I am writing a script to parse firewall rules from the configuration of a Cisco ASA.
Examples of my input include:
access-list myACL line 1 extended permit tcp host 10.8.13.200 host 10.32.53.22 eq 1122
access-list myACL line 2 extended permit tcp 10.8.13.0 255.255.255.0 host 10.1.206.17 eq 445
access-list myACL line 3 extended permit udp host 10.8.13.200 eq 54345 host 10.1.206.17 eq 445
access-list myACL line 4 extended permit icmp any any
My desired output, in the form of a .csv, for the three lines above would be the following. However, these could just as well be tuples to be stored in a database.
#aclName,lineNumber,action,protocol,sourceIP,sourcePort,destIP,destPort
myACL,1,permit,tcp,10.8.13.200,*,10.32.53.22,1122
myACL,2,permit,tcp,10.8.13.0/24,*,10.1.206.17,445
myACL,3,permit,udp,10.8.13.200,54345,10.1.206.17,445
myACL,4,permit,icmp,*,*,*,*
I’m having trouble choosing an approach to this project. I’ve looked at many options including ats, shlex, or even just using a regex, but I’m having difficulty determining what the best option is. Would PLY help here?
What would be a suitable approach for this?
The first 6 fields seem to be quite predictable, that leaves the endpoint which can have several representations. A possibility would be (untested code, but I hope you get the idea):