Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/abbacode/ciscoasarulecheck
Python script that allows offline parsing of Cisco ASA firewall rules
https://github.com/abbacode/ciscoasarulecheck
Last synced: 5 days ago
JSON representation
Python script that allows offline parsing of Cisco ASA firewall rules
- Host: GitHub
- URL: https://github.com/abbacode/ciscoasarulecheck
- Owner: abbacode
- License: gpl-3.0
- Created: 2016-07-15T01:39:39.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-07-15T01:43:59.000Z (over 8 years ago)
- Last Synced: 2024-08-01T19:52:30.828Z (3 months ago)
- Language: Python
- Size: 17.6 KB
- Stars: 7
- Watchers: 3
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ciscoasarulecheck
Python script that allows offline parsing of Cisco ASA firewall rules==========================
Features of the script:
==========================
* Allows offline parsing of firewall rules to determine whether traffic is permitted between two hosts
* Will automatically search 'subnets' to determine whether the host falls into that network range
* Will automatically search for a specific destination port if a range of ports is in use
* Optional: the use of the 'any' keyword for search paramaters====================
Installation notes
====================
Tested using Windows 8.1 64-bit and 32-bit running Python 3.4.2Requirements:
* No external dependencies required=========================
Operating instructions:
=========================
* Extract the contents of the zip file into a directory
* Capture the output of the 'show access-list' command place it into the same directory as the script
* Run the script* Some common execution examples are as follows:
- python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1
- python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1 -dst_port 22
- python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1 -dst_port ssh
- python rulecheck.py -file rules.txt -src_ip any -dst_ip any
- python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 22
- python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port ssh
- python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 22 -proto tcp
- python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 53 -proto udp