Ignore crosslink in expanded intersection

Author: hknutzen

go/pkg/pass1/cut-netspoc.go

@@ -300,8 +300,8 @@ func (c *spoc) markAndSubstElements(
 	elemList *[]ast.Element, ctx string, m map[string]*ast.TopList,
 	isUsed map[string]bool) {
 
-	expand := func(el ast.Element) groupObjList {
-		l := c.expandGroup1([]ast.Element{el}, ctx, false, false)
+	expand := func(el ast.Element, visible bool) groupObjList {
+		l := c.expandGroup1([]ast.Element{el}, ctx, visible, false)
 		// Remove duplicates from dual stack objects.
 		slices.SortFunc(l, func(e1, e2 groupObj) int {
 			return strings.Compare(e1.String(), e2.String())
@@ -395,8 +395,8 @@ func (c *spoc) markAndSubstElements(
 		}
 		return result
 	}
-	var traverse func(l []ast.Element) []ast.Element
-	traverse = func(l []ast.Element) []ast.Element {
+	var traverse func(l []ast.Element, visible bool) []ast.Element
+	traverse = func(l []ast.Element, visible bool) []ast.Element {
 		var expanded groupObjList
 		j := 0
 		for _, el := range l {
@@ -408,7 +408,7 @@ func (c *spoc) markAndSubstElements(
 				}
 				switch x.Type {
 				case "any", "network":
-					for _, obj := range expand(el) {
+					for _, obj := range expand(el, visible) {
 						markUnconnectedObj(obj.(*network), isUsed)
 					}
 				case "group":
@@ -419,29 +419,29 @@ func (c *spoc) markAndSubstElements(
 				isUsed[typedName] = true
 			case ast.AutoElem:
 				// Ignore empty automatic group
-				if len(expand(el)) == 0 {
+				if len(expand(el, false)) == 0 {
 					continue
 				}
 				// Remove sub elements that would evaluate to empty list.
-				l2 := traverse(x.GetElements())
+				l2 := traverse(x.GetElements(), false)
 				j2 := 0
 				for _, el2 := range l2 {
-					if len(expand(el2)) != 0 {
+					if len(expand(el2, false)) != 0 {
 						l2[j2] = el2
 						j2++
 					}
 				}
 				x.SetElements(l2[:j2])
 			case *ast.IntfRef:
-				for _, obj := range expand(el) {
+				for _, obj := range expand(el, visible) {
 					switch x := obj.(type) {
 					case *routerIntf:
 						setIntfUsed(x, isUsed)
 						setRouterUsed(x.router, isUsed)
 					}
 				}
 			case *ast.Intersection:
-				expanded = append(expanded, expand(el)...)
+				expanded = append(expanded, expand(el, visible)...)
 				continue // Ignore original intersection.
 			}
 			l[j] = el
@@ -453,7 +453,7 @@ func (c *spoc) markAndSubstElements(
 		}
 		return result
 	}
-	*elemList = traverse(*elemList)
+	*elemList = traverse(*elemList, true)
 }
 
 func (c *spoc) markElements(

go/testdata/cut-netspoc/cut-netspoc.t

@@ -3725,6 +3725,56 @@ router:r2 = {
 }
 =END=
 
+############################################################
+=TITLE=Remove crosslink network from automated group
+=INPUT=
+area:all = { anchor = network:n1; }
+network:n1 = { ip = 10.1.1.0/27; }
+router:r1 = {
+ model = ASA;
+ managed;
+ interface:n1 = { ip = 10.1.1.1; hardware = n1; }
+ interface:cr = { ip = 10.3.3.1; hardware = cr; }
+}
+network:cr = { ip = 10.3.3.0/29; crosslink; }
+router:r2 = {
+ model = ASA;
+ managed;
+ interface:cr = { ip = 10.3.3.2; hardware = cr; }
+ interface:n2 = { ip = 10.2.2.1; hardware = n2; }
+}
+network:n2 = { ip = 10.2.2.0/27; }
+area:n1-cr = {
+ border = interface:r2.cr;
+}
+service:s1 = {
+ user = network:[area:all] &! network:n2;
+ permit src = user; dst = network:n2; prt = tcp 80;
+}
+=OUTPUT=
+network:n1 = { ip = 10.1.1.0/27; }
+router:r1 = {
+ model = ASA;
+ managed;
+ interface:n1 = { ip = 10.1.1.1; hardware = n1; }
+ interface:cr = { ip = 10.3.3.1; hardware = cr; }
+}
+network:cr = { ip = 10.3.3.0/29; crosslink; }
+router:r2 = {
+ model = ASA;
+ managed;
+ interface:cr = { ip = 10.3.3.2; hardware = cr; }
+ interface:n2 = { ip = 10.2.2.1; hardware = n2; }
+}
+network:n2 = { ip = 10.2.2.0/27; }
+service:s1 = {
+ user = network:n1;
+ permit src = user;
+        dst = network:n2;
+        prt = tcp 80;
+}
+=END=
+
 ############################################################
 =TITLE=Remove border of area in unconnected part
 =INPUT=