[c-nsp] ACL creation and editing tool suggestions?
Roland Dobbins
rdobbins at arbor.net
Sat Jun 6 06:26:05 EDT 2009
On Jun 6, 2009, at 1:27 PM, Scott Granados wrote:
> Something that could optimize the ACL in automated fashion?
None of the commercial tools I've seen do this in a platform-aware way
- they're oriented towards software routers running T-train, and don't
take into account hardware platform caveats.
You can start by organizing your ACLs into named and commented text
files, and using something as simple as RCS to implement version
control and to check out/check in ACL files for editing. Lots of
folks end up using tools like RANCID, RAT, Pancho, et. al. to help
with auditing, and then custom Perl scripts or somesuch for editing/
updating.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Unfortunately, inefficiency scales really well.
-- Kevin Lawton
More information about the cisco-nsp
mailing list