{"id":3468,"date":"2012-08-29T18:39:25","date_gmt":"2012-08-29T18:39:25","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=3468"},"modified":"2020-05-06T10:31:42","modified_gmt":"2020-05-06T17:31:42","slug":"writing-rules-with-the-cpd-editor","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/","title":{"rendered":"Writing Rules with the CPD Editor"},"content":{"rendered":"

While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.<\/p>\n

As you should already know, the policy engine simple and rule-logic builder tools are only good for global checks (something that only occurs once in a config). \u00a0The CPD tool is necessary for checking things like interfaces or ACL lists where you need to match more than one time.<\/p>\n

Generally, I design an interface check rule as “it has to be this or this or that or it’s a problem,”\u00a0 Here’s a simple example; Customer would like to have a policy that states that any interface that is configured as an access port needs to have port security enabled. \u00a0Here’s the CPD text to go with it.<\/p>\n

Optional-Block:\r\n      interface (Gi|Fa) .+\r\n            switchport mode access\r\n            switchport port-security\r\nInvalid-Block:\r\n      interface (Gi|Fa) .+\r\n            switchport mode access\r\nlogic is:\r\n<\/pre>\n
Find a match on interfaces that start with the text “interface Gi” or “interface Fa” (GigabitEthernet and FastEthernet Interfaces) that also contain the line “switchport mode access” and the line “switchport mode port-security”. \u00a0(the tab indents are import as this is how the engine knows what block of lines in the config to work with).<\/p>\n
IF it’s not a match, that’s ok (it’s optional). However, the invalid says, if I find an interface that starts with\u00a0the text “interface Gi” or “interface Fa”\u00a0and contains the line “switchport mode access”, flag it as a violation.<\/p>\n
Since this works just like rule logic, evaluated in order, any \u00a0GigabitEthernet or FastEthernet interface that doesn’t match the optional but does match the invalid will be flagged. All other interfaces will be ignored because they do not match either rule.<\/p>\n
Let me know what you think!<\/p>\n
Eric<\/p>\n","protected":false},"excerpt":{"rendered":"
While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor. As you should already know, the […]<\/p>\n","protected":false},"author":195,"featured_media":2779,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[16,15],"class_list":{"0":"post-3468","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-community","8":"tag-infoblox","9":"tag-security","10":"entry"},"acf":[],"yoast_head":"\nWriting Rules with the CPD Editor<\/title>\n<meta name=\"description\" content=\"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Writing Rules with the CPD Editor\" \/>\n<meta property=\"og:description\" content=\"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-08-29T18:39:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:31:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Eric Rupert\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eric Rupert\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/\"},\"author\":{\"name\":\"Eric Rupert\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/379eae44506ef6e6aae037082c40f256\"},\"headline\":\"Writing Rules with the CPD Editor\",\"datePublished\":\"2012-08-29T18:39:25+00:00\",\"dateModified\":\"2020-05-06T17:31:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/\"},\"wordCount\":312,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg\",\"keywords\":[\"Infoblox\",\"Security\"],\"articleSection\":[\"Community\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/\",\"name\":\"Writing Rules with the CPD Editor\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg\",\"datePublished\":\"2012-08-29T18:39:25+00:00\",\"dateModified\":\"2020-05-06T17:31:42+00:00\",\"description\":\"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg\",\"width\":660,\"height\":454,\"caption\":\"Tell Us What You Really Think: Introducing the Infoblox Technical Advisory Boards\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/writing-rules-with-the-cpd-editor\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Community\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/community\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Writing Rules with the CPD Editor\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/379eae44506ef6e6aae037082c40f256\",\"name\":\"Eric Rupert\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g\",\"caption\":\"Eric Rupert\"},\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/eric-rupert\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Writing Rules with the CPD Editor","description":"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/","og_locale":"en_US","og_type":"article","og_title":"Writing Rules with the CPD Editor","og_description":"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.","og_url":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/","og_site_name":"Infoblox Blog","article_published_time":"2012-08-29T18:39:25+00:00","article_modified_time":"2020-05-06T17:31:42+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg","type":"image\/jpeg"}],"author":"Eric Rupert","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Eric Rupert","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/"},"author":{"name":"Eric Rupert","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/379eae44506ef6e6aae037082c40f256"},"headline":"Writing Rules with the CPD Editor","datePublished":"2012-08-29T18:39:25+00:00","dateModified":"2020-05-06T17:31:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/"},"wordCount":312,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg","keywords":["Infoblox","Security"],"articleSection":["Community"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/","url":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/","name":"Writing Rules with the CPD Editor","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg","datePublished":"2012-08-29T18:39:25+00:00","dateModified":"2020-05-06T17:31:42+00:00","description":"While most of you may never touch it, I was just explaining how CPD works and it occurred to me that it probably would be helpful to share this as it took me quite awhile to wrap my head around how to write proper rules with the CPD editor.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Tell-Us-What-You-Really-Think-Introducing-the-Infoblox-Technical-Advisory-Boards.jpg","width":660,"height":454,"caption":"Tell Us What You Really Think: Introducing the Infoblox Technical Advisory Boards"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/community\/writing-rules-with-the-cpd-editor\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Community","item":"https:\/\/www.infoblox.com\/blog\/category\/community\/"},{"@type":"ListItem","position":3,"name":"Writing Rules with the CPD Editor"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/379eae44506ef6e6aae037082c40f256","name":"Eric Rupert","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8e427cbc9e6fe2f85931b1b443ae468ca3e57c02571148bf4eed26a7d83718a5?s=96&d=blank&r=g","caption":"Eric Rupert"},"url":"https:\/\/www.infoblox.com\/blog\/author\/eric-rupert\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/3468","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/195"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=3468"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/3468\/revisions"}],"predecessor-version":[{"id":3469,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/3468\/revisions\/3469"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2779"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=3468"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=3468"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=3468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}