NAME
Net::ACL - Class representing a generic access-list/route-map
SYNOPSIS
use Net::ACL;
use Net::ACL::Rule qw( :action :rc );
# Constructor
$list = new Net::ACL(
Name => 'MyACL',
Type => 'prefix-list',
Rule => new Net::ACL::Rule( .. )
);
# Fetch existing object by name
$list = renew Net::ACL(
Name => 'MyACL'
Type => 'prefix-list'
);
$list = renew Net::ACL("$list");
# Object Copy
$clone = $list->clone();
# Class methods
$type_names_hr = Net::ACL->knownlists();
# Accessor Methods
$list->add_rule($rule);
$list->remove_rule($rule);
$name = $list->name($name);
$type = $list->type($type);
$rc = $list->match(@data);
($rc,@data) = $list->query(@data);
DESCRIPTION
This module represents a generic access-list and route-map. It uses the Net::ACL::Rule object to represent the rules.
CONSTRUCTOR
- new() - create a new Net::ACL object
-
$list = new Net::ACL( Name => 'MyACL', Type => 'prefix-list', Rule => new Net::ACL::Rule( .. ) );
This is the constructor for Net::ACL objects. It returns a reference to the newly created object. The following named parameters may be passed to the constructor.
- Name
-
The name parameter is optional and is only used to identify a list by the renew() constructor.
- Type
-
The type parameter is optional and defaults to the class name. It is used have different namespaces for the Name parameter. It is intended to have values like 'ip-accesslist', 'prefix-list', 'as-path-filter' and 'route-map'. This way the same name or number of an access-list could be reused in each class.
- Rule
-
The rule parameter could be present one or more times. Each one can have multiple types:
- renew() - fetch an existing Net::ACL object
-
$list = renew Net::ACL( Name => 'MyACL' Type => 'prefix-list' ); $list = renew Net::ACL("$list");
The renew constructor localizes an existing ACL object from either Name, (Name,Type)-pair or the object in string context (e.g.
Net::ACL=HASH(0x823ff84)
). The Name and Type arguments have similar meaning as for the new() constructor.
OBJECT COPY
- clone() - clone a Net::ACL object
-
$clone = $list->clone();
This method creates an exact copy of the Net::ACL object and all the rules. The clone will not have a name unless one is assigned explicitly later.
ACCESSOR METHODS
- name()
- type()
-
The name() and type() methods return the access-list name and type fields respectively. If called with an argument they change the value to that of the argument.
- match()
-
The match method implements the basics of a standard router access-list matching.
It gets any arbitrary number of arguments. The arguments are passed to the match() method of each of the Net::ACL::Rule rules except any object which have the action() field set to
ACL_CONTINUE
. When a match() method returnsACL_MATCH
, the action() of that entry is returned. - query()
-
The query method implements the basics of a route-map execution.
It calls the Net::ACL::Rule rules query() method one by one as long as they return
ACL_CONTINUE
.The function returns the result code (
ACL_PERMIT
orACL_DENY
) and the, possibly modified, arguments of the function. - add_rule()
- remove_rule()
-
The add() and remove() rule methods can add and remove rules after object construction.
SEE ALSO
Net::ACL::Rule, Net::ACL::File, Net::ACL::Bootstrap
AUTHOR
Martin Lorensen <bgp@martin.lorensen.dk>