Archive

Posts Tagged ‘ACL’

ACL Parser Beta Available on Request

June 16th, 2011 Comments off

I get a few questions a week about changes the Cisco ACL parser. I have been working on a totally new script I am calling the ACL Parser. The script will parse Cisco ACL, Netscreen, Fortinet, and Watch Guard. I am still in beta stage, but if you would like the beta, email me directly cody AT melcara.com, and I will be happy to send it.

ShmooCon 2011

January 27th, 2011 5 comments

It’s time for ShmooCon 2011, YEAH!!! This is my first time attending and I am very excited. I would like to release a few maintenance releases of my Nessus Vulnerability XML Parser v8 and Cisco ACL Parser v0.05.

Nessus Vulnerability XML Parser v8 – There was a bug in the creation of the TEXT File report generation. The issue was cause by a variable I called in a foreach loop, if the variable was not an array, but a hash the script would fail. No other changes were made.

The Cisco ACL Parser v0.05 – In the ASA a type of ACL used for the SSL Any-Connect Portal is called a WEBACL. There was a problem in the parsing of these ACL types. Also I changed the name of the output file to be the device hostname-output.csv “fw01-output.csv” instead of “hostname fw01-output.csv”.

I hope everyone enjoys the scripts and I hope to see you at ShmooCon.

Cisco ACL Parser v0.04

December 22nd, 2010 3 comments

Greeting all,
Here is a new version of the ACL parser. I fixed a lot of issues with this script. The object groups are now expanded for the PIX and ASA. I have added the attributes for ACL entries for log level, time, and inactive state. I enhanced the remark feature also. The script was verified and test by Anthony, who contacted me after my initial public release v2. Anthony ran the script against an ASA 7.x with ACL that totals over 5000 lines. Here a quote from his response after testing:

“This is truly a parsing masterpiece. This did exactly what I needed and meets all of my requirements perfectly. Had no issues with any of the lines in the over 5000 lines of a single ACL that I ran through it, wonderful! Save me days of work! Seriously!!! Thanks a million. I know this wasn’t easy… especially since your script more than doubled!!”

I hope that you can use the script as well, I know this saves me a lot of time when auditing a router or firewall. In the next release I hope to add support for object groups with IOS ACL’s, and a column for description of how the ACL is applied. If you have any feedback please feel contact me anytime.

Well as luck would have it, there was a small spelling issue. I fixed the script and have here is the updated script.
acl2csv.0.04.pl