Add dot11k/dot11v ssid-profile commands

netbox-aruba-instant-sync.py

@@ -77,13 +77,13 @@ try:
 except ImportError:
   from cryptography.hazmat.decrepit.ciphers.algorithms import TripleDES
 
-# Secrets in the VC config as returned by "show running-config" and similar
+# Secrets in the VC config as returned by "show running-config" are Triple DES
-# means Triple DES encrypted. While applying config commands, secrets must be
+# encrypted. While applying config commands, secrets must be clear text (even
-# unencrypted (even for "no ..." commands), so this complicates both change
+# for "no ..." commands), so this complicates both detecting changes and
-# detection and generation. Luckily the key static and publicly known (making
+# applying them. Luckily the key is static and publicly known (making the
-# the encryption pointless from a security perspective). We transparently
+# encryption pointless from a security perspective). We transparently decrypt
-# decrypt parameters for specific commands when reading the config and
+# parameters for specific commands when reading the config and otherwise
-# otherwise pretend this encryption thing does not exist.
+# pretend this encryption thing does not exist.
 #
 # See also https://seclists.org/fulldisclosure/2016/May/19
 
@@ -134,6 +134,7 @@ CONFIG_COMMANDS = [
   (r'enable|disable', r'enable', None),
   (r'(index|type|opmode|max-authentication-failures|rf-band|captive-portal|dmo-channel-utilization-threshold|local-probe-req-thresh|max-clients-threshold) .+', r'\1', None),
   (r'(zone|essid|wpa-passphrase|vlan|dtim-period|broadcast-filter) .+', r'\1', r'no \1'),
+  (r'(dot11k|dot11v)', r'\1', r'no \1'),
 
   (r'(wlan access-rule .+)', r'\1', r'no \1'),
   (r'(rule .+)', r'\1', None), # TODO: Sequence Sensitive Command