Need assistance in Regex
42 views
Skip to first unread message
Devops warrior
Mar 26, 2021, 6:37:23 AM3/26/21
to Ansible Project
I'm trying to add new IP address (10.97.6.12) in firewall, Before adding, I'm validating whether the new IP already exists in firewall or not.
Task:
- set_fact:
existing: "{{ result | json_query('objects[*].value') | select('match',( intip )) | list }}"
output:
TASK [set_fact] **************************************************************************************************************************************************************task path: /home/palo-test/json.yml:32
ok: [192.168.0.40] => {
"ansible_facts": {
"existing": [
"10.96.6.120",
"10.96.6.125"
]
},
"changed": false
}
Regex in set_fact is considering existing Ip objects 10.96.6.120 and 10.96.6.125 as 10.96.6.12. Need help to matching the exact IP.
Dick Visser
Mar 26, 2021, 8:13:30 AM3/26/21
to ansible...@googlegroups.com
Without knowing what your 'result' data structure looks like, doing
string matching with IP addressing is almost certainly going to be
problematic.
I assume you don't want to have problems.
So, what does your 'result' data look like?
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/245eea94-ae74-4fa1-b55e-2d121f42cc9dn%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
string matching with IP addressing is almost certainly going to be
problematic.
I assume you don't want to have problems.
So, what does your 'result' data look like?
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/245eea94-ae74-4fa1-b55e-2d121f42cc9dn%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
Devops warrior
Mar 26, 2021, 8:42:47 AM3/26/21
to Ansible Project
Thank you for you response. Here is the result data.
{
"objects": [
{
"description": null,
"name": "OUTSIDE",
"tag": null,
"type": "ip-netmask",
"value": "10.97.7.37/27"
},
{
"description": null,
"name": "INSIDE",
"tag": null,
"type": "ip-netmask",
"value": "10.97.7.133/27"
},
{
"description": null,
"name": "INTERNET",
"tag": null,
"type": "ip-netmask",
"value": "10.97.6.36/27"
},
{
"description": null,
"name": "Default",
"tag": null,
"type": "ip-netmask",
"value": "0.0.0.0/0"
},
{
"description": null,
"name": "Dummy_server",
"tag": null,
"type": "ip-netmask",
"value": "10.96.15.254"
},
{
"description": null,
"name": "VPN_Subnet",
"tag": null,
"type": "ip-netmask",
"value": "10.16.24.0/22"
},
{
"description": null,
"name": "Internal",
"tag": null,
"type": "ip-netmask",
"value": "10.97.12.120"
},
{
"description": null,
"name": "test",
"tag": null,
"type": "ip-netmask",
"value": "10.96.6.120"
},
{
"description": null,
"name": "test1",
"tag": null,
"type": "ip-netmask",
"value": "10.96.6.125"
}
]
}
Regards,
Sri
On Friday, 26 March 2021 at 17:43:30 UTC+5:30 dick....@geant.org wrote:
Without knowing what your 'result' data structure looks like, doing
string matching with IP addressing is almost certainly going to be
problematic.
I assume you don't want to have problems.
So, what does your 'result' data look like?
On Fri, 26 Mar 2021 at 11:37, Devops warrior <awscl...@gmail.com> wrote:
>
> I'm trying to add new IP address (10.96.6.12) in firewall, Before adding, I'm validating whether the new IP already exists in firewall or not.
Dick Visser
Mar 26, 2021, 9:24:20 AM3/26/21
to ansible...@googlegroups.com
If you want 'existing' to be a boolean, then you can simple check if
the IP is in the list.
Assuming 'intip' is the IP for which you want to test this:
- set_fact:
existing: "{{ intip in result|json_query('objects[].value') }}"
The 'result' structure has some subnets as well, I'm not sure if it
would be a problem when you try to add an IP address that is inside
one of those subnets (I guess so). For instance, 10.97.7.55 would be
part of 10.97.7.37/27, but 'existing' would still return false.
If you want that to be covered, you'd have to glue some ipaddr login in between:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4443cd65-1156-4879-86a2-8a96cf0f1252n%40googlegroups.com.
the IP is in the list.
Assuming 'intip' is the IP for which you want to test this:
- set_fact:
existing: "{{ intip in result|json_query('objects[].value') }}"
The 'result' structure has some subnets as well, I'm not sure if it
would be a problem when you try to add an IP address that is inside
one of those subnets (I guess so). For instance, 10.97.7.55 would be
part of 10.97.7.37/27, but 'existing' would still return false.
If you want that to be covered, you'd have to glue some ipaddr login in between:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html
Reply all
Reply to author
Forward
0 new messages