLs(target, script)) {
+ logger << "Switch::sync() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl;
+ return;
+ }
- if (!createACLs(target)) {
- logger << "Switch::sync() - failed to create ACLs for the switch '" << _ip << "'" << std::endl;
- return;
+ if (!createACLs(target, script)) {
+ logger << "Switch::sync() - failed to create ACLs for the switch '" << _ip << "'" << std::endl;
+ return;
+ }
+ script.close();
+ rename(newFileName.c_str(), fileName.c_str());
}
if (_settings.isDebug()) {
return false;
}
-bool Switch::dropACLs(const CTarget & target)
+bool Switch::dropACLs(const CTarget & target, std::ostream & stream)
{
std::string upOidValue(swACLEtherRuleAccessID);
upOidValue += ".";
return false;
}
if (!aclsUpTable.empty()) {
- if (!dropACLsByTable(target, _settings.upProfileId(), aclsUpTable)) {
+ if (!dropACLsByTable(target, _settings.upProfileId(), aclsUpTable, stream)) {
logger << "Switch::dropACLs() - failed to drop acls from upload table for the switch '" << _ip << "'" << std::endl;
return false;
}
}
if (!aclsDownTable.empty()) {
- if (!dropACLsByTable(target, _settings.downProfileId(), aclsDownTable)) {
+ if (!dropACLsByTable(target, _settings.downProfileId(), aclsDownTable, stream)) {
logger << "Switch::dropACLs() - failed to drop acls from download table for the switch '" << _ip << "'" << std::endl;
return false;
}
return true;
}
-bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table)
+bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table, std::ostream & stream)
{
std::string dropACLOidPrefix(swACLEtherRuleRowStatus);
dropACLOidPrefix += ".";
size_t chunks = aclsList.size() / _settings.maxACLPerPDU() + 1;
for (size_t i = 0; i < chunks && it != aclsList.end(); ++i) {
Pdu pdu;
+ stream << "snmpset -v2c -cgts_community_w " << _ip;
for (size_t j = 0; j < _settings.maxACLPerPDU() && it != aclsList.end(); ++j, ++it) {
int id;
if (int c = it->get_value(id) != SNMP_CLASS_SUCCESS) {
Vb vb(Oid(dropACLOid.c_str()));
vb.set_value(int(6));
pdu += vb;
+ stream << " " << dropACLOid << " i 6";
}
+ stream << "\n";
if (int c = _snmp.set(pdu, target) != SNMP_CLASS_SUCCESS) {
if (c != SNMP_ERROR_TOO_BIG) {
logger << "Switch::dropACLsByTable() - failed to invoke Snmp::set for the switch '" << _ip << "'. Error message: '" << Snmp::error_msg(c) << "'" << std::endl;
return true;
}
-bool Switch::createACLs(const CTarget & target)
+bool Switch::createACLs(const CTarget & target, std::ostream & stream)
{
std::vector<ACL>::const_iterator it;
size_t pos = 0;
pdu.clear();
_aclsCreated = true;
++pos;
+ stream << "snmpset -v2c -cgts_community_w " << _ip << " " << *it << "\n";
}
return true;
}