You have to use regex patterns to match the desired ACL's On Wed, Aug 18, 2021 at 7:54 PM Vikram S <[email protected]> wrote:
> i need to gather firewall rules (ACL) in which source ip is a public ip or > public subnet and destination is an internal server and port is tcp/3389. I > am wondering how to write a script that will excluded all ACL in which > source ip is internal (starting with 10.xx.xx.xx) and gather only ACL in > which public ip is source. > EXAMPLE OF ACL allowing access from public ip to internal ip: > access-list OUT_access_in line 2 extended permit tcp host 8.8.8.8 host > 10.10.10.5 eq 3389 access-list OUT_access_in line 3 extended permit tcp > 8.8.8.0 255.255.255.0 host 10.10.10.5 eq 3389 > > EXAMPLE OF ACL allowing access from one internal ip to another internal > ip: > access-list IN_access_in line 2 extended permit tcp host 10.15.15.5 host > 10.10.10.5 eq 3389 > access-list IN_access_in line 3 extended permit tcp 10.15.15.0 > 255.255.255.0 host 10.10.10.5 eq 3389 > access-list IN_access_in line 4 extended permit tcp any host 10.10.10.5 > eq 3389 > > Thanks, > Vikram > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/50fdadda-cd24-4b03-9e4f-c11d64343650n%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/50fdadda-cd24-4b03-9e4f-c11d64343650n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Thanks, Pushparaj G -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAE5Yv1Rh%3DCLfyEkvxRpakcp2KDYAzZ17J-oZXvOhmnc42AoAEQ%40mail.gmail.com.
