alekznet / cisco-asa-acl-toolkit Goto Github PK
View Code? Open in Web Editor NEWUtilities for parsing, analyzing and modifing Cisco ASA ACLs, logs, ASA to HTML converter, ASA to Fortigate converter, policy generator
License: Apache License 2.0
cisco-asa-acl-toolkit's People
Contributors
Stargazers
Watchers
Forkers
codeyonet christsim luxpal my76128 jawhnycooke konst89 ccaiccie raybago gabsist flixflaxflux userpipename fulkod parthdmaniar sulisu superbirds2008 supunran bucketsadmin mkulasi zcoderowl rgoolsby hgxfg9 willyd61 horusthesonofosiris akellazzz sganpat empusas michaelflextrade edurguti boombomocisco-asa-acl-toolkit's Issues
Add network range support in asaconf.py
Add support for:
object network range_obj
range 10.0.0.1 10.0.0.15
genacl.py does not properly generate rules with "any"
"Any" is taken as a list [a, n, y], instead of one element.
genacl does not create object-groups
When generating an ACL for Cisco ASA, it creates the ACL lines with object-group names, but the object-group configurations themselves are not generated.
The examples in the documentation show that they should be created.
'Reading from converted_flows2.txt'
'2809 rules in the file'
'First iteration is completed. 2543 rules, and 244 "allow all" rules found'
'Allow rules are reduced to 194'
'Second iteration is completed. 1977 rules left'
'Third iteration is completed. 256 services are in the policy'
'Fourth iteration is completed. 726 rules in the policy, plus 194 "allow all" rules'
'Resulting policy'
'All done. There are 920 rules in the policy.'
Flow optimization seems to work but once I run cat optimized_flows2.txt | python genacl.py --acl inside > generated_asa_config2.txt, the rules are created, but not the object-groups.
access-list inside line 1000 extended permit tcp 10.48.20.74 255.255.255.255 69.127.167.205 255.255.255.255 eq 32768
access-list inside line 1001 extended permit tcp 10.44.0.0 255.255.0.0 34.0.0.0 255.0.0.0 eq 843
access-list inside line 1002 extended permit tcp 10.10.36.222 255.255.255.255 104.103.3.91 255.255.255.255 eq 445
access-list inside line 1003 extended permit tcp object-group obj_net_1 209.99.55.70 255.255.255.255 eq 9443
access-list inside line 1004 extended permit udp object-group obj_net_2 68.64.18.153 255.255.255.255 eq 1853
Add protocol group support in asaconf.py
Add support for:
object-group protocol proto_grp
protocol-object udp
protocol-object tcp
Add debugging to asaconf.py
Add debugging capability to asaconf.py
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.