summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPriyam Sahoo <42550351+priyamsahoo@users.noreply.github.com>2021-07-06 00:53:20 +0530
committerGitHub <noreply@github.com>2021-07-05 19:23:20 +0000
commitaf07511dee4d74b4159482c6b7aed6efff0e5949 (patch)
tree559e0093e82118d601108dc81efb88200e3a2c6b
parent8264a29424c79c25d03cf89c376a72ec6a0f600f (diff)
downloadvyos.vyos-af07511dee4d74b4159482c6b7aed6efff0e5949.tar.gz
vyos.vyos-af07511dee4d74b4159482c6b7aed6efff0e5949.zip
VyOS Prefix Lists Resource Module Added (#178)
VyOS Prefix Lists Resource Module Added SUMMARY PR for vyos_prefix_lists rm resolves: #99 ISSUE TYPE New Module Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Rohit Thakur <rohitthakur2590@outlook.com> Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com> Reviewed-by: Priyam Sahoo <None>
Diffstat
-rw-r--r--README.md1
-rw-r--r--changelogs/fragments/vyos_prefix_lists.yml3
-rw-r--r--docs/vyos.vyos.vyos_ping_module.rst2
-rw-r--r--docs/vyos.vyos.vyos_prefix_lists_module.rst1591
-rw-r--r--meta/runtime.yml32
-rw-r--r--plugins/module_utils/network/vyos/argspec/prefix_lists/__init__.py0
-rw-r--r--plugins/module_utils/network/vyos/argspec/prefix_lists/prefix_lists.py82
-rw-r--r--plugins/module_utils/network/vyos/config/prefix_lists/__init__.py0
-rw-r--r--plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py182
-rw-r--r--plugins/module_utils/network/vyos/facts/facts.py4
-rw-r--r--plugins/module_utils/network/vyos/facts/prefix_lists/__init__.py0
-rw-r--r--plugins/module_utils/network/vyos/facts/prefix_lists/prefix_lists.py93
-rw-r--r--plugins/module_utils/network/vyos/rm_templates/prefix_lists.py265
-rw-r--r--plugins/modules/vyos_prefix_lists.py1329
-rw-r--r--tests/integration/targets/vyos_prefix_lists/defaults/main.yaml3
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml19
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tasks/main.yaml4
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg18
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml22
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml11
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml108
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml58
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml24
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml77
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml61
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml16
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml51
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml57
-rw-r--r--tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml87
-rw-r--r--tests/integration/targets/vyos_prefix_lists/vars/main.yaml145
-rw-r--r--tests/sanity/ignore-2.10.txt3
-rw-r--r--tests/sanity/ignore-2.11.txt3
-rw-r--r--tests/sanity/ignore-2.12.txt3
-rw-r--r--tests/sanity/ignore-2.9.txt3
-rw-r--r--tests/unit/modules/network/vyos/test_vyos_prefix_lists.py1242
35 files changed, 5585 insertions, 14 deletions
diff --git a/README.md b/README.md
index 3449750..4c8649b 100644
--- a/README.md
+++ b/README.md
@@ -56,6 +56,7 @@ Name | Description
[vyos.vyos.vyos_ospfv2](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv2_module.rst)|OSPFv2 resource module
[vyos.vyos.vyos_ospfv3](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv3_module.rst)|OSPFV3 resource module
[vyos.vyos.vyos_ping](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ping_module.rst)|Tests reachability using ping from VyOS network devices
+[vyos.vyos.vyos_prefix_lists](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_prefix_lists_module.rst)|Prefix-Lists resource module for VyOS
[vyos.vyos.vyos_route_maps](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_route_maps_module.rst)|Route Map Resource Module.
[vyos.vyos.vyos_static_route](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_static_route_module.rst)|(deprecated, removed after 2022-06-01) Manage static IP routes on Vyatta VyOS network devices
[vyos.vyos.vyos_static_routes](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_static_routes_module.rst)|Static routes resource module
diff --git a/changelogs/fragments/vyos_prefix_lists.yml b/changelogs/fragments/vyos_prefix_lists.yml
new file mode 100644
index 0000000..8eabc1e
--- /dev/null
+++ b/changelogs/fragments/vyos_prefix_lists.yml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+ - Add vyos_prefix_lists Resource Module.
diff --git a/docs/vyos.vyos.vyos_ping_module.rst b/docs/vyos.vyos.vyos_ping_module.rst
index a1674b5..59e4a74 100644
--- a/docs/vyos.vyos.vyos_ping_module.rst
+++ b/docs/vyos.vyos.vyos_ping_module.rst
@@ -405,7 +405,7 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<div>The round trip time (RTT) stats.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
- <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">AnsibleMapping([(&#x27;avg&#x27;, 2), (&#x27;max&#x27;, 8), (&#x27;min&#x27;, 1), (&#x27;mdev&#x27;, 24)])</div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">{&#x27;avg&#x27;: 2, &#x27;max&#x27;: 8, &#x27;min&#x27;: 1, &#x27;mdev&#x27;: 24}</div>
</td>
</tr>
</table>
diff --git a/docs/vyos.vyos.vyos_prefix_lists_module.rst b/docs/vyos.vyos.vyos_prefix_lists_module.rst
new file mode 100644
index 0000000..965b890
--- /dev/null
+++ b/docs/vyos.vyos.vyos_prefix_lists_module.rst
@@ -0,0 +1,1591 @@
+.. _vyos.vyos.vyos_prefix_lists_module:
+
+
+***************************
+vyos.vyos.vyos_prefix_lists
+***************************
+
+**Prefix-Lists resource module for VyOS**
+
+
+Version added: 2.4.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module manages prefix-lists configuration on devices running VyOS
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="4">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="4">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>config</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ / <span style="color: purple">elements=dictionary</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>A list of prefix-list options</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td colspan="3">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>afi</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>ipv4</li>
+ <li>ipv6</li>
+ </ul>
+ </td>
+ <td>
+ <div>The Address Family Indicator (AFI) for the prefix-lists</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td colspan="3">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>prefix_lists</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ / <span style="color: purple">elements=dictionary</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>A list of prefix-list configurations</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="2">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>description</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>A brief text description for the prefix-list</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="2">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>entries</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ / <span style="color: purple">elements=dictionary</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Rule configurations for the prefix-list</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>action</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>permit</li>
+ <li>deny</li>
+ </ul>
+ </td>
+ <td>
+ <div>The action to be taken for packets matching a prefix list rule</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>description</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>A brief text description for the prefix list rule</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>ge</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Minimum prefix length to be matched</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>le</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Maximum prefix list length to be matched</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>prefix</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>IPv4 or IPv6 prefix in A.B.C.D/LEN or A:B::C:D/LEN format</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>sequence</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>A numeric identifier for the rule</div>
+ </td>
+ </tr>
+
+ <tr>
+ <td class="elbow-placeholder"></td>
+ <td class="elbow-placeholder"></td>
+ <td colspan="2">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>The name of a defined prefix-list</div>
+ </td>
+ </tr>
+
+
+ <tr>
+ <td colspan="4">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>running_config</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>This option is used only with state <em>parsed</em>.</div>
+ <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep prefix-list</b>.</div>
+ <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module&#x27;s argspec and the value is then returned in the <em>parsed</em> key within the result.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="4">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>state</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li><div style="color: blue"><b>merged</b>&nbsp;&larr;</div></li>
+ <li>replaced</li>
+ <li>overridden</li>
+ <li>deleted</li>
+ <li>gathered</li>
+ <li>rendered</li>
+ <li>parsed</li>
+ </ul>
+ </td>
+ <td>
+ <div>The state the configuration should be left in</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - Tested against VyOS 1.1.8 (helium)
+ - This module works with connection ``network_cli``
+
+
+
+Examples
+--------
+
+.. code-block:: yaml
+
+ # # -------------------
+ # # 1. Using merged
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # vyos@vyos:~$
+
+ # # Task
+ # # -------------
+ # - name: Merge the provided configuration with the existing running configuration
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv4"
+ # prefix_lists:
+ # - name: "AnsibleIPv4PrefixList"
+ # description: "PL configured by ansible"
+ # entries:
+ # - sequence: 2
+ # description: "Rule 2 given by ansible"
+ # action: "permit"
+ # prefix: "92.168.10.0/26"
+ # le: 32
+
+ # - sequence: 3
+ # description: "Rule 3"
+ # action: "deny"
+ # prefix: "72.168.2.0/24"
+ # ge: 26
+
+ # - afi: "ipv6"
+ # prefix_lists:
+ # - name: "AllowIPv6Prefix"
+ # description: "Configured by ansible for allowing IPv6 networks"
+ # entries:
+ # - sequence: 5
+ # description: "Permit rule"
+ # action: "permit"
+ # prefix: "2001:db8:8000::/35"
+ # le: 37
+
+ # - name: DenyIPv6Prefix
+ # description: "Configured by ansible for disallowing IPv6 networks"
+ # entries:
+ # - sequence: 8
+ # action: deny
+ # prefix: "2001:db8:2000::/35"
+ # le: 37
+ # state: merged
+
+ # # Task output:
+ # # -------------
+ # "after": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "before": [],
+ # "changed": true,
+ # "commands": [
+ # "set policy prefix-list AnsibleIPv4PrefixList",
+ # "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'",
+ # "set policy prefix-list6 AllowIPv6Prefix",
+ # "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'",
+ # "set policy prefix-list6 DenyIPv6Prefix",
+ # "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'"
+ # ]
+
+ # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 2. Using replaced
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+ # # Task:
+ # # -------------
+ # - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv4"
+ # prefix_lists:
+ # - name: "AnsibleIPv4PrefixList"
+ # description: "Configuration replaced by ansible"
+ # entries:
+ # - sequence: 3
+ # description: "Rule 3 replaced by ansible"
+ # action: "permit"
+ # prefix: "82.168.2.0/24"
+ # ge: 26
+ # state: replaced
+
+ # # Task output:
+ # # -------------
+ # "after": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "Configuration replaced by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 3 replaced by ansible",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "82.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "before": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "changed": true,
+ # "commands": [
+ # "set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24'",
+ # "delete policy prefix-list AnsibleIPv4PrefixList rule 2"
+ # ]
+
+ # # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 3. Using overridden
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+ # # Task:
+ # # -------------
+ # - name: Override all prefix-lists configuration with provided configuration
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv4"
+ # prefix_lists:
+ # - name: "AnsibleIPv4PrefixList"
+ # description: Rule 2 overridden by ansible
+ # entries:
+ # - sequence: 2
+ # action: "deny"
+ # ge: 26
+ # prefix: "82.168.2.0/24"
+
+ # - name: "OverriddenPrefixList"
+ # description: Configuration overridden by ansible
+ # entries:
+ # - sequence: 10
+ # action: permit
+ # prefix: "203.0.113.96/27"
+ # le: 32
+ # state: overridden
+
+ # # Task output:
+ # # -------------
+ # "after": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "Rule 2 overridden by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "ge": 26,
+ # "sequence": 2,
+ # "prefix": "82.168.2.0/24"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configuration overridden by ansible",
+ # "name": "OverriddenPrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "sequence": 10,
+ # "le": 32,
+ # "prefix": "203.0.113.96/27"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "before": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "changed": true,
+ # "commands": [
+ # "delete policy prefix-list6 AllowIPv6Prefix",
+ # "delete policy prefix-list6 DenyIPv6Prefix",
+ # "set policy prefix-list AnsibleIPv4PrefixList description 'Rule 2 overridden by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny'",
+ # "delete policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26'",
+ # "delete policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24'",
+ # "delete policy prefix-list AnsibleIPv4PrefixList rule 3",
+ # "set policy prefix-list OverriddenPrefixList",
+ # "set policy prefix-list OverriddenPrefixList description 'Configuration overridden by ansible'",
+ # "set policy prefix-list OverriddenPrefixList rule 10",
+ # "set policy prefix-list OverriddenPrefixList rule 10 action 'permit'",
+ # "set policy prefix-list OverriddenPrefixList rule 10 le '32'",
+ # "set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27'"
+ # ]
+
+ # # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'Rule 2 overridden by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24'
+ # set policy prefix-list OverriddenPrefixList description 'Configuration overridden by ansible'
+ # set policy prefix-list OverriddenPrefixList rule 10 action 'permit'
+ # set policy prefix-list OverriddenPrefixList rule 10 le '32'
+ # set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27'
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 4(i). Using deleted (to delete all prefix lists from the device)
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+ # # Task:
+ # # -------------
+ # - name: Delete all prefix-lists
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # state: deleted
+
+ # # Task output:
+ # # -------------
+ # "after": [],
+ # "before": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "changed": true,
+ # "commands": [
+ # "delete policy prefix-list AnsibleIPv4PrefixList",
+ # "delete policy prefix-list6 AllowIPv6Prefix",
+ # "delete policy prefix-list6 DenyIPv6Prefix"
+ # ]
+
+ # # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 4(ii). Using deleted (to delete all prefix lists for an AFI)
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+ # # Task:
+ # # -------------
+ # - name: Delete all prefix-lists for IPv6 AFI
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv6"
+ # state: deleted
+
+ # # Task output:
+ # # -------------
+ # "after": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "before": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "changed": true,
+ # "commands": [
+ # "delete policy prefix-list6 AllowIPv6Prefix",
+ # "delete policy prefix-list6 DenyIPv6Prefix"
+ # ]
+
+ # # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 4(iii). Using deleted (to delete single prefix list by name in different AFIs)
+ # # -------------------
+
+ # # Before state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ # vyos@vyos:~$
+
+ # # Task:
+ # # -------------
+ # - name: Delete a single prefix-list from different AFIs
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv4"
+ # prefix_lists:
+ # - name: "AnsibleIPv4PrefixList"
+ # - afi: "ipv6"
+ # prefix_lists:
+ # - name: "DenyIPv6Prefix"
+ # state: deleted
+
+ # # Task output:
+ # # -------------
+ # "after": [
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "before": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ],
+ # "changed": true,
+ # "commands": [
+ # "delete policy prefix-list AnsibleIPv4PrefixList",
+ # "delete policy prefix-list6 DenyIPv6Prefix"
+ # ]
+
+ # # After state:
+ # # -------------
+ # vyos@vyos:~$ show configuration commands | grep prefix-list
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # vyos@vyos:~$
+
+
+ # # -------------------
+ # # 5. Using gathered
+ # # -------------------
+
+ # # Task:
+ # # -------------
+ # - name: Gather prefix-lists configurations
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # state: gathered
+
+ # # Task output:
+ # # -------------
+ # "gathered": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ]
+
+
+ # # -------------------
+ # # 6. Using rendered
+ # # -------------------
+
+ # # Task:
+ # # -------------
+ # - name: Render commands externally for the described prefix-list configurations
+ # vyos.vyos.vyos_prefix_lists:
+ # config:
+ # - afi: "ipv4"
+ # prefix_lists:
+ # - name: "AnsibleIPv4PrefixList"
+ # description: "PL configured by ansible"
+ # entries:
+ # - sequence: 2
+ # description: "Rule 2 given by ansible"
+ # action: "permit"
+ # prefix: "92.168.10.0/26"
+ # le: 32
+
+ # - sequence: 3
+ # description: "Rule 3"
+ # action: "deny"
+ # prefix: "72.168.2.0/24"
+ # ge: 26
+
+ # - afi: "ipv6"
+ # prefix_lists:
+ # - name: "AllowIPv6Prefix"
+ # description: "Configured by ansible for allowing IPv6 networks"
+ # entries:
+ # - sequence: 5
+ # description: "Permit rule"
+ # action: "permit"
+ # prefix: "2001:db8:8000::/35"
+ # le: 37
+
+ # - name: DenyIPv6Prefix
+ # description: "Configured by ansible for disallowing IPv6 networks"
+ # entries:
+ # - sequence: 8
+ # action: deny
+ # prefix: "2001:db8:2000::/35"
+ # le: 37
+ # state: rendered
+
+ # # Task output:
+ # # -------------
+ # "rendered": [
+ # "set policy prefix-list AnsibleIPv4PrefixList",
+ # "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'",
+ # "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'",
+ # "set policy prefix-list6 AllowIPv6Prefix",
+ # "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'",
+ # "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'",
+ # "set policy prefix-list6 DenyIPv6Prefix",
+ # "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'",
+ # "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'"
+ # ]
+
+
+ # # -------------------
+ # # 7. Using parsed
+ # # -------------------
+
+ # # sample_config.cfg:
+ # # -------------
+ # set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ # set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+ # set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ # set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ # set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ # set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+
+ # # Task:
+ # # -------------
+ # - name: Parse externally provided prefix-lists configuration
+ # vyos.vyos.vyos_prefix_lists:
+ # running_config: "{{ lookup('file', './sample_config.cfg') }}"
+ # state: parsed
+
+ # # Task output:
+ # # -------------
+ # "parsed": [
+ # {
+ # "afi": "ipv4",
+ # "prefix_lists": [
+ # {
+ # "description": "PL configured by ansible",
+ # "name": "AnsibleIPv4PrefixList",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Rule 2 given by ansible",
+ # "sequence": 2,
+ # "le": 32,
+ # "prefix": "92.168.10.0/26"
+ # },
+ # {
+ # "action": "deny",
+ # "description": "Rule 3",
+ # "ge": 26,
+ # "sequence": 3,
+ # "prefix": "72.168.2.0/24"
+ # }
+ # ]
+ # }
+ # ]
+ # },
+ # {
+ # "afi": "ipv6",
+ # "prefix_lists": [
+ # {
+ # "description": "Configured by ansible for allowing IPv6 networks",
+ # "name": "AllowIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "permit",
+ # "description": "Permit rule",
+ # "sequence": 5,
+ # "le": 37,
+ # "prefix": "2001:db8:8000::/35"
+ # }
+ # ]
+ # },
+ # {
+ # "description": "Configured by ansible for disallowing IPv6 networks",
+ # "name": "DenyIPv6Prefix",
+ # "entries": [
+ # {
+ # "action": "deny",
+ # "sequence": 8,
+ # "le": 37,
+ # "prefix": "2001:db8:2000::/35"
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ # ]
+
+
+
+Return Values
+-------------
+Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Key</th>
+ <th>Returned</th>
+ <th width="100%">Description</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>after</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when changed</td>
+ <td>
+ <div>The resulting configuration after the module invocation.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>before</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when state is <em>merged</em>, <em>replaced</em>, <em>overridden</em> or <em>deleted</em></td>
+ <td>
+ <div>The configuration prior to the module invocation.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>commands</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when state is <em>merged</em>, <em>replaced</em>, <em>overridden</em> or <em>deleted</em></td>
+ <td>
+ <div>The set of commands pushed to the remote device for the required configurations to take place.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&quot;set policy prefix-list AnsibleIPv4PrefixList description &#x27;PL configured by ansible&#x27;&quot;, &quot;set policy prefix-list AnsibleIPv4PrefixList rule 2 action &#x27;permit&#x27;&quot;, &quot;set policy prefix-list6 AllowIPv6Prefix description &#x27;Configured by ansible for allowing IPv6 networks&#x27;&quot;]</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>gathered</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when state is <em>gathered</em></td>
+ <td>
+ <div>Facts about the network resource gathered from the remote device as structured data.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>parsed</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when state is <em>parsed</em></td>
+ <td>
+ <div>The device native config provided in <em>running_config</em> option parsed into structured data as per module argspec.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>rendered</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ </div>
+ </td>
+ <td>when state is <em>rendered</em></td>
+ <td>
+ <div>The provided configuration in the task rendered in device-native format (offline).</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&quot;set policy prefix-list AnsibleIPv4PrefixList description &#x27;PL configured by ansible&#x27;&quot;, &quot;set policy prefix-list AnsibleIPv4PrefixList rule 2 action &#x27;permit&#x27;&quot;, &quot;set policy prefix-list6 AllowIPv6Prefix description &#x27;Configured by ansible for allowing IPv6 networks&#x27;&quot;]</div>
+ </td>
+ </tr>
+ </table>
+ <br/><br/>
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Priyam Sahoo (@priyamsahoo)
diff --git a/meta/runtime.yml b/meta/runtime.yml
index f8db7cc..912c896 100644
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -1,5 +1,5 @@
---
-requires_ansible: '>=2.9.10'
+requires_ansible: ">=2.9.10"
plugin_routing:
action:
vyos_banner:
@@ -98,6 +98,10 @@ plugin_routing:
redirect: vyos.vyos.vyos
ping:
redirect: vyos.vyos.vyos
+ vyos_prefix_lists:
+ redirect: vyos.vyos.vyos
+ prefix_lists:
+ redirect: vyos.vyos.vyos
vyos_static_route:
redirect: vyos.vyos.vyos
static_route:
@@ -140,22 +144,22 @@ plugin_routing:
interface:
redirect: vyos.vyos.vyos_interface
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_interface:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
interfaces:
redirect: vyos.vyos.vyos_interfaces
l3_interface:
redirect: vyos.vyos.vyos_l3_interface
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_l3_interface:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
l3_interfaces:
redirect: vyos.vyos.vyos_l3_interfaces
@@ -164,31 +168,31 @@ plugin_routing:
linkagg:
redirect: vyos.vyos.vyos_linkagg
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_linkagg:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
lldp:
redirect: vyos.vyos.vyos_lldp
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_lldp:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
lldp_global:
redirect: vyos.vyos.vyos_lldp_global
lldp_interface:
redirect: vyos.vyos.vyos_lldp_interface
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_lldp_interface:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
lldp_interfaces:
redirect: vyos.vyos.vyos_lldp_interfaces
@@ -202,14 +206,16 @@ plugin_routing:
redirect: vyos.vyos.vyos_ospf_interfaces
ping:
redirect: vyos.vyos.vyos_ping
+ prefix_lists:
+ redirect: vyos.vyos.vyos_prefix_lists
static_route:
redirect: vyos.vyos.vyos_static_route
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
vyos_static_route:
deprecation:
- removal_date: '2022-06-01'
+ removal_date: "2022-06-01"
warning_text: See the plugin documentation for more details
static_routes:
redirect: vyos.vyos.vyos_static_routes
diff --git a/plugins/module_utils/network/vyos/argspec/prefix_lists/__init__.py b/plugins/module_utils/network/vyos/argspec/prefix_lists/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/module_utils/network/vyos/argspec/prefix_lists/__init__.py
diff --git a/plugins/module_utils/network/vyos/argspec/prefix_lists/prefix_lists.py b/plugins/module_utils/network/vyos/argspec/prefix_lists/prefix_lists.py
new file mode 100644
index 0000000..c7d2e98
--- /dev/null
+++ b/plugins/module_utils/network/vyos/argspec/prefix_lists/prefix_lists.py
@@ -0,0 +1,82 @@
+# -*- coding: utf-8 -*-
+# Copyright 2021 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+#############################################
+# WARNING #
+#############################################
+#
+# This file is auto generated by the
+# cli_rm_builder.
+#
+# Manually editing this file is not advised.
+#
+# To update the argspec make the desired changes
+# in the module docstring and re-run
+# cli_rm_builder.
+#
+#############################################
+
+"""
+The arg spec for the vyos_prefix_lists module
+"""
+
+
+class Prefix_listsArgs(object): # pylint: disable=R0903
+ """The arg spec for the vyos_prefix_lists module"""
+
+ argument_spec = {
+ "config": {
+ "type": "list",
+ "elements": "dict",
+ "options": {
+ "afi": {
+ "type": "str",
+ "choices": ["ipv4", "ipv6"],
+ "required": True,
+ },
+ "prefix_lists": {
+ "type": "list",
+ "elements": "dict",
+ "options": {
+ "name": {"type": "str", "required": True},
+ "description": {"type": "str"},
+ "entries": {
+ "type": "list",
+ "elements": "dict",
+ "options": {
+ "sequence": {"type": "int", "required": True},
+ "description": {"type": "str"},
+ "action": {
+ "type": "str",
+ "choices": ["permit", "deny"],
+ },
+ "ge": {"type": "int"},
+ "le": {"type": "int"},
+ "prefix": {"type": "str"},
+ },
+ },
+ },
+ },
+ },
+ },
+ "running_config": {"type": "str"},
+ "state": {
+ "type": "str",
+ "choices": [
+ "merged",
+ "replaced",
+ "overridden",
+ "deleted",
+ "gathered",
+ "rendered",
+ "parsed",
+ ],
+ "default": "merged",
+ },
+ } # pylint: disable=C0301
diff --git a/plugins/module_utils/network/vyos/config/prefix_lists/__init__.py b/plugins/module_utils/network/vyos/config/prefix_lists/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/module_utils/network/vyos/config/prefix_lists/__init__.py
diff --git a/plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py b/plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py
new file mode 100644
index 0000000..b2c119d
--- /dev/null
+++ b/plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py
@@ -0,0 +1,182 @@
+#
+# -*- coding: utf-8 -*-
+# Copyright 2021 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+#
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+"""
+The vyos_prefix_lists config file.
+It is in this file where the current configuration (as dict)
+is compared to the provided configuration (as dict) and the command set
+necessary to bring the current configuration to its desired end-state is
+created.
+"""
+
+
+from ansible.module_utils.six import iteritems
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.utils import (
+ dict_merge,
+)
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module import (
+ ResourceModule,
+)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.facts import (
+ Facts,
+)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.prefix_lists import (
+ Prefix_listsTemplate,
+)
+
+
+class Prefix_lists(ResourceModule):
+ """
+ The vyos_prefix_lists config class
+ """
+
+ def __init__(self, module):
+ super(Prefix_lists, self).__init__(
+ empty_fact_val=[],
+ facts_module=Facts(module),
+ module=module,
+ resource="prefix_lists",
+ tmplt=Prefix_listsTemplate(),
+ )
+ self.plist_parsers = [
+ "name",
+ "description",
+ ]
+ self.entries_parsers = [
+ "sequence",
+ "action",
+ "rule_description",
+ "ge",
+ "le",
+ "prefix",
+ ]
+
+ def execute_module(self):
+ """Execute the module
+
+ :rtype: A dictionary
+ :returns: The result from module execution
+ """
+ if self.state not in ["parsed", "gathered"]:
+ self.generate_commands()
+ self.run_commands()
+ return self.result
+
+ def generate_commands(self):
+ """Generate configuration commands to send based on
+ want, have and desired state.
+ """
+ wantd = {entry["afi"]: entry for entry in self.want}
+ haved = {entry["afi"]: entry for entry in self.have}
+
+ self._prefix_list_list_to_dict(wantd)
+ self._prefix_list_list_to_dict(haved)
+
+ # if state is merged, merge want onto have and then compare
+ if self.state == "merged":
+ wantd = dict_merge(haved, wantd)
+
+ # if state is deleted, empty out wantd and set haved to wantd
+ if self.state == "deleted":
+ haved = {
+ k: v for k, v in iteritems(haved) if k in wantd or not wantd
+ }
+ for key, hvalue in iteritems(haved):
+ wvalue = wantd.pop(key, {})
+ if wvalue:
+ wplists = wvalue.get("prefix_lists", {})
+ hplists = hvalue.get("prefix_lists", {})
+ hvalue["prefix_lists"] = {
+ k: v
+ for k, v in iteritems(hplists)
+ if k in wplists or not wplists
+ }
+
+ # remove superfluous config for overridden and deleted
+ if self.state in ["overridden", "deleted"]:
+ for k, have in iteritems(haved):
+ if k not in wantd:
+ self._compare(want={}, have=have)
+
+ for k, want in iteritems(wantd):
+ self._compare(want=want, have=haved.pop(k, {}))
+
+ def _compare(self, want, have):
+ """Leverages the base class `compare()` method and
+ populates the list of commands to be run by comparing
+ the `want` and `have` data with the `parsers` defined
+ for the Prefix_lists network resource.
+ """
+ wplists = want.get("prefix_lists", {})
+ hplists = have.get("prefix_lists", {})
+
+ self._compare_plists(want=wplists, have=hplists)
+
+ if self.state in ["overridden", "deleted"]:
+ # remove remaining prefix lists
+ for h in hplists.values():
+ self.commands.append(
+ "delete policy prefix-{0} {1}".format(
+ "list" if h["afi"] == "ipv4" else "list6", h["name"]
+ )
+ )
+
+ def _compare_plists(self, want, have):
+ for wk, wentry in iteritems(want):
+ hentry = have.pop(wk, {})
+
+ # parser list for name and descriptions
+ self.compare(
+ parsers=self.plist_parsers,
+ want=wentry,
+ have=hentry,
+ )
+
+ wplrules = wentry.get("entries", {})
+ hplrules = hentry.get("entries", {})
+
+ self._compare_rules(want=wplrules, have=hplrules)
+
+ def _compare_rules(self, want, have):
+ for wr, wrule in iteritems(want):
+ hrule = have.pop(wr, {})
+
+ # parser list for entries
+ self.compare(
+ parsers=self.entries_parsers,
+ want=wrule,
+ have=hrule,
+ )
+
+ # remove remaining entries
+ for hr in have.values():
+ self.commands.append(
+ "delete policy prefix-{0} {1} rule {2}".format(
+ "list" if hr["afi"] == "ipv4" else "list6",
+ hr["name"],
+ hr["sequence"],
+ )
+ )
+
+ def _prefix_list_list_to_dict(self, entry):
+ for afi, value in iteritems(entry):
+ if "prefix_lists" in value:
+ for pl in value["prefix_lists"]:
+ pl.update({"afi": afi})
+ if "entries" in pl:
+ for entry in pl["entries"]:
+ entry.update({"afi": afi, "name": pl["name"]})
+ pl["entries"] = {
+ x["sequence"]: x for x in pl["entries"]
+ }
+ value["prefix_lists"] = {
+ entry["name"]: entry for entry in value["prefix_lists"]
+ }
diff --git a/plugins/module_utils/network/vyos/facts/facts.py b/plugins/module_utils/network/vyos/facts/facts.py
index 81518f8..90ee03c 100644
--- a/plugins/module_utils/network/vyos/facts/facts.py
+++ b/plugins/module_utils/network/vyos/facts/facts.py
@@ -58,6 +58,9 @@ from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.bgp_a
from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.route_maps.route_maps import (
Route_mapsFacts,
)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.prefix_lists.prefix_lists import (
+ Prefix_listsFacts,
+)
from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.legacy.base import (
Default,
Neighbors,
@@ -82,6 +85,7 @@ FACT_RESOURCE_SUBSETS = dict(
bgp_global=Bgp_globalFacts,
bgp_address_family=Bgp_address_familyFacts,
route_maps=Route_mapsFacts,
+ prefix_lists=Prefix_listsFacts,
)
diff --git a/plugins/module_utils/network/vyos/facts/prefix_lists/__init__.py b/plugins/module_utils/network/vyos/facts/prefix_lists/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/module_utils/network/vyos/facts/prefix_lists/__init__.py
diff --git a/plugins/module_utils/network/vyos/facts/prefix_lists/prefix_lists.py b/plugins/module_utils/network/vyos/facts/prefix_lists/prefix_lists.py
new file mode 100644
index 0000000..15a2db9
--- /dev/null
+++ b/plugins/module_utils/network/vyos/facts/prefix_lists/prefix_lists.py
@@ -0,0 +1,93 @@
+# -*- coding: utf-8 -*-
+# Copyright 2021 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+"""
+The vyos prefix_lists fact class
+It is in this file the configuration is collected from the device
+for a given resource, parsed, and the facts tree is populated
+based on the configuration.
+"""
+
+
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import (
+ utils,
+)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.prefix_lists import (
+ Prefix_listsTemplate,
+)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.argspec.prefix_lists.prefix_lists import (
+ Prefix_listsArgs,
+)
+
+
+class Prefix_listsFacts(object):
+ """The vyos prefix_lists facts class"""
+
+ def __init__(self, module, subspec="config", options="options"):
+ self._module = module
+ self.argument_spec = Prefix_listsArgs.argument_spec
+
+ def get_config(self, connection):
+ return connection.get("show configuration commands | grep prefix-list")
+
+ def populate_facts(self, connection, ansible_facts, data=None):
+ """Populate the facts for Prefix_lists network resource
+
+ :param connection: the device connection
+ :param ansible_facts: Facts dictionary
+ :param data: previously collected conf
+
+ :rtype: dictionary
+ :returns: facts
+ """
+ facts = {}
+ objs = []
+
+ if not data:
+ data = self.get_config(connection)
+
+ # parse native config using the Prefix_lists template
+ prefix_lists_parser = Prefix_listsTemplate(
+ lines=data.splitlines(), module=self._module
+ )
+
+ objs = prefix_lists_parser.parse()
+ objs = sorted(
+ list(objs.values()),
+ key=lambda k: k["afi"],
+ )
+
+ if objs:
+ for item in objs:
+ item["prefix_lists"] = sorted(
+ list(item["prefix_lists"].values()),
+ key=lambda k: k["name"],
+ )
+ for pl in item["prefix_lists"]:
+ if "entries" in pl:
+ pl["entries"] = sorted(
+ list(pl["entries"].values()),
+ key=lambda k: k["sequence"],
+ )
+
+ ansible_facts["ansible_network_resources"].pop("prefix_lists", None)
+
+ params = utils.remove_empties(
+ prefix_lists_parser.validate_config(
+ self.argument_spec, {"config": objs}, redact=True
+ )
+ )
+
+ if params.get("config"):
+ facts["prefix_lists"] = params["config"]
+ else:
+ facts["prefix_lists"] = []
+ ansible_facts["ansible_network_resources"].update(facts)
+
+ return ansible_facts
diff --git a/plugins/module_utils/network/vyos/rm_templates/prefix_lists.py b/plugins/module_utils/network/vyos/rm_templates/prefix_lists.py
new file mode 100644
index 0000000..9a66a8d
--- /dev/null
+++ b/plugins/module_utils/network/vyos/rm_templates/prefix_lists.py
@@ -0,0 +1,265 @@
+# -*- coding: utf-8 -*-
+# Copyright 2021 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+"""
+The Prefix_lists parser templates file. This contains
+a list of parser definitions and associated functions that
+facilitates both facts gathering and native command generation for
+the given network resource.
+"""
+
+import re
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.network_template import (
+ NetworkTemplate,
+)
+
+
+class Prefix_listsTemplate(NetworkTemplate):
+ def __init__(self, lines=None, module=None):
+ prefix = {"set": "set", "remove": "delete"}
+ super(Prefix_listsTemplate, self).__init__(
+ lines=lines, tmplt=self, module=module, prefix=prefix
+ )
+
+ # fmt: off
+ PARSERS = [
+ # policy prefix-list <list-name>
+ {
+ "name": "name",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }}",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> description <desc>
+ {
+ "name": "description",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \sdescription\s'(?P<description>.+)'
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} description '{{ description }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "description": "{{ description }}"
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num>
+ {
+ "name": "sequence",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }}",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num> action
+ {
+ "name": "action",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ \saction\s'(?P<action>permit|deny)'
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }} action '{{ action }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}",
+ "action": "{{ action }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num> description <desc>
+ {
+ "name": "rule_description",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ \sdescription\s'(?P<rule_description>.+)'
+ $""", re.VERBOSE),
+ "compval": "description",
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }} description '{{ description }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}",
+ "description": "{{ rule_description }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num> ge <value>
+ {
+ "name": "ge",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ \sge\s'(?P<ge>\d+)'
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }} ge '{{ ge }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}",
+ "ge": "{{ ge }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num> le <value>
+ {
+ "name": "le",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ \sle\s'(?P<le>\d+)'
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }} le '{{ le }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}",
+ "le": "{{ le }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+
+ # policy prefix-list <list-name> rule <rule-num> prefix <ip>
+ {
+ "name": "prefix",
+ "getval": re.compile(
+ r"""
+ ^set
+ \spolicy
+ \sprefix-(?P<afi>\S+)
+ \s(?P<name>\S+)
+ \srule\s(?P<sequence>\d+)
+ \sprefix\s'(?P<prefix>\S+)'
+ $""", re.VERBOSE),
+ "setval": "policy prefix-{{ 'list' if afi == 'ipv4' else 'list6' }} {{ name }} rule {{ sequence }} prefix '{{ prefix }}'",
+ "result": {
+ "{{ 'ipv4' if afi == 'list' else 'ipv6' }}": {
+ "afi": "{{ 'ipv4' if afi == 'list' else 'ipv6' }}",
+ "prefix_lists": {
+ "{{ name }}": {
+ "name": "{{ name }}",
+ "entries": {
+ "{{ sequence }}": {
+ "sequence": "{{ sequence }}",
+ "prefix": "{{ prefix }}"
+ }
+ }
+ }
+ }
+ }
+ },
+ },
+ ]
+ # fmt: on
diff --git a/plugins/modules/vyos_prefix_lists.py b/plugins/modules/vyos_prefix_lists.py
new file mode 100644
index 0000000..8b67caf
--- /dev/null
+++ b/plugins/modules/vyos_prefix_lists.py
@@ -0,0 +1,1329 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright 2021 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+"""
+The module file for vyos_prefix_lists
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+DOCUMENTATION = """
+module: vyos_prefix_lists
+short_description: Prefix-Lists resource module for VyOS
+description:
+ - This module manages prefix-lists configuration on devices running VyOS
+version_added: 2.4.0
+author: Priyam Sahoo (@priyamsahoo)
+notes:
+ - Tested against VyOS 1.1.8 (helium)
+ - This module works with connection C(network_cli)
+options:
+ config:
+ description: A list of prefix-list options
+ type: list
+ elements: dict
+ suboptions:
+ afi:
+ description: The Address Family Indicator (AFI) for the prefix-lists
+ type: str
+ choices: ["ipv4", "ipv6"]
+ required: true
+ prefix_lists:
+ description: A list of prefix-list configurations
+ type: list
+ elements: dict
+ suboptions:
+ name:
+ description: The name of a defined prefix-list
+ type: str
+ required: true
+ description:
+ description: A brief text description for the prefix-list
+ type: str
+ entries:
+ description: Rule configurations for the prefix-list
+ type: list
+ elements: dict
+ suboptions:
+ sequence:
+ description: A numeric identifier for the rule
+ type: int
+ required: true
+ description:
+ description: A brief text description for the prefix list rule
+ type: str
+ action:
+ description: The action to be taken for packets matching a prefix list rule
+ type: str
+ choices: ["permit", "deny"]
+ ge:
+ description: Minimum prefix length to be matched
+ type: int
+ le:
+ description: Maximum prefix list length to be matched
+ type: int
+ prefix:
+ description: IPv4 or IPv6 prefix in A.B.C.D/LEN or A:B::C:D/LEN format
+ type: str
+ running_config:
+ description:
+ - This option is used only with state I(parsed).
+ - The value of this option should be the output received from the VyOS device
+ by executing the command B(show configuration commands | grep prefix-list).
+ - The state I(parsed) reads the configuration from C(running_config) option and
+ transforms it into Ansible structured data as per the resource module's argspec
+ and the value is then returned in the I(parsed) key within the result.
+ type: str
+ state:
+ description:
+ - The state the configuration should be left in
+ type: str
+ choices:
+ - merged
+ - replaced
+ - overridden
+ - deleted
+ - gathered
+ - rendered
+ - parsed
+ default: merged
+"""
+
+EXAMPLES = """
+# # -------------------
+# # 1. Using merged
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# vyos@vyos:~$
+
+# # Task
+# # -------------
+# - name: Merge the provided configuration with the existing running configuration
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv4"
+# prefix_lists:
+# - name: "AnsibleIPv4PrefixList"
+# description: "PL configured by ansible"
+# entries:
+# - sequence: 2
+# description: "Rule 2 given by ansible"
+# action: "permit"
+# prefix: "92.168.10.0/26"
+# le: 32
+
+# - sequence: 3
+# description: "Rule 3"
+# action: "deny"
+# prefix: "72.168.2.0/24"
+# ge: 26
+
+# - afi: "ipv6"
+# prefix_lists:
+# - name: "AllowIPv6Prefix"
+# description: "Configured by ansible for allowing IPv6 networks"
+# entries:
+# - sequence: 5
+# description: "Permit rule"
+# action: "permit"
+# prefix: "2001:db8:8000::/35"
+# le: 37
+
+# - name: DenyIPv6Prefix
+# description: "Configured by ansible for disallowing IPv6 networks"
+# entries:
+# - sequence: 8
+# action: deny
+# prefix: "2001:db8:2000::/35"
+# le: 37
+# state: merged
+
+# # Task output:
+# # -------------
+# "after": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "before": [],
+# "changed": true,
+# "commands": [
+# "set policy prefix-list AnsibleIPv4PrefixList",
+# "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'",
+# "set policy prefix-list6 AllowIPv6Prefix",
+# "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'",
+# "set policy prefix-list6 DenyIPv6Prefix",
+# "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'"
+# ]
+
+# After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 2. Using replaced
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+# # Task:
+# # -------------
+# - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv4"
+# prefix_lists:
+# - name: "AnsibleIPv4PrefixList"
+# description: "Configuration replaced by ansible"
+# entries:
+# - sequence: 3
+# description: "Rule 3 replaced by ansible"
+# action: "permit"
+# prefix: "82.168.2.0/24"
+# ge: 26
+# state: replaced
+
+# # Task output:
+# # -------------
+# "after": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "Configuration replaced by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 3 replaced by ansible",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "82.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "before": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "changed": true,
+# "commands": [
+# "set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24'",
+# "delete policy prefix-list AnsibleIPv4PrefixList rule 2"
+# ]
+
+# # After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 3. Using overridden
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+# # Task:
+# # -------------
+# - name: Override all prefix-lists configuration with provided configuration
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv4"
+# prefix_lists:
+# - name: "AnsibleIPv4PrefixList"
+# description: Rule 2 overridden by ansible
+# entries:
+# - sequence: 2
+# action: "deny"
+# ge: 26
+# prefix: "82.168.2.0/24"
+
+# - name: "OverriddenPrefixList"
+# description: Configuration overridden by ansible
+# entries:
+# - sequence: 10
+# action: permit
+# prefix: "203.0.113.96/27"
+# le: 32
+# state: overridden
+
+# # Task output:
+# # -------------
+# "after": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "Rule 2 overridden by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "deny",
+# "ge": 26,
+# "sequence": 2,
+# "prefix": "82.168.2.0/24"
+# }
+# ]
+# },
+# {
+# "description": "Configuration overridden by ansible",
+# "name": "OverriddenPrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "sequence": 10,
+# "le": 32,
+# "prefix": "203.0.113.96/27"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "before": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "changed": true,
+# "commands": [
+# "delete policy prefix-list6 AllowIPv6Prefix",
+# "delete policy prefix-list6 DenyIPv6Prefix",
+# "set policy prefix-list AnsibleIPv4PrefixList description 'Rule 2 overridden by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny'",
+# "delete policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26'",
+# "delete policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24'",
+# "delete policy prefix-list AnsibleIPv4PrefixList rule 3",
+# "set policy prefix-list OverriddenPrefixList",
+# "set policy prefix-list OverriddenPrefixList description 'Configuration overridden by ansible'",
+# "set policy prefix-list OverriddenPrefixList rule 10",
+# "set policy prefix-list OverriddenPrefixList rule 10 action 'permit'",
+# "set policy prefix-list OverriddenPrefixList rule 10 le '32'",
+# "set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27'"
+# ]
+
+# # After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'Rule 2 overridden by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24'
+# set policy prefix-list OverriddenPrefixList description 'Configuration overridden by ansible'
+# set policy prefix-list OverriddenPrefixList rule 10 action 'permit'
+# set policy prefix-list OverriddenPrefixList rule 10 le '32'
+# set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27'
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 4(i). Using deleted (to delete all prefix lists from the device)
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+# # Task:
+# # -------------
+# - name: Delete all prefix-lists
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# state: deleted
+
+# # Task output:
+# # -------------
+# "after": [],
+# "before": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "changed": true,
+# "commands": [
+# "delete policy prefix-list AnsibleIPv4PrefixList",
+# "delete policy prefix-list6 AllowIPv6Prefix",
+# "delete policy prefix-list6 DenyIPv6Prefix"
+# ]
+
+# # After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 4(ii). Using deleted (to delete all prefix lists for an AFI)
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+# # Task:
+# # -------------
+# - name: Delete all prefix-lists for IPv6 AFI
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv6"
+# state: deleted
+
+# # Task output:
+# # -------------
+# "after": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "before": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "changed": true,
+# "commands": [
+# "delete policy prefix-list6 AllowIPv6Prefix",
+# "delete policy prefix-list6 DenyIPv6Prefix"
+# ]
+
+# # After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 4(iii). Using deleted (to delete single prefix list by name in different AFIs)
+# # -------------------
+
+# # Before state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+# vyos@vyos:~$
+
+# # Task:
+# # -------------
+# - name: Delete a single prefix-list from different AFIs
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv4"
+# prefix_lists:
+# - name: "AnsibleIPv4PrefixList"
+# - afi: "ipv6"
+# prefix_lists:
+# - name: "DenyIPv6Prefix"
+# state: deleted
+
+# # Task output:
+# # -------------
+# "after": [
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "before": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ],
+# "changed": true,
+# "commands": [
+# "delete policy prefix-list AnsibleIPv4PrefixList",
+# "delete policy prefix-list6 DenyIPv6Prefix"
+# ]
+
+# # After state:
+# # -------------
+# vyos@vyos:~$ show configuration commands | grep prefix-list
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# vyos@vyos:~$
+
+
+# # -------------------
+# # 5. Using gathered
+# # -------------------
+
+# # Task:
+# # -------------
+# - name: Gather prefix-lists configurations
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# state: gathered
+
+# # Task output:
+# # -------------
+# "gathered": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ]
+
+
+# # -------------------
+# # 6. Using rendered
+# # -------------------
+
+# # Task:
+# # -------------
+# - name: Render commands externally for the described prefix-list configurations
+# vyos.vyos.vyos_prefix_lists:
+# config:
+# - afi: "ipv4"
+# prefix_lists:
+# - name: "AnsibleIPv4PrefixList"
+# description: "PL configured by ansible"
+# entries:
+# - sequence: 2
+# description: "Rule 2 given by ansible"
+# action: "permit"
+# prefix: "92.168.10.0/26"
+# le: 32
+
+# - sequence: 3
+# description: "Rule 3"
+# action: "deny"
+# prefix: "72.168.2.0/24"
+# ge: 26
+
+# - afi: "ipv6"
+# prefix_lists:
+# - name: "AllowIPv6Prefix"
+# description: "Configured by ansible for allowing IPv6 networks"
+# entries:
+# - sequence: 5
+# description: "Permit rule"
+# action: "permit"
+# prefix: "2001:db8:8000::/35"
+# le: 37
+
+# - name: DenyIPv6Prefix
+# description: "Configured by ansible for disallowing IPv6 networks"
+# entries:
+# - sequence: 8
+# action: deny
+# prefix: "2001:db8:2000::/35"
+# le: 37
+# state: rendered
+
+# # Task output:
+# # -------------
+# "rendered": [
+# "set policy prefix-list AnsibleIPv4PrefixList",
+# "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'",
+# "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'",
+# "set policy prefix-list6 AllowIPv6Prefix",
+# "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'",
+# "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'",
+# "set policy prefix-list6 DenyIPv6Prefix",
+# "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'",
+# "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'"
+# ]
+
+
+# # -------------------
+# # 7. Using parsed
+# # -------------------
+
+# # sample_config.cfg:
+# # -------------
+# set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+# set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+# set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+# set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+# set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+# set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+# set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+
+# # Task:
+# # -------------
+# - name: Parse externally provided prefix-lists configuration
+# vyos.vyos.vyos_prefix_lists:
+# running_config: "{{ lookup('file', './sample_config.cfg') }}"
+# state: parsed
+
+# # Task output:
+# # -------------
+# "parsed": [
+# {
+# "afi": "ipv4",
+# "prefix_lists": [
+# {
+# "description": "PL configured by ansible",
+# "name": "AnsibleIPv4PrefixList",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Rule 2 given by ansible",
+# "sequence": 2,
+# "le": 32,
+# "prefix": "92.168.10.0/26"
+# },
+# {
+# "action": "deny",
+# "description": "Rule 3",
+# "ge": 26,
+# "sequence": 3,
+# "prefix": "72.168.2.0/24"
+# }
+# ]
+# }
+# ]
+# },
+# {
+# "afi": "ipv6",
+# "prefix_lists": [
+# {
+# "description": "Configured by ansible for allowing IPv6 networks",
+# "name": "AllowIPv6Prefix",
+# "entries": [
+# {
+# "action": "permit",
+# "description": "Permit rule",
+# "sequence": 5,
+# "le": 37,
+# "prefix": "2001:db8:8000::/35"
+# }
+# ]
+# },
+# {
+# "description": "Configured by ansible for disallowing IPv6 networks",
+# "name": "DenyIPv6Prefix",
+# "entries": [
+# {
+# "action": "deny",
+# "sequence": 8,
+# "le": 37,
+# "prefix": "2001:db8:2000::/35"
+# }
+# ]
+# }
+# ]
+# }
+# ]
+
+"""
+
+RETURN = """
+
+before:
+ description: The configuration prior to the module invocation.
+ returned: when state is I(merged), I(replaced), I(overridden) or I(deleted)
+ type: list
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+after:
+ description: The resulting configuration after the module invocation.
+ returned: when changed
+ type: list
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+commands:
+ description: The set of commands pushed to the remote device for the required configurations to take place.
+ returned: when state is I(merged), I(replaced), I(overridden) or I(deleted)
+ type: list
+ sample:
+ - set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ - set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+rendered:
+ description: The provided configuration in the task rendered in device-native format (offline).
+ returned: when state is I(rendered)
+ type: list
+ sample:
+ - set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ - set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+gathered:
+ description: Facts about the network resource gathered from the remote device as structured data.
+ returned: when state is I(gathered)
+ type: list
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+parsed:
+ description: The device native config provided in I(running_config) option parsed into structured data as per module argspec.
+ returned: when state is I(parsed)
+ type: list
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+
+"""
+
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.argspec.prefix_lists.prefix_lists import (
+ Prefix_listsArgs,
+)
+from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.config.prefix_lists.prefix_lists import (
+ Prefix_lists,
+)
+
+
+def main():
+ """
+ Main entry point for module execution
+
+ :returns: the result form module invocation
+ """
+ module = AnsibleModule(
+ argument_spec=Prefix_listsArgs.argument_spec,
+ mutually_exclusive=[["config", "running_config"]],
+ required_if=[
+ ["state", "merged", ["config"]],
+ ["state", "replaced", ["config"]],
+ ["state", "overridden", ["config"]],
+ ["state", "rendered", ["config"]],
+ ["state", "parsed", ["running_config"]],
+ ],
+ supports_check_mode=True,
+ )
+
+ result = Prefix_lists(module).execute_module()
+ module.exit_json(**result)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml b/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml
new file mode 100644
index 0000000..164afea
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml
@@ -0,0 +1,3 @@
+---
+testcase: "[^_].*"
+test_items: []
diff --git a/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml b/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml
new file mode 100644
index 0000000..93eb2fe
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml
@@ -0,0 +1,19 @@
+---
+- name: Collect all cli test cases
+ find:
+ paths: '{{ role_path }}/tests/cli'
+ patterns: '{{ testcase }}.yaml'
+ use_regex: true
+ register: test_cases
+ delegate_to: localhost
+
+- name: Set test_items
+ set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
+
+- name: Run test case (connection=ansible.netcommon.network_cli)
+ include: '{{ test_case_to_run }}'
+ vars:
+ ansible_connection: ansible.netcommon.network_cli
+ with_items: '{{ test_items }}'
+ loop_control:
+ loop_var: test_case_to_run
diff --git a/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml b/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml
new file mode 100644
index 0000000..b957d2f
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml
@@ -0,0 +1,4 @@
+---
+- include: cli.yaml
+ tags:
+ - network_cli
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg b/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg
new file mode 100644
index 0000000..25744b3
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg
@@ -0,0 +1,18 @@
+set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35' \ No newline at end of file
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml
new file mode 100644
index 0000000..9be477d
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml
@@ -0,0 +1,22 @@
+---
+- name: Populate config
+ vyos.vyos.vyos_config:
+ lines:
+ - "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'"
+ - "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'"
+ - "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'"
+ - "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'"
+ - "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'"
+ - "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'"
+ - "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'"
+ - "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'"
+ - "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'"
+ - "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'"
+ - "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'"
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml
new file mode 100644
index 0000000..f0777b6
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml
@@ -0,0 +1,11 @@
+---
+- name: Remove pre-existing prefix-list configurations
+ vyos.vyos.vyos_config:
+ lines:
+ - delete policy prefix-list AnsibleIPv4PrefixList
+ - delete policy prefix-list OverriddenPrefixList
+ - delete policy prefix-list6 AllowIPv6Prefix
+ - delete policy prefix-list6 DenyIPv6Prefix
+ ignore_errors: true
+ vars:
+ ansible_connection: ansible.netcommon.network_cli
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml
new file mode 100644
index 0000000..9209fad
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml
@@ -0,0 +1,108 @@
+---
+- debug:
+ msg: START vyos_prefix_lists deleted integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- include_tasks: _populate_config.yaml
+
+- block:
+ # Delete all prefix-lists
+ - name: Delete all prefix-lists
+ register: result
+ vyos.vyos.vyos_prefix_lists: &id006
+ config:
+ state: deleted
+
+ - name: Assert that before dicts are correctly generated
+ assert:
+ that:
+ - "{{ result['before'][0] == merged['after'][0] }}"
+ - "{{ result['before'][1] == merged['after'][1] }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - "{{ deleted['commands'] | symmetric_difference(result['commands']) |length\
+ \ == 0 }}"
+
+ - name: Assert that after dict is correctly generated
+ assert:
+ that:
+ - result["after"] == []
+
+ - name: Delete all prefix-lists (IDEMPOTENT)
+ register: result
+ vyos.vyos.vyos_prefix_lists: *id006
+
+ - name: Assert that task was idempotent
+ assert:
+ that:
+ - result['changed'] == false
+ - result.commands|length == 0
+
+ - include_tasks: _remove_config.yaml
+
+ - include_tasks: _populate_config.yaml
+
+ # Delete all prefix-lists for an AFI
+ - name: Delete all prefix-lists for IPv6 AFI
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ - afi: "ipv6"
+ state: deleted
+
+ - name: Assert that before dicts are correctly generated
+ assert:
+ that:
+ - "{{ result['before'][0] == merged['after'][0] }}"
+ - "{{ result['before'][1] == merged['after'][1] }}"
+ - "{{ result['before']|length == 2 }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - '"delete policy prefix-list6 AllowIPv6Prefix" in result.commands'
+ - '"delete policy prefix-list6 DenyIPv6Prefix" in result.commands'
+ - result.commands|length == 2
+
+ - name: Assert that after dict is correctly generated
+ assert:
+ that:
+ - result["after"][0] == merged["after"][0]
+ - result["after"]|length == 1
+
+ - include_tasks: _remove_config.yaml
+
+ - include_tasks: _populate_config.yaml
+
+ # Delete single prefix-list from different AFIs
+ - name: Delete a single prefix-list from different AFIs
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ - afi: "ipv6"
+ prefix_lists:
+ - name: "DenyIPv6Prefix"
+ state: deleted
+
+ - name: Assert that before dicts are correctly generated
+ assert:
+ that:
+ - "{{ result['before'][0] == merged['after'][0] }}"
+ - "{{ result['before'][1] == merged['after'][1] }}"
+ - "{{ result['before']|length == 2 }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - '"delete policy prefix-list AnsibleIPv4PrefixList" in result.commands'
+ - '"delete policy prefix-list6 DenyIPv6Prefix" in result.commands'
+ - result.commands|length == 2
+
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml
new file mode 100644
index 0000000..70ac937
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml
@@ -0,0 +1,58 @@
+---
+- debug:
+ msg: START vyos_prefix_lists empty_config integration tests on connection={{ ansible_connection }}
+
+- name: Merged with empty config should give appropriate error message
+ register: result
+ ignore_errors: true
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ state: merged
+
+- assert:
+ that:
+ - result.msg == 'value of config parameter must not be empty for state merged'
+
+- name: Replaced with empty config should give appropriate error message
+ register: result
+ ignore_errors: true
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ state: replaced
+
+- assert:
+ that:
+ - result.msg == 'value of config parameter must not be empty for state replaced'
+
+- name: Overridden with empty config should give appropriate error message
+ register: result
+ ignore_errors: true
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ state: overridden
+
+- assert:
+ that:
+ - result.msg == 'value of config parameter must not be empty for state overridden'
+
+- name: Rendered with empty config should give appropriate error message
+ register: result
+ ignore_errors: true
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ state: rendered
+
+- assert:
+ that:
+ - result.msg == 'value of config parameter must not be empty for state rendered'
+
+- name: Parsed with empty config should give appropriate error message
+ register: result
+ ignore_errors: true
+ vyos.vyos.vyos_prefix_lists:
+ running_config:
+ state: parsed
+
+- assert:
+ that:
+ - result.msg == 'value of running_config parameter must not be empty for state parsed'
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml
new file mode 100644
index 0000000..ef23bcc
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml
@@ -0,0 +1,24 @@
+---
+- debug:
+ msg: START vyos_prefix_lists gathered integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- include_tasks: _populate_config.yaml
+
+- block:
+ - name: Gather prefix-lists configurations
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ state: gathered
+
+ - name: Assert that facts are correctly generated
+ assert:
+ that:
+ - result["gathered"][0] == merged["after"][0]
+ - result["gathered"][1] == merged["after"][1]
+ - result['gathered']|length == 2
+
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml
new file mode 100644
index 0000000..ef94743
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml
@@ -0,0 +1,77 @@
+---
+- debug:
+ msg: START vyos_prefix_lists merged integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- block:
+ - name: Merge the provided configuration with the existing running configuration
+ register: result
+ vyos.vyos.vyos_prefix_lists: &id001
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: "PL configured by ansible"
+ entries:
+ - sequence: 2
+ description: "Rule 2 given by ansible"
+ action: "permit"
+ prefix: "92.168.10.0/26"
+ le: 32
+
+ - sequence: 3
+ description: "Rule 3"
+ action: "deny"
+ prefix: "72.168.2.0/24"
+ ge: 26
+
+ - afi: "ipv6"
+ prefix_lists:
+ - name: "AllowIPv6Prefix"
+ description: "Configured by ansible for allowing IPv6 networks"
+ entries:
+ - sequence: 5
+ description: "Permit rule"
+ action: "permit"
+ prefix: "2001:db8:8000::/35"
+ le: 37
+
+ - name: DenyIPv6Prefix
+ description: "Configured by ansible for disallowing IPv6 networks"
+ entries:
+ - sequence: 8
+ action: deny
+ prefix: "2001:db8:2000::/35"
+ le: 37
+ state: merged
+
+ - name: Assert that before dicts were correctly generated
+ assert:
+ that: "{{ result['before'] == [] }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - "{{ merged['commands'] | symmetric_difference(result['commands']) |length\
+ \ == 0 }}"
+
+ - name: Assert that after dicts were correctly generated
+ assert:
+ that:
+ - "{{ result['after'][0] == merged['after'][0] }}"
+ - "{{ result['after'][1] == merged['after'][1] }}"
+ - "{{ result['after']|length == 2 }}"
+
+ - name: Merge the provided configuration with the existing running configuration (IDEMPOTENT)
+ vyos.vyos.vyos_prefix_lists: *id001
+ register: result
+
+ - name: Assert that the previous task was idempotent
+ assert:
+ that:
+ - result['changed'] == false
+ - result.commands|length == 0
+
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml
new file mode 100644
index 0000000..7bcd26b
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml
@@ -0,0 +1,61 @@
+---
+- debug:
+ msg: START vyos_prefix_lists overridden integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- include_tasks: _populate_config.yaml
+
+- block:
+ - name: Override all prefix-lists configuration with provided configuration
+ register: result
+ vyos.vyos.vyos_prefix_lists: &id003
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: Rule 3 overridden by ansible
+ entries:
+ - sequence: 2
+ action: "deny"
+ ge: 26
+ prefix: "82.168.2.0/24"
+
+ - name: "OverriddenPrefixList"
+ description: Configuration overridden by ansible
+ entries:
+ - sequence: 10
+ action: permit
+ prefix: "203.0.113.96/27"
+ le: 32
+ state: overridden
+
+ - name: Assert that before dicts were correctly generated
+ assert:
+ that:
+ - "{{ result['before'][0] == merged['after'][0] }}"
+ - "{{ result['before'][1] == merged['after'][1] }}"
+ - "{{ result['before']|length == 2 }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - "{{ overridden['commands'] | symmetric_difference(result['commands']) |length\
+ \ == 0 }}"
+
+ - name: Assert that after dicts were correctly generated
+ assert:
+ that:
+ - "{{ overridden['after'][0] == result['after'][0] }}"
+
+ - name: Override all prefix-lists configuration with provided configuration (IDEMPOTENT)
+ register: result
+ vyos.vyos.vyos_prefix_lists: *id003
+
+ - name: Assert that task was idempotent
+ assert:
+ that:
+ - result['changed'] == false
+ - result.commands|length == 0
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml
new file mode 100644
index 0000000..86772ef
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml
@@ -0,0 +1,16 @@
+---
+- debug:
+ msg: START vyos_prefix_lists parsed integration tests on connection={{ ansible_connection }}
+
+- name: Parse externally provided prefix-lists configuration
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ running_config: "{{ lookup('file', './_parsed.cfg') }}"
+ state: parsed
+
+- name: Assert that config was correctly parsed
+ assert:
+ that:
+ - "{{ result['parsed'][0] == merged['after'][0] }}"
+ - "{{ result['parsed'][1] == merged['after'][1] }}"
+ - "{{ result['parsed']|length == 2 }}"
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml
new file mode 100644
index 0000000..12a0deb
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml
@@ -0,0 +1,51 @@
+---
+- debug:
+ msg: START vyos_prefix_lists rendered integration tests on connection={{ ansible_connection }}
+
+- name: Render commands externally for the described prefix-list configurations
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: "PL configured by ansible"
+ entries:
+ - sequence: 2
+ description: "Rule 2 given by ansible"
+ action: "permit"
+ prefix: "92.168.10.0/26"
+ le: 32
+
+ - sequence: 3
+ description: "Rule 3"
+ action: "deny"
+ prefix: "72.168.2.0/24"
+ ge: 26
+
+ - afi: "ipv6"
+ prefix_lists:
+ - name: "AllowIPv6Prefix"
+ description: "Configured by ansible for allowing IPv6 networks"
+ entries:
+ - sequence: 5
+ description: "Permit rule"
+ action: "permit"
+ prefix: "2001:db8:8000::/35"
+ le: 37
+
+ - name: DenyIPv6Prefix
+ description: "Configured by ansible for disallowing IPv6 networks"
+ entries:
+ - sequence: 8
+ action: deny
+ prefix: "2001:db8:2000::/35"
+ le: 37
+ state: rendered
+
+- name: Assert that correct set of commands were rendered
+ assert:
+ that:
+ - "{{ merged['commands'] | symmetric_difference(result['rendered']) |length\
+ \ == 0 }}"
+ - result.changed == False
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml
new file mode 100644
index 0000000..fc9f5da
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml
@@ -0,0 +1,57 @@
+---
+- debug:
+ msg: START vyos_prefix_lists replaced integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- include_tasks: _populate_config.yaml
+
+- block:
+ - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations
+ register: result
+ vyos.vyos.vyos_prefix_lists: &id002
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: "Configuration replaced by ansible"
+ entries:
+ - sequence: 3
+ description: "Rule 3 replaced by ansible"
+ action: "permit"
+ prefix: "82.168.2.0/24"
+ ge: 26
+ state: replaced
+
+ - name: Assert that before dicts were correctly generated
+ assert:
+ that:
+ - "{{ result['before'][0] == merged['after'][0] }}"
+ - "{{ result['before'][1] == merged['after'][1] }}"
+ - "{{ result['before']|length == 2 }}"
+
+ - name: Assert that correct set of commands were generated
+ assert:
+ that:
+ - "{{ replaced['commands'] | symmetric_difference(result['commands']) |length\
+ \ == 0 }}"
+
+ - name: Assert that after dicts were correctly generated
+ assert:
+ that:
+ - "{{ replaced['after'][0] == result['after'][0] }}"
+ - "{{ replaced['after'][1] == result['after'][1] }}"
+ - "{{ result['after']|length == 2 }}"
+
+ - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations (IDEMPOTENT)
+ register: result
+ vyos.vyos.vyos_prefix_lists: *id002
+
+ - name: Assert that task was idempotent
+ assert:
+ that:
+ - result['changed'] == false
+ - result.commands|length == 0
+
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml
new file mode 100644
index 0000000..2be2515
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml
@@ -0,0 +1,87 @@
+---
+- debug:
+ msg: START vyos_prefix_lists round trip integration tests on connection={{ ansible_connection }}
+
+- include_tasks: _remove_config.yaml
+
+- block:
+ - name: Apply the provided configuration (base config)
+ register: base_config
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: "PL configured by ansible"
+ entries:
+ - sequence: 2
+ description: "Rule 2 given by ansible"
+ action: "permit"
+ prefix: "92.168.10.0/26"
+ le: 32
+
+ - sequence: 3
+ description: "Rule 3"
+ action: "deny"
+ prefix: "72.168.2.0/24"
+ ge: 26
+
+ - afi: "ipv6"
+ prefix_lists:
+ - name: "AllowIPv6Prefix"
+ description: "Configured by ansible for allowing IPv6 networks"
+ entries:
+ - sequence: 5
+ description: "Permit rule"
+ action: "permit"
+ prefix: "2001:db8:8000::/35"
+ le: 37
+
+ - name: DenyIPv6Prefix
+ description: "Configured by ansible for disallowing IPv6 networks"
+ entries:
+ - sequence: 8
+ action: deny
+ prefix: "2001:db8:2000::/35"
+ le: 37
+ state: merged
+
+ - name: Gather prefix-lists facts
+ vyos.vyos.vyos_facts:
+ gather_subset:
+ - default
+ gather_network_resources:
+ - prefix_lists
+
+ - name: Update the configuration with the provided one (config to be reverted back)
+ register: result
+ vyos.vyos.vyos_prefix_lists:
+ config:
+ - afi: "ipv4"
+ prefix_lists:
+ - name: "AnsibleIPv4PrefixList"
+ description: "Configuration replaced by ansible"
+ entries:
+ - sequence: 3
+ description: "Rule 3 replaced by ansible"
+ action: "permit"
+ prefix: "82.168.2.0/24"
+ ge: 26
+ state: replaced
+
+ - name: Assert that changes were applied
+ assert:
+ that: "{{ result['after'] == replaced['after'] }}"
+
+ - name: Revert back to base config using facts round trip
+ register: revert
+ vyos.vyos.vyos_prefix_lists:
+ config: "{{ ansible_facts['network_resources']['prefix_lists'] }}"
+ state: replaced
+
+ - name: Assert that config was reverted
+ assert:
+ that: "{{ revert['after'] == base_config['after']}}"
+
+ always:
+ - include_tasks: _remove_config.yaml
diff --git a/tests/integration/targets/vyos_prefix_lists/vars/main.yaml b/tests/integration/targets/vyos_prefix_lists/vars/main.yaml
new file mode 100644
index 0000000..3a30342
--- /dev/null
+++ b/tests/integration/targets/vyos_prefix_lists/vars/main.yaml
@@ -0,0 +1,145 @@
+---
+merged:
+ before: []
+
+ commands:
+ - set policy prefix-list6 AllowIPv6Prefix
+ - set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'
+ - set policy prefix-list6 AllowIPv6Prefix rule 5
+ - set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'
+ - set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'
+ - set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'
+ - set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'
+ - set policy prefix-list6 DenyIPv6Prefix
+ - set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'
+ - set policy prefix-list6 DenyIPv6Prefix rule 8
+ - set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'
+ - set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'
+ - set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'
+ - set policy prefix-list AnsibleIPv4PrefixList
+ - set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'
+
+ after:
+ - afi: ipv4
+ prefix_lists:
+ - description: PL configured by ansible
+ name: AnsibleIPv4PrefixList
+ entries:
+ - action: permit
+ description: Rule 2 given by ansible
+ sequence: 2
+ le: 32
+ prefix: 92.168.10.0/26
+ - action: deny
+ description: Rule 3
+ ge: 26
+ sequence: 3
+ prefix: 72.168.2.0/24
+ - afi: ipv6
+ prefix_lists:
+ - description: Configured by ansible for allowing IPv6 networks
+ name: AllowIPv6Prefix
+ entries:
+ - action: permit
+ description: Permit rule
+ sequence: 5
+ le: 37
+ prefix: 2001:db8:8000::/35
+ - description: Configured by ansible for disallowing IPv6 networks
+ name: DenyIPv6Prefix
+ entries:
+ - action: deny
+ sequence: 8
+ le: 37
+ prefix: 2001:db8:2000::/35
+
+replaced:
+ commands:
+ - set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24'
+ - delete policy prefix-list AnsibleIPv4PrefixList rule 2
+
+ after:
+ - afi: ipv4
+ prefix_lists:
+ - description: Configuration replaced by ansible
+ name: AnsibleIPv4PrefixList
+ entries:
+ - action: permit
+ description: Rule 3 replaced by ansible
+ ge: 26
+ sequence: 3
+ prefix: 82.168.2.0/24
+ - afi: ipv6
+ prefix_lists:
+ - description: Configured by ansible for allowing IPv6 networks
+ name: AllowIPv6Prefix
+ entries:
+ - action: permit
+ description: Permit rule
+ sequence: 5
+ le: 37
+ prefix: 2001:db8:8000::/35
+ - description: Configured by ansible for disallowing IPv6 networks
+ name: DenyIPv6Prefix
+ entries:
+ - action: deny
+ sequence: 8
+ le: 37
+ prefix: 2001:db8:2000::/35
+
+overridden:
+ commands:
+ - delete policy prefix-list6 AllowIPv6Prefix
+ - delete policy prefix-list6 DenyIPv6Prefix
+ - set policy prefix-list AnsibleIPv4PrefixList description 'Rule 3 overridden by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny'
+ - delete policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given
+ by ansible'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26'
+ - delete policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'
+ - set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24'
+ - delete policy prefix-list AnsibleIPv4PrefixList rule 3
+ - set policy prefix-list OverriddenPrefixList
+ - set policy prefix-list OverriddenPrefixList description 'Configuration overridden
+ by ansible'
+ - set policy prefix-list OverriddenPrefixList rule 10
+ - set policy prefix-list OverriddenPrefixList rule 10 action 'permit'
+ - set policy prefix-list OverriddenPrefixList rule 10 le '32'
+ - set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27'
+
+ after:
+ - afi: ipv4
+ prefix_lists:
+ - description: Rule 3 overridden by ansible
+ name: AnsibleIPv4PrefixList
+ entries:
+ - action: deny
+ ge: 26
+ sequence: 2
+ prefix: 82.168.2.0/24
+ - description: Configuration overridden by ansible
+ name: OverriddenPrefixList
+ entries:
+ - action: permit
+ sequence: 10
+ le: 32
+ prefix: 203.0.113.96/27
+
+deleted:
+ commands:
+ - delete policy prefix-list AnsibleIPv4PrefixList
+ - delete policy prefix-list6 AllowIPv6Prefix
+ - delete policy prefix-list6 DenyIPv6Prefix
diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt
index 69f4063..967e336 100644
--- a/tests/sanity/ignore-2.10.txt
+++ b/tests/sanity/ignore-2.10.txt
@@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo
plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip
plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip
plugins/modules/vyos_route_maps.py import-2.6!skip
+plugins/modules/vyos_prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip
diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt
index 69f4063..967e336 100644
--- a/tests/sanity/ignore-2.11.txt
+++ b/tests/sanity/ignore-2.11.txt
@@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo
plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip
plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip
plugins/modules/vyos_route_maps.py import-2.6!skip
+plugins/modules/vyos_prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip
diff --git a/tests/sanity/ignore-2.12.txt b/tests/sanity/ignore-2.12.txt
index 69f4063..967e336 100644
--- a/tests/sanity/ignore-2.12.txt
+++ b/tests/sanity/ignore-2.12.txt
@@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo
plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip
plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip
plugins/modules/vyos_route_maps.py import-2.6!skip
+plugins/modules/vyos_prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip
diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt
index 7178a20..aa3ef3f 100644
--- a/tests/sanity/ignore-2.9.txt
+++ b/tests/sanity/ignore-2.9.txt
@@ -16,3 +16,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo
plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip
plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip
plugins/modules/vyos_route_maps.py import-2.6!skip
+plugins/modules/vyos_prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip
+plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip
diff --git a/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py b/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py
new file mode 100644
index 0000000..d1e1a8c
--- /dev/null
+++ b/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py
@@ -0,0 +1,1242 @@
+# (c) 2021 Red Hat Inc.
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+
+# Make coding more python3-ish
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+from textwrap import dedent
+from ansible_collections.vyos.vyos.tests.unit.compat.mock import patch
+from ansible_collections.vyos.vyos.plugins.modules import vyos_prefix_lists
+from ansible_collections.vyos.vyos.tests.unit.modules.utils import (
+ set_module_args,
+)
+from .vyos_module import TestVyosModule
+
+
+class TestVyosPrefixListsModule(TestVyosModule):
+
+ # Testing strategy
+ # ------------------
+ # (a) The unit tests cover `merged` and `replaced` for every attribute.
+ # Since `overridden` is essentially `replaced` but at a larger
+ # scale, these indirectly cover `overridden` as well.
+ # (b) For linear attributes replaced is not valid and hence, those tests
+ # delete the attributes from the config subsection.
+ # (c) The argspec for VRFs is same as the top-level spec and the config logic
+ # is re-used. Hence, those attributes are not explictly covered. However, a
+ # combination of VRF + top-level spec + AF is tested.
+
+ module = vyos_prefix_lists
+
+ def setUp(self):
+ super(TestVyosPrefixListsModule, self).setUp()
+
+ self.mock_get_resource_connection = patch(
+ "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module_base.get_resource_connection"
+ )
+ self.get_resource_connection = (
+ self.mock_get_resource_connection.start()
+ )
+
+ self.mock_get_config = patch(
+ "ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.prefix_lists.prefix_lists.Prefix_listsFacts.get_config"
+ )
+ self.get_config = self.mock_get_config.start()
+
+ def tearDown(self):
+ super(TestVyosPrefixListsModule, self).tearDown()
+ self.get_resource_connection.stop()
+ self.get_config.stop()
+
+ # test merged for linear attributes
+ def test_vyos_prefix_lists_linear_merged(self):
+ self.get_config.return_value = dedent(
+ """\
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ description="Test plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="permit",
+ description="Test rule 10",
+ prefix="92.168.10.0/26",
+ ),
+ dict(
+ sequence=20,
+ action="deny",
+ description="Test rule 20",
+ prefix="72.168.2.0/24",
+ ),
+ ],
+ ),
+ dict(
+ name="plist2",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="82.168.10.0/26",
+ le=32,
+ ),
+ dict(
+ sequence=30,
+ action="deny",
+ prefix="62.168.2.0/24",
+ ge=25,
+ ),
+ ],
+ ),
+ ],
+ ),
+ dict(
+ afi="ipv6",
+ prefix_lists=[
+ dict(
+ name="plist3",
+ description="Test plist3",
+ entries=[
+ dict(
+ sequence=10,
+ action="deny",
+ description="Test rule 10",
+ prefix="2001:db8:1000::/36",
+ le=36,
+ ),
+ dict(
+ sequence=20,
+ action="permit",
+ description="Test rule 20",
+ prefix="2001:db8:2000::/36",
+ ),
+ ],
+ ),
+ dict(
+ name="plist4",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="2001:db8:3000::/36",
+ ),
+ dict(
+ sequence=50,
+ action="deny",
+ prefix="2001:db8:4000::/36",
+ ),
+ ],
+ ),
+ ],
+ ),
+ ],
+ state="merged",
+ )
+ )
+ commands = [
+ "set policy prefix-list plist1",
+ "set policy prefix-list plist1 description 'Test plist1'",
+ "set policy prefix-list plist1 rule 10",
+ "set policy prefix-list plist1 rule 10 action 'permit'",
+ "set policy prefix-list plist1 rule 10 description 'Test rule 10'",
+ "set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'",
+ "set policy prefix-list plist1 rule 20",
+ "set policy prefix-list plist1 rule 20 action 'deny'",
+ "set policy prefix-list plist1 rule 20 description 'Test rule 20'",
+ "set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'",
+ "set policy prefix-list plist2",
+ "set policy prefix-list plist2 rule 20",
+ "set policy prefix-list plist2 rule 20 action 'permit'",
+ "set policy prefix-list plist2 rule 20 le '32'",
+ "set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'",
+ "set policy prefix-list plist2 rule 30",
+ "set policy prefix-list plist2 rule 30 action 'deny'",
+ "set policy prefix-list plist2 rule 30 ge '25'",
+ "set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'",
+ "set policy prefix-list6 plist3",
+ "set policy prefix-list6 plist3 description 'Test plist3'",
+ "set policy prefix-list6 plist3 rule 10",
+ "set policy prefix-list6 plist3 rule 10 action 'deny'",
+ "set policy prefix-list6 plist3 rule 10 description 'Test rule 10'",
+ "set policy prefix-list6 plist3 rule 10 le '36'",
+ "set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'",
+ "set policy prefix-list6 plist3 rule 20",
+ "set policy prefix-list6 plist3 rule 20 action 'permit'",
+ "set policy prefix-list6 plist3 rule 20 description 'Test rule 20'",
+ "set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'",
+ "set policy prefix-list6 plist4",
+ "set policy prefix-list6 plist4 rule 20",
+ "set policy prefix-list6 plist4 rule 20 action 'permit'",
+ "set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'",
+ "set policy prefix-list6 plist4 rule 50",
+ "set policy prefix-list6 plist4 rule 50 action 'deny'",
+ "set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test merged for linear attributes (idempotent)
+ def test_vyos_prefix_lists_linear_merged_idempotent(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ description="Test plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="permit",
+ description="Test rule 10",
+ prefix="92.168.10.0/26",
+ ),
+ dict(
+ sequence=20,
+ action="deny",
+ description="Test rule 20",
+ prefix="72.168.2.0/24",
+ ),
+ ],
+ ),
+ dict(
+ name="plist2",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="82.168.10.0/26",
+ le=32,
+ ),
+ dict(
+ sequence=30,
+ action="deny",
+ prefix="62.168.2.0/24",
+ ge=25,
+ ),
+ ],
+ ),
+ ],
+ ),
+ dict(
+ afi="ipv6",
+ prefix_lists=[
+ dict(
+ name="plist3",
+ description="Test plist3",
+ entries=[
+ dict(
+ sequence=10,
+ action="deny",
+ description="Test rule 10",
+ prefix="2001:db8:1000::/36",
+ le=36,
+ ),
+ dict(
+ sequence=20,
+ action="permit",
+ description="Test rule 20",
+ prefix="2001:db8:2000::/36",
+ ),
+ ],
+ ),
+ dict(
+ name="plist4",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="2001:db8:3000::/36",
+ ),
+ dict(
+ sequence=50,
+ action="deny",
+ prefix="2001:db8:4000::/36",
+ ),
+ ],
+ ),
+ ],
+ ),
+ ],
+ state="merged",
+ )
+ )
+ result = self.execute_module(changed=False)
+ self.assertEqual(result["commands"], [])
+
+ # test existing rule with replaced
+ def test_vyos_prefix_lists_replaced_update(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ description="Test plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="permit",
+ prefix="82.168.10.0/26",
+ ),
+ dict(
+ sequence=20,
+ action="deny",
+ description="Test rule 20",
+ prefix="72.168.2.0/24",
+ ),
+ ],
+ )
+ ],
+ )
+ ],
+ state="replaced",
+ )
+ )
+ commands = [
+ "delete policy prefix-list plist1 rule 10 description 'Test rule 10'",
+ "set policy prefix-list plist1 rule 10 prefix '82.168.10.0/26'",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test replaced
+ def test_vyos_prefix_lists_replaced(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="permit",
+ prefix="82.168.10.0/26",
+ )
+ ],
+ )
+ ],
+ )
+ ],
+ state="replaced",
+ )
+ )
+ commands = [
+ "delete policy prefix-list plist1 description 'Test plist1'",
+ "set policy prefix-list plist1 rule 10 prefix '82.168.10.0/26'",
+ "delete policy prefix-list plist1 rule 20",
+ "delete policy prefix-list plist1 rule 10 description 'Test rule 10'",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test update with overridden
+ def test_vyos_prefix_lists_overridden_update(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="deny",
+ prefix="102.168.10.0/26",
+ )
+ ],
+ )
+ ],
+ )
+ ],
+ state="overridden",
+ )
+ )
+ commands = [
+ "delete policy prefix-list plist1 description 'Test plist1'",
+ "delete policy prefix-list6 plist4",
+ "delete policy prefix-list plist1 rule 10 description 'Test rule 10'",
+ "set policy prefix-list plist1 rule 10 prefix '102.168.10.0/26'",
+ "delete policy prefix-list6 plist3",
+ "delete policy prefix-list plist1 rule 20",
+ "set policy prefix-list plist1 rule 10 action 'deny'",
+ "delete policy prefix-list plist2",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test overridden
+ def test_vyos_prefix_lists_overridden(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist5",
+ entries=[
+ dict(
+ sequence=50,
+ action="permit",
+ prefix="102.168.10.0/26",
+ )
+ ],
+ )
+ ],
+ )
+ ],
+ state="overridden",
+ )
+ )
+ commands = [
+ "set policy prefix-list plist5",
+ "set policy prefix-list plist5 rule 50",
+ "set policy prefix-list plist5 rule 50 action 'permit'",
+ "set policy prefix-list plist5 rule 50 prefix '102.168.10.0/26'",
+ "delete policy prefix-list plist1",
+ "delete policy prefix-list plist2",
+ "delete policy prefix-list6 plist3",
+ "delete policy prefix-list6 plist4",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test deleted (all)
+ def test_vyos_prefix_lists_deleted_all(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(dict(state="deleted"))
+ commands = [
+ "delete policy prefix-list plist1",
+ "delete policy prefix-list plist2",
+ "delete policy prefix-list6 plist3",
+ "delete policy prefix-list6 plist4",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test deleted (AFI)
+ def test_vyos_prefix_lists_deleted_afi(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(dict(config=[dict(afi="ipv4")], state="deleted"))
+ commands = [
+ "delete policy prefix-list plist1",
+ "delete policy prefix-list plist2",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test deleted (one prefix-list)
+ def test_vyos_prefix_lists_deleted_one(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[dict(afi="ipv6", prefix_lists=[dict(name="plist3")])],
+ state="deleted",
+ )
+ )
+ commands = ["delete policy prefix-list6 plist3"]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test deleted (one prefix-list from each AFI)
+ def test_vyos_prefix_lists_deleted_one_from_each_afi(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(
+ dict(
+ config=[
+ dict(afi="ipv4", prefix_lists=[dict(name="plist2")]),
+ dict(afi="ipv6", prefix_lists=[dict(name="plist3")]),
+ ],
+ state="deleted",
+ )
+ )
+ commands = [
+ "delete policy prefix-list plist2",
+ "delete policy prefix-list6 plist3",
+ ]
+ result = self.execute_module(changed=True)
+ self.assertEqual(set(result["commands"]), set(commands))
+
+ # test parsed
+ def test_vyos_prefix_lists_parsed(self):
+ cfg = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(dict(running_config=cfg, state="parsed"))
+ parsed = [
+ {
+ "afi": "ipv4",
+ "prefix_lists": [
+ {
+ "description": "Test plist1",
+ "name": "plist1",
+ "entries": [
+ {
+ "action": "permit",
+ "description": "Test rule 10",
+ "sequence": 10,
+ "prefix": "92.168.10.0/26",
+ },
+ {
+ "action": "deny",
+ "description": "Test rule 20",
+ "sequence": 20,
+ "prefix": "72.168.2.0/24",
+ },
+ ],
+ },
+ {
+ "name": "plist2",
+ "entries": [
+ {
+ "action": "permit",
+ "sequence": 20,
+ "le": 32,
+ "prefix": "82.168.10.0/26",
+ },
+ {
+ "action": "deny",
+ "ge": 25,
+ "sequence": 30,
+ "prefix": "62.168.2.0/24",
+ },
+ ],
+ },
+ ],
+ },
+ {
+ "afi": "ipv6",
+ "prefix_lists": [
+ {
+ "description": "Test plist3",
+ "name": "plist3",
+ "entries": [
+ {
+ "action": "deny",
+ "description": "Test rule 10",
+ "sequence": 10,
+ "le": 36,
+ "prefix": "2001:db8:1000::/36",
+ },
+ {
+ "action": "permit",
+ "description": "Test rule 20",
+ "sequence": 20,
+ "prefix": "2001:db8:2000::/36",
+ },
+ ],
+ },
+ {
+ "name": "plist4",
+ "entries": [
+ {
+ "action": "permit",
+ "sequence": 20,
+ "prefix": "2001:db8:3000::/36",
+ },
+ {
+ "action": "deny",
+ "sequence": 50,
+ "prefix": "2001:db8:4000::/36",
+ },
+ ],
+ },
+ ],
+ },
+ ]
+ result = self.execute_module(changed=False)
+ self.assertEqual(result["parsed"], parsed)
+
+ # test rendered
+ def test_vyos_prefix_lists_rendered(self):
+ set_module_args(
+ dict(
+ config=[
+ dict(
+ afi="ipv4",
+ prefix_lists=[
+ dict(
+ name="plist1",
+ description="Test plist1",
+ entries=[
+ dict(
+ sequence=10,
+ action="permit",
+ description="Test rule 10",
+ prefix="92.168.10.0/26",
+ ),
+ dict(
+ sequence=20,
+ action="deny",
+ description="Test rule 20",
+ prefix="72.168.2.0/24",
+ ),
+ ],
+ ),
+ dict(
+ name="plist2",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="82.168.10.0/26",
+ le=32,
+ ),
+ dict(
+ sequence=30,
+ action="deny",
+ prefix="62.168.2.0/24",
+ ge=25,
+ ),
+ ],
+ ),
+ ],
+ ),
+ dict(
+ afi="ipv6",
+ prefix_lists=[
+ dict(
+ name="plist3",
+ description="Test plist3",
+ entries=[
+ dict(
+ sequence=10,
+ action="deny",
+ description="Test rule 10",
+ prefix="2001:db8:1000::/36",
+ le=36,
+ ),
+ dict(
+ sequence=20,
+ action="permit",
+ description="Test rule 20",
+ prefix="2001:db8:2000::/36",
+ ),
+ ],
+ ),
+ dict(
+ name="plist4",
+ entries=[
+ dict(
+ sequence=20,
+ action="permit",
+ prefix="2001:db8:3000::/36",
+ ),
+ dict(
+ sequence=50,
+ action="deny",
+ prefix="2001:db8:4000::/36",
+ ),
+ ],
+ ),
+ ],
+ ),
+ ],
+ state="rendered",
+ )
+ )
+ rendered = [
+ "set policy prefix-list plist1",
+ "set policy prefix-list plist1 description 'Test plist1'",
+ "set policy prefix-list plist1 rule 10",
+ "set policy prefix-list plist1 rule 10 action 'permit'",
+ "set policy prefix-list plist1 rule 10 description 'Test rule 10'",
+ "set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'",
+ "set policy prefix-list plist1 rule 20",
+ "set policy prefix-list plist1 rule 20 action 'deny'",
+ "set policy prefix-list plist1 rule 20 description 'Test rule 20'",
+ "set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'",
+ "set policy prefix-list plist2",
+ "set policy prefix-list plist2 rule 20",
+ "set policy prefix-list plist2 rule 20 action 'permit'",
+ "set policy prefix-list plist2 rule 20 le '32'",
+ "set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'",
+ "set policy prefix-list plist2 rule 30",
+ "set policy prefix-list plist2 rule 30 action 'deny'",
+ "set policy prefix-list plist2 rule 30 ge '25'",
+ "set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'",
+ "set policy prefix-list6 plist3",
+ "set policy prefix-list6 plist3 description 'Test plist3'",
+ "set policy prefix-list6 plist3 rule 10",
+ "set policy prefix-list6 plist3 rule 10 action 'deny'",
+ "set policy prefix-list6 plist3 rule 10 description 'Test rule 10'",
+ "set policy prefix-list6 plist3 rule 10 le '36'",
+ "set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'",
+ "set policy prefix-list6 plist3 rule 20",
+ "set policy prefix-list6 plist3 rule 20 action 'permit'",
+ "set policy prefix-list6 plist3 rule 20 description 'Test rule 20'",
+ "set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'",
+ "set policy prefix-list6 plist4",
+ "set policy prefix-list6 plist4 rule 20",
+ "set policy prefix-list6 plist4 rule 20 action 'permit'",
+ "set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'",
+ "set policy prefix-list6 plist4 rule 50",
+ "set policy prefix-list6 plist4 rule 50 action 'deny'",
+ "set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'",
+ ]
+ result = self.execute_module(changed=False)
+ self.assertEqual(set(result["rendered"]), set(rendered))
+
+ # test gathered
+ def test_vyos_prefix_lists_gathered(self):
+ self.get_config.return_value = dedent(
+ """\
+ set policy prefix-list plist1
+ set policy prefix-list plist1 description 'Test plist1'
+ set policy prefix-list plist1 rule 10
+ set policy prefix-list plist1 rule 10 action 'permit'
+ set policy prefix-list plist1 rule 10 description 'Test rule 10'
+ set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'
+ set policy prefix-list plist1 rule 20
+ set policy prefix-list plist1 rule 20 action 'deny'
+ set policy prefix-list plist1 rule 20 description 'Test rule 20'
+ set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'
+ set policy prefix-list plist2
+ set policy prefix-list plist2 rule 20
+ set policy prefix-list plist2 rule 20 action 'permit'
+ set policy prefix-list plist2 rule 20 le '32'
+ set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'
+ set policy prefix-list plist2 rule 30
+ set policy prefix-list plist2 rule 30 action 'deny'
+ set policy prefix-list plist2 rule 30 ge '25'
+ set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'
+ set policy prefix-list6 plist3
+ set policy prefix-list6 plist3 description 'Test plist3'
+ set policy prefix-list6 plist3 rule 10
+ set policy prefix-list6 plist3 rule 10 action 'deny'
+ set policy prefix-list6 plist3 rule 10 description 'Test rule 10'
+ set policy prefix-list6 plist3 rule 10 le '36'
+ set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'
+ set policy prefix-list6 plist3 rule 20
+ set policy prefix-list6 plist3 rule 20 action 'permit'
+ set policy prefix-list6 plist3 rule 20 description 'Test rule 20'
+ set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'
+ set policy prefix-list6 plist4
+ set policy prefix-list6 plist4 rule 20
+ set policy prefix-list6 plist4 rule 20 action 'permit'
+ set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'
+ set policy prefix-list6 plist4 rule 50
+ set policy prefix-list6 plist4 rule 50 action 'deny'
+ set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'
+ """
+ )
+ set_module_args(dict(state="gathered"))
+ gathered = [
+ {
+ "afi": "ipv4",
+ "prefix_lists": [
+ {
+ "description": "Test plist1",
+ "name": "plist1",
+ "entries": [
+ {
+ "action": "permit",
+ "description": "Test rule 10",
+ "sequence": 10,
+ "prefix": "92.168.10.0/26",
+ },
+ {
+ "action": "deny",
+ "description": "Test rule 20",
+ "sequence": 20,
+ "prefix": "72.168.2.0/24",
+ },
+ ],
+ },
+ {
+ "name": "plist2",
+ "entries": [
+ {
+ "action": "permit",
+ "sequence": 20,
+ "le": 32,
+ "prefix": "82.168.10.0/26",
+ },
+ {
+ "action": "deny",
+ "ge": 25,
+ "sequence": 30,
+ "prefix": "62.168.2.0/24",
+ },
+ ],
+ },
+ ],
+ },
+ {
+ "afi": "ipv6",
+ "prefix_lists": [
+ {
+ "description": "Test plist3",
+ "name": "plist3",
+ "entries": [
+ {
+ "action": "deny",
+ "description": "Test rule 10",
+ "sequence": 10,
+ "le": 36,
+ "prefix": "2001:db8:1000::/36",
+ },
+ {
+ "action": "permit",
+ "description": "Test rule 20",
+ "sequence": 20,
+ "prefix": "2001:db8:2000::/36",
+ },
+ ],
+ },
+ {
+ "name": "plist4",
+ "entries": [
+ {
+ "action": "permit",
+ "sequence": 20,
+ "prefix": "2001:db8:3000::/36",
+ },
+ {
+ "action": "deny",
+ "sequence": 50,
+ "prefix": "2001:db8:4000::/36",
+ },
+ ],
+ },
+ ],
+ },
+ ]
+ result = self.execute_module(changed=False)
+ self.assertEqual(result["gathered"], gathered)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 09:59:23 +0000