You have to use regex patterns to match the desired ACL's

On Wed, Aug 18, 2021 at 7:54 PM Vikram S <[email protected]> wrote:

> i need to gather firewall rules (ACL) in which source ip is a public ip or
> public subnet and destination is an internal server and port is tcp/3389. I
> am wondering how to write a script that will excluded all ACL in which
> source ip is internal (starting with 10.xx.xx.xx) and gather only ACL in
> which public ip is source.
> EXAMPLE OF ACL allowing access from public ip to internal ip:
> access-list OUT_access_in line 2 extended permit tcp host 8.8.8.8 host
> 10.10.10.5 eq 3389 access-list OUT_access_in line 3 extended permit tcp
> 8.8.8.0 255.255.255.0 host 10.10.10.5 eq 3389
>
>  EXAMPLE OF ACL allowing access from one internal ip to another internal
> ip:
>  access-list IN_access_in line 2 extended permit tcp host 10.15.15.5 host
> 10.10.10.5 eq 3389
>  access-list IN_access_in line 3 extended permit tcp 10.15.15.0
> 255.255.255.0 host 10.10.10.5 eq 3389
>  access-list IN_access_in line 4 extended permit tcp any host 10.10.10.5
> eq 3389
>
> Thanks,
> Vikram
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/50fdadda-cd24-4b03-9e4f-c11d64343650n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/50fdadda-cd24-4b03-9e4f-c11d64343650n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>


-- 

Thanks,

Pushparaj G

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAE5Yv1Rh%3DCLfyEkvxRpakcp2KDYAzZ17J-oZXvOhmnc42AoAEQ%40mail.gmail.com.

Reply via email to