-1

我需要一个工具或脚本来解析 Cisco IPS 配置,我知道有一个名为 nipper 的工具用于解析防火墙和交换机配置,但我不支持 Cisco IPS,我 google 了它但没有好的结果。

4

1 回答 1

1

你应该使用ciscoconfparse.

以下示例使用下面的 Cisco 配置...我不能使用 IPS 配置,除非 OP 发布...这使用 Cisco IOS 配置...

以下脚本将从中加载配置文件/tftpboot/bucksnort.conf并用于CiscoConfParse.find_lines()解析它以获取所有串行接口的名称。注意^搜索字符串开头的符号是正则表达式;^interface Serial告诉python将其搜索限制在以 . 开头的行interface Serial

[mpenning@typo tmp]$ python
Python 2.6.6 (r266:84292, Sep 11 2012, 08:34:23)
[GCC 4.4.6 20120305 (Red Hat 4.4.6-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from ciscoconfparse import CiscoConfParse
>>> parse = CiscoConfParse("/tftpboot/bucksnort.conf")
>>> serial_intfs = parse.find_lines("^interface Serial")
>>>
>>> serial_intfs
['interface Serial1/0', 'interface Serial1/1', 'interface Serial1/2']
>>>
>>> qos_intfs = parse.find_parents_w_child( "^interf", "service-policy output QOS_1" )
>>> qos_intfs
['interface Serial1/1']

! Filename: /tftpboot/bucksnort.conf
!
policy-map QOS_1
 class GOLD
  priority percent 10
 class SILVER
  bandwidth 30
  random-detect
 class default
!
interface Ethernet0/0
 ip address 1.1.2.1 255.255.255.0
 no cdp enable
!
interface Serial1/0
 encapsulation ppp
 ip address 1.1.1.1 255.255.255.252
!
interface Serial1/1
 encapsulation ppp
 ip address 1.1.1.5 255.255.255.252
 service-policy output QOS_1
!
interface Serial1/2
 encapsulation hdlc
 ip address 1.1.1.9 255.255.255.252
!
class-map GOLD
 match access-group 102
class-map SILVER
 match protocol tcp
!
access-list 101 deny tcp any any eq 25 log
access-list 101 permit ip any any
!
access-list 102 permit tcp any host 1.5.2.12 eq 443
access-list 102 deny ip any any
!
logging 1.2.1.10
logging 1.2.1.11
logging 1.2.1.12
于 2012-11-05T11:05:34.700 回答