[c-nsp] Cisco ASA - Export rules
Teller, Robert
RTeller at deltadentalwa.com
Tue Aug 19 19:18:06 EDT 2008
'Created by Robert Teller
WScript.Echo "This script will take a minute or two to run" & vbCrLf &
"Please be patient"
Const ForReading = 1
'Looks for CF acl query
WSArg = Wscript.arguments.Count
If WSArg <> 1 Then
WScript.Echo "Please select a valid source"
WScript.Quit
End If
PixACL = Wscript.arguments.Item(0)
set ObjExcel = createobject("excel.application")
Set FSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = FSO.OpenTextFile(PixACL, ForReading)
'Names excel file
EName = Split(WScript.ScriptName, ".")(0) & ".xls"
EName = Replace(WScript.ScriptFullName,WScript.ScriptName,EName)
'Text files for output
OFiles = Split(WScript.ScriptName, ".")(0) & ".xls"
If fso.FileExists(Ename) Then fso.DeleteFile(Ename)
ObjExcel.workbooks.Add
ObjExcel.Worksheets.Add.Name = "Main"
XRules = 0
For Each Sheet In ObjExcel.Worksheets
If sheet.name <> "Main" Then
sheet.usedrange.delete
sheet.delete
End If
Next
ObjExcel.Worksheets.Add.Name = "Rules"
ObjExcel.Worksheets("Rules").move ObjExcel.Sheets(2)
Rules "DMZ" ,"Line" ,"Action" ,"Protocol" ,"Source" ,"SrcPort"
,"dest" ,"DstPort" ,"HitC" ,"Inactive" ,"LogLevel" ,"LogInterval"
' ObjExcel.Worksheets("Rules").activate
' ObjExcel.Cells(1,1).value = "DMZ" 'acl_dmzname
' ObjExcel.Cells(1,2).value = "Line #" 'line ###
' ObjExcel.Cells(1,3).value = "Action" 'Permit/deny
' ObjExcel.Cells(1,4).value = "Protocol" 'ICMP/TCP/UDP
' ObjExcel.Cells(1,5).value = "Source"
' ObjExcel.Cells(1,6).value = "Destination"
' ObjExcel.Cells(1,7).value = "Port #" 'http/https.....
' ObjExcel.Cells(1,8).value = "Hit Count" 'hitcnt=...
' ObjExcel.Cells(1,9).value = "Inactive" 'hitcnt=...
Do Until objTextFile.AtEndOfStream
If IsEmpty(text) Then
Text = objTextFile.Readline
Text = Replace(Text,"access-list ","")
Else
Text = Text & objTextFile.Readline
End If
Loop
AclArray = Split(text,"access-list ")
x = 1
For Each AccessList In AclArray
'Make sure the line Is a valid acl
ACLCheck = Split(AccessList," ")
If UBound(ACLCheck) > 3 Then
If ACLCheck(3) <> "remark" Then
PixParse AccessList
End If
End If
Next
Sub PixParse(ACL)
'Converts object-group to Group
If InStr(ACL,"object-group") Then ACL =
Replace(ACL,"object-group","Group")
'Checks of ACL is inactive
If InStr(ACL," inactive ") Then
Inactive = True
ACL = Replace(ACL," inactive","")
End If
'Format and Remove logging information from variable Item
If InStrRev(ACL," log ") And InStrRev(ACL," interval ") Then
'Checks for matching log level
LoGLevelB = InStr(ACL," log ") + 5
LoGLevelE = InStr(LogLevelB,ACL, " ")
LogLevel = Mid(ACL,LogLevelB,LogLevelE - LogLevelB)
LogIntervalB = InStr(LogLevelE,ACL, " interval ") + 10
LogIntervalE = InStr(LogIntervalB,ACL, " ")
LogInterval = Mid(ACL,LogIntervalB, LogIntervalE -
LogIntervalB)
ACL = Replace(ACL," log " & Loglevel & " interval " &
logInterval," ")
End If
'########### DMZ ###########
DMZ = InStr(ACL," ")
DMZ = Left(ACL,DMZ)
'########### DMZ ###########
'########### Line ###########
LineB = InStr(ACL," line ") + 6
LineE = InStr(LineB,ACL, " ")
Line = "Line " & Mid(ACL,LineB, LineE - LineB)
'########### Line ###########
'########### Action ###########
If InStr(ACL,"deny") Then
Action = "Deny"
ElseIf InStr(ACL,"permit") Then
Action = "Permit"
Else
Action = "Other"
End If
'########### Action ###########
'########### Protocol ###########
Protocol = Split(ACL," ")(5)
'########### Protocol ###########
'########### Src Host ###########
'Determine if src is Host,Subnet or Any
SrcHost = Split(ACL," ")(6)
Select Case SrcHost
Case "host"
SourceB = InStr(ACL, " host ") + 6
SourceE = InStr(SourceB,ACL, " ")
Source = "Host " & Mid(ACL, SourceB,
SourceE - SourceB)
Case "Group"
SourceB = InStr(ACL, " Group ") + 7
SourceE = InStr(SourceB,ACL, " ")
Source = "Group " & Mid(ACL, SourceB,
SourceE - SourceB)
Case "any"
Source = "Any"
SourceE = InStr(ACL,SrcHost) +
Len(SrcHost)
Case Else
SourceB = InStr(ACL, SrcHost)
SourceE = InStr(SourceB, ACL, " ") + 1
SourceE = InStr(SourceE, ACL, " ")
Source = Mid(ACL, SourceB, SourceE -
SourceB)
End Select
'########### Src Host ###########
'########### Src Port ###########
If Source = "Any" Then
If Split(ACL," ")(7) = "eq" Then
SrcPortB = InStr(SourceE, ACL, " eq ") + 4
SrcPortE = InStr(SrcPortB, ACL, " ")
SrcPort = "eq " & Mid(ACL,SrcPortB, SrcPortE -
SrcPortB)
ElseIf Split(ACL," ")(7) = "range" Then
SrcPortB = InStr(SourceE, ACL, " range ") + 7
SrcPortE = InStr(SrcPortB, ACL, " ") +1
SrcPortE = InStr(SrcPortE, ACL, " ")
SrcPort = "range " & Mid(ACL,SrcPortB, SrcPortE
- SrcPortB)
Else
SrcPortE = SourceE
SrcPort = "Any"
End If
ElseIf Split(ACL," ")(8) = "eq" Or Split(ACL," ")(8) = "range"
Then
If Split(ACL," ")(8) = "eq" Then
SrcPortB = InStr(SourceE, ACL, " eq ") + 4
SrcPortE = InStr(SrcPortB, ACL, " ")
SrcPort = "eq " & Mid(ACL,SrcPortB, SrcPortE -
SrcPortB)
ElseIf Split(ACL," ")(8) = "range" Then
SrcPortB = InStr(SourceE, ACL, " range ") + 7
SrcPortE = InStr(SrcPortB, ACL, " ") +1
SrcPortE = InStr(SrcPortE, ACL, " ")
SrcPort = "range " & Mid(ACL,SrcPortB, SrcPortE
- SrcPortB)
End If
Else
SrcPortE = SourceE
SrcPort = "Any"
End If
'########### Src Port ###########
'########### Dst Host ###########
'Check if source ports are used
If SourceE = SrcPortE Then
'Determine if dst is Host,Subnet or Any
If Source = "Any" Then
DstHost = Split(ACL," ")(7)
Select Case DstHost
Case "host"
DestB = InStr(SrcPortE,ACL, "
host ") + 6
DestE = InStr(DestB,ACL, " ")
Dest = "Host " & Mid(ACL, DestB,
DestE - DestB)
Case "Group"
DestB = InStr(SrcPortE,ACL, "
Group ") + 7
DestE = InStr(DestB,ACL, " ")
Dest = "Group " & Mid(ACL,
DestB, DestE - DestB)
Case "any"
Dest = "Any"
DestE =
InStr(SrcPortE,ACL,DstHost) + Len(DstHost)
Case Else
DestB = InStr(SrcPortE,ACL,
DstHost)
DestE = InStr(DestB, ACL, " ") +
1
DestE = InStr(DestE, ACL, " ")
Dest = Mid(ACL, DestB, DestE -
DestB)
End Select
Else'If Left(Source,4) = "Host" Then
DstHost = Split(ACL," ")(8)
Select Case DstHost
Case "host"
DestB = InStr(SrcPortE,ACL, "
host ") + 6
DestE = InStr(DestB,ACL, " ")
Dest = "Host " & Mid(ACL, DestB,
DestE - DestB)
Case "Group"
DestB = InStr(SrcPortE,ACL, "
Group ") + 7
DestE = InStr(DestB,ACL, " ")
Dest = "Group " & Mid(ACL,
DestB, DestE - DestB)
Case "any"
Dest = "Any"
DestE =
InStr(SrcPortE,ACL,DstHost) + Len(DstHost)
Case Else
DestB = InStr(SrcPortE,ACL,
DstHost)
DestE = InStr(DestB, ACL, " ") +
1
DestE = InStr(DestE, ACL, " ")
Dest = Mid(ACL, DestB, DestE -
DestB)
End Select
End If
End If
If SourceE <> SrcPortE Then
DestB = InStr(SrcPortE, ACL, " ") + 1
DestE = InStr(DestB,ACL, " ")
DstHost = Mid(ACL,DestB, DestE - DestB)
Select Case DstHost
Case "host"
DestB = InStr(DestE,ACL, " ") +
1
DestE = InStr(DestB,ACL, " ")
Dest = "Host " & Mid(ACL, DestB,
DestE - DestB)
DestE = DestE - 1
Case "Group"
DestB = InStr(DestE,ACL, " ") +
1
DestE = InStr(DestB,ACL, " ")
Dest = "Group " & Mid(ACL,
DestB, DestE - DestB)
DestE = DestE - 1
Case "any"
'
If DMZ = "acl_guest " Then
'
WScript.Echo "DST HOST"
'
WScript.Echo DestE & vbTab & Len(DstHost)
'
Test = InStr(DestE,ACL,DstHost)
'
WScript.Echo Test
'
End If
Dest = "Any"
'DestE =
InStr(DestE,ACL,DstHost) + Len(DstHost)
Case Else
DestB = InStr(DestE,ACL,
DstHost)
DestE = InStr(DestB, ACL, " ") +
1
DestE = InStr(DestE, ACL, " ")
Dest = Mid(ACL, DestB, DestE -
DestB)
End Select
End If
'########### Dst Host ###########
'########### Hit Count ###########
If InStr(ACL,"(hitcnt=") Then
HitB = InStr(ACL,"(hitcnt=") + 8
HitE = InStr(ACL, ")")
HitC = Mid(ACL,HitB,HitE - HitB)
HitB = HitB - 8
Else
HitB = InStrRev(ACL," ")
HitC = "N/A"
End If
'########### Hit Count ###########
'########### Dst Port ###########
DstPortB = DestE + 1
DstPortE = HitB
DstPort = Mid(ACL,DstPortB, DstPortE - DstPortB)
'
If DMZ = "acl_guest " Then
'
WScript.Echo DstPortB & vbTab & DstPortE
'
End If
If IsEmpty(DstPort) Then DstPort = "Any"
If IsNull(DstPort) Then DstPort = "Any"
'########### Dst Port ###########
'wscript.echo DMZ & vbtab & Line & vbtab & Action & vbtab &
Protocol & vbtab & Source & vbtab & SrcPort & vbtab & dest & vbtab &
DstPort & vbtab & HitC & vbtab & Inactive & vbtab & LogLevel & vbtab
& LogInterval
Rules DMZ, Line ,Action ,Protocol ,Source ,SrcPort ,dest
,DstPort ,HitC ,Inactive ,LogLevel ,LogInterval
LogIntervalB = Null
LogIntervalE = Null
LogInterval = Null
LogLevelB = Null
LogLevelE = Null
LogLevel = Null
DMZ = Null
Action = Null
Port = Null
PortB = Null
PortE = Null
SrcHost = Null
SourceB = Null
SourceE = Null
Source = Null
SrcPortB = Null
SrcPortE = Null
SrcPort = Null
DstHost = Null
DestB = Null
DestE = Null
Dest = Null
DstPortB = Null
DstPortE = Null
DstPort = Null
HitB = Null
HitE = Null
HitC = Null
Inactive = False
End Sub
Sub Rules(DMZ, Line ,Action ,Protocol ,Source ,SrcPort ,dest ,DstPort
,HitC ,Inactive ,LogLevel ,LogInterval)
XRules = 1 + XRules
ObjExcel.Worksheets("Rules").activate
ObjExcel.Cells(XRules,1).value = DMZ 'DMZ Rule is
applied to
ObjExcel.Cells(XRules,2).value = Line 'Line Number
ObjExcel.Cells(XRules,3).value = Action 'Action
ObjExcel.Cells(XRules,4).value = Protocol 'Protocol
ObjExcel.Cells(XRules,5).value = Source 'Source
ObjExcel.Cells(XRules,6).value = SrcPort 'Source port
ObjExcel.Cells(XRules,7).value = dest 'Destination
ObjExcel.Cells(XRules,8).value = DstPort 'Destination
Port
ObjExcel.Cells(XRules,9).value = HitC 'Hit Count
ObjExcel.Cells(XRules,10).value = Inactive 'status of
rule
ObjExcel.Cells(XRules,11).value = LogLevel 'logging
level
ObjExcel.Cells(XRules,12).value = LogInterval 'Logging
Interval
End Sub
finish
Sub finish
objTextFile.Close
ObjExcel.Worksheets("Main").usedrange.delete
ObjExcel.Worksheets("Main").delete
For Each Sheet In ObjExcel.Worksheets
ObjExcel.Worksheets(Sheet.Name).activate
ObjExcel.Worksheets(sheet.name).Rows(1).Font.Bold = True
ObjExcel.Worksheets(sheet.name).Rows(1).AutoFilter
ObjExcel.Worksheets(sheet.name).Rows(1).HorizontalAlignment = -4108
ObjExcel.Worksheets(sheet.name).usedrange.EntireColumn.AutoFit()
ObjExcel.Worksheets(sheet.name).Range("B2").Select
ObjExcel.ActiveWindow.FreezePanes = True
ObjExcel.Worksheets(sheet.name).Range("A1").Select
Next
ObjExcel.Worksheets("Rules").activate
ObjExcel.activeworkbook.saveas EName
ObjExcel.activeworkbook.close
ObjExcel.Quit
WScript.Echo "END"
WScript.Quit
End Sub
#########################################################
The information contained in this e-mail and subsequent attachments may be privileged,
confidential and protected from disclosure. This transmission is intended for the sole
use of the individual and entity to whom it is addressed. If you are not the intended
recipient, any dissemination, distribution or copying is strictly prohibited. If you
think that you have received this message in error, please e-mail the sender at the above
e-mail address.
#########################################################
More information about the cisco-nsp
mailing list