Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/abbacode/ciscoasarulecheck

Python script that allows offline parsing of Cisco ASA firewall rules
https://github.com/abbacode/ciscoasarulecheck

Last synced: 6 days ago
JSON representation

Python script that allows offline parsing of Cisco ASA firewall rules

Host: GitHub
URL: https://github.com/abbacode/ciscoasarulecheck
Owner: abbacode
License: gpl-3.0
Created: 2016-07-15T01:39:39.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2016-07-15T01:43:59.000Z (over 8 years ago)
Last Synced: 2024-08-01T19:52:30.828Z (3 months ago)
Language: Python
Size: 17.6 KB
Stars: 7
Watchers: 3
Forks: 5
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # ciscoasarulecheck

Python script that allows offline parsing of Cisco ASA firewall rules

==========================

Features of the script:

==========================

* Allows offline parsing of firewall rules to determine whether traffic is permitted between two hosts

* Will automatically search 'subnets' to determine whether the host falls into that network range

* Will automatically search for a specific destination port if a range of ports is in use

* Optional: the use of the 'any' keyword for search paramaters

====================

Installation notes

====================

Tested using Windows 8.1 64-bit and 32-bit running Python 3.4.2

Requirements:

* No external dependencies required

=========================

Operating instructions:

=========================

* Extract the contents of the zip file into a directory

* Capture the output of the 'show access-list' command place it into the same directory as the script

* Run the script

* Some common execution examples are as follows:

 - python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1

 - python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1 -dst_port 22

 - python rulecheck.py -file rules.txt -src_ip 192.168.1.10 -dst_ip 172.1.1.1 -dst_port ssh

 - python rulecheck.py -file rules.txt -src_ip any -dst_ip any 

 - python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 22

 - python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port ssh

 - python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 22 -proto tcp

 - python rulecheck.py -file rules.txt -src_ip any -dst_ip any -dst_port 53 -proto udp