.. image:: https://img.shields.io/pypi/v/cisco-acl.svg
:target: https://pypi.python.org/pypi/cisco-acl
.. image:: https://img.shields.io/pypi/pyversions/cisco-acl.svg
:target: https://pypi.python.org/pypi/cisco-acl
cisco-acl
=========
Python package to parse and manage Cisco ACL (Access Control List).
Supported platforms:
- Cisco IOS (tested on ISR4331/K9, IOS XE version 16.09.06)
- Cisco Nexus NX-OS (tested on N3K-C3172TQ-XL, NXOS version 7.0(3)I7(8))
Main features:
- Supports wildcards, converts wildcards to prefixes
- Supports uni-dimensional address groups (address-group inside other address-group is not supported)
- Represents TCP/UDP ports and IP protocols as numbers or well-known names
- Converts IOS syntax to NX-OS and vice vera
- Generates sequence numbers for ACEs
- Looks for and removes ACEs in the shadow (rules without hits)
- Groups ACEs to blocks. After sorting, the order of ACEs within a group does not change
.. contents:: **Contents**
:local:
Acronyms
--------
========== ========================================================================================
Acronym Definition
========== ========================================================================================
ACL Access Control List
ACE Access Control Entry
ACEs Multiple Access Control Entries
========== ========================================================================================
Requirements
------------
Python >=3.8
Installation
------------
Install the package from pypi.org release
.. code:: bash
pip install cisco-acl
or install the package from github.com release
.. code:: bash
pip install https://github.com/vladimirs-git/cisco-acl/archive/refs/tags/3.3.3.tar.gz
or install the package from github.com repository
.. code:: bash
pip install git+https://github.com/vladimirs-git/cisco-acl
acls()
------
**cisco_acl.acls(config, kwargs)**
Creates *Acl* objects based on the "show running-config" output.
Support address group objects.
Each ACE line is treated as an independent *Ace* (default) or ACE lines can be
grouped to *AceGroup* by text in remarks (param `group_by`)
=============== ============ =======================================================================
Parameter Type Description
=============== ============ =======================================================================
config *str* Cisco config, "show running-config" output
platform *str* Platform: "ios" (default), "nxos"
version *str* Software version, default is "0".
names *List[str]* Parses only ACLs with specified names, skips any other
max_ncwb *int* Max count of non-contiguous wildcard bits
indent *str* ACE lines indentation (default " ")
protocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)
port_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)
group_by *str* Startswith in remark line. ACEs group, starting from the Remark, where line startswith `group_by`, will be applied to the same AceGroup, until next Remark that also startswith `group_by`
=============== ============ =======================================================================
Return
List of *Acl* objects
**Examples**
`./examples/functions_acls.py`_
aces()
------
**cisco_acl.aces(config, kwargs)**
Creates *Ace* objects based on the "show running-config" output
=============== ============ =======================================================================
Parameter Type Description
=============== ============ =======================================================================
config *str* Cisco config, "show running-config" output
platform *str* Platform: "ios" (default), "nxos"
version *str* Software version, default is "0".
max_ncwb *int* Max count of non-contiguous wildcard bits
protocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)
port_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)
group_by *str* Startswith in remark line. ACEs group, starting from the Remark, where line startswith `group_by`, will be applied to the same AceGroup, until next Remark that also startswith `group_by`
=============== ============ =======================================================================
Return
List of *Ace* objects
**Examples**
`./examples/functions_aces.py`_
addrgroups()
------------
**cisco_acl.addrgroups(config, kwargs)**
Creates *AddrGroup* objects based on the "show running-config" output
=============== ============ =======================================================================
Parameter Type Description
=============== ============ =======================================================================
config *str* Cisco config, "show running-config" output
platform *str* Platform: "ios" (default), "nxos"
version *str* Software version, default is "0".
max_ncwb *int* Max count of non-contiguous wildcard bits
indent *str* ACE lines indentation (default " ")
=============== ============ =======================================================================
Return
List of *AddrGroup* objects
range_ports()
-------------
**cisco_acl.range_ports(srcports, dstports, line, platform, port_nr)**
Generates ACEs in required range of TCP/UDP source/destination ports
=============== ============ =======================================================================
Parameter Type Description
=============== ============ =======================================================================
srcports *str* Range of TCP/UDP source ports
dstports *str* Range of TCP/UDP destination ports
line *str* ACE pattern, on whose basis new ACEs will be generated (default "permit tcp any any", operator "eq")
platform *str* Platform: "ios" (default), "nxos"
version *str* Software version, default is "0".
port_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)
=============== ============ =======================================================================
Return
List of newly generated ACE lines
**Examples**
`./examples/functions_range_ports.py`_
range_protocols()
-----------------
**cisco_acl.range_protocols(protocols, line, platform, protocol_nr)**
Generates ACEs in required range of IP protocols
=============== ============ =======================================================================
Parameter Type Description
=============== ============ =======================================================================
protocols *str* Range of IP protocols
line *str* ACE pattern, on whose basis new ACEs will be generated (default "permit ip any any")
platform *str* Platform: "ios" (default), "nxos"
version *str* Software version, default is "0".
protocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)
=============== ============ =======================================================================
Return
List of newly generated ACE lines
**Examples**
`./examples/functions_range_protocols.py`_
Objects
-------
Documentation of objects for deep-code divers
`./docs/objects.rst`_
.. _`./examples/functions_acls.py` : ./examples/functions_acls.py
.. _`./examples/functions_aces.py` : ./examples/functions_aces.py
.. _`./examples/examples_addrgroups.py` : ./examples/examples_addrgroups.py
.. _`./examples/functions_range_protocols.py` : ./examples/functions_range_protocols.py
.. _`./examples/functions_range_ports.py` : ./examples/functions_range_ports.py
.. _`./docs/acl_list_methods.rst` : ./docs/acl_list_methods.rst
.. _`./docs/objects.rst` : ./docs/objects.rst
Raw data
{
"_id": null,
"home_page": "https://github.com/vladimirs-git/cisco-acl",
"name": "cisco-acl",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": null,
"keywords": "cisco, acl, ios, nexus, nx-os",
"author": "Vladimirs Prusakovs",
"author_email": "vladimir.prusakovs@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/14/93/1ebe73c5d5d795ba1668a32a058300da728fbd997180060e1ea0eaa3f5ca/cisco_acl-3.3.3.tar.gz",
"platform": null,
"description": "\n.. image:: https://img.shields.io/pypi/v/cisco-acl.svg\n :target: https://pypi.python.org/pypi/cisco-acl\n.. image:: https://img.shields.io/pypi/pyversions/cisco-acl.svg\n :target: https://pypi.python.org/pypi/cisco-acl\n\n\ncisco-acl\n=========\n\nPython package to parse and manage Cisco ACL (Access Control List).\n\nSupported platforms:\n\n- Cisco IOS (tested on ISR4331/K9, IOS XE version 16.09.06)\n- Cisco Nexus NX-OS (tested on N3K-C3172TQ-XL, NXOS version 7.0(3)I7(8))\n\nMain features:\n\n- Supports wildcards, converts wildcards to prefixes\n- Supports uni-dimensional address groups (address-group inside other address-group is not supported)\n- Represents TCP/UDP ports and IP protocols as numbers or well-known names\n- Converts IOS syntax to NX-OS and vice vera\n- Generates sequence numbers for ACEs\n- Looks for and removes ACEs in the shadow (rules without hits)\n- Groups ACEs to blocks. After sorting, the order of ACEs within a group does not change\n\n.. contents:: **Contents**\n :local:\n\n\nAcronyms\n--------\n\n========== ========================================================================================\nAcronym Definition\n========== ========================================================================================\nACL Access Control List\nACE Access Control Entry\nACEs Multiple Access Control Entries\n========== ========================================================================================\n\n\nRequirements\n------------\n\nPython >=3.8\n\n\nInstallation\n------------\n\nInstall the package from pypi.org release\n\n.. code:: bash\n\n pip install cisco-acl\n\nor install the package from github.com release\n\n.. code:: bash\n\n pip install https://github.com/vladimirs-git/cisco-acl/archive/refs/tags/3.3.3.tar.gz\n\nor install the package from github.com repository\n\n.. code:: bash\n\n pip install git+https://github.com/vladimirs-git/cisco-acl\n\n\nacls()\n------\n**cisco_acl.acls(config, kwargs)**\nCreates *Acl* objects based on the \"show running-config\" output.\nSupport address group objects.\nEach ACE line is treated as an independent *Ace* (default) or ACE lines can be\ngrouped to *AceGroup* by text in remarks (param `group_by`)\n\n=============== ============ =======================================================================\nParameter Type Description\n=============== ============ =======================================================================\nconfig *str* Cisco config, \"show running-config\" output\nplatform *str* Platform: \"ios\" (default), \"nxos\"\nversion *str* Software version, default is \"0\".\nnames *List[str]* Parses only ACLs with specified names, skips any other\nmax_ncwb *int* Max count of non-contiguous wildcard bits\nindent *str* ACE lines indentation (default \" \")\nprotocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)\nport_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)\ngroup_by *str* Startswith in remark line. ACEs group, starting from the Remark, where line startswith `group_by`, will be applied to the same AceGroup, until next Remark that also startswith `group_by`\n=============== ============ =======================================================================\n\nReturn\n List of *Acl* objects\n\n**Examples**\n\n`./examples/functions_acls.py`_\n\n\naces()\n------\n**cisco_acl.aces(config, kwargs)**\nCreates *Ace* objects based on the \"show running-config\" output\n\n=============== ============ =======================================================================\nParameter Type Description\n=============== ============ =======================================================================\nconfig *str* Cisco config, \"show running-config\" output\nplatform *str* Platform: \"ios\" (default), \"nxos\"\nversion *str* Software version, default is \"0\".\nmax_ncwb *int* Max count of non-contiguous wildcard bits\nprotocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)\nport_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)\ngroup_by *str* Startswith in remark line. ACEs group, starting from the Remark, where line startswith `group_by`, will be applied to the same AceGroup, until next Remark that also startswith `group_by`\n=============== ============ =======================================================================\n\nReturn\n List of *Ace* objects\n\n**Examples**\n\n`./examples/functions_aces.py`_\n\n\naddrgroups()\n------------\n**cisco_acl.addrgroups(config, kwargs)**\nCreates *AddrGroup* objects based on the \"show running-config\" output\n\n=============== ============ =======================================================================\nParameter Type Description\n=============== ============ =======================================================================\nconfig *str* Cisco config, \"show running-config\" output\nplatform *str* Platform: \"ios\" (default), \"nxos\"\nversion *str* Software version, default is \"0\".\nmax_ncwb *int* Max count of non-contiguous wildcard bits\nindent *str* ACE lines indentation (default \" \")\n=============== ============ =======================================================================\n\nReturn\n List of *AddrGroup* objects\n\n\nrange_ports()\n-------------\n**cisco_acl.range_ports(srcports, dstports, line, platform, port_nr)**\nGenerates ACEs in required range of TCP/UDP source/destination ports\n\n=============== ============ =======================================================================\nParameter Type Description\n=============== ============ =======================================================================\nsrcports *str* Range of TCP/UDP source ports\ndstports *str* Range of TCP/UDP destination ports\nline *str* ACE pattern, on whose basis new ACEs will be generated (default \"permit tcp any any\", operator \"eq\")\nplatform *str* Platform: \"ios\" (default), \"nxos\"\nversion *str* Software version, default is \"0\".\nport_nr *bool* Well-known TCP/UDP ports as numbers, True - all tcp/udp ports as numbers, False - well-known tcp/udp ports as names (default)\n=============== ============ =======================================================================\n\nReturn\n List of newly generated ACE lines\n\n**Examples**\n\n`./examples/functions_range_ports.py`_\n\n\nrange_protocols()\n-----------------\n**cisco_acl.range_protocols(protocols, line, platform, protocol_nr)**\nGenerates ACEs in required range of IP protocols\n\n=============== ============ =======================================================================\nParameter Type Description\n=============== ============ =======================================================================\nprotocols *str* Range of IP protocols\nline *str* ACE pattern, on whose basis new ACEs will be generated (default \"permit ip any any\")\nplatform *str* Platform: \"ios\" (default), \"nxos\"\nversion *str* Software version, default is \"0\".\nprotocol_nr *bool* Well-known ip protocols as numbers, True - all ip protocols as numbers, False - well-known ip protocols as names (default)\n=============== ============ =======================================================================\n\nReturn\n List of newly generated ACE lines\n\n**Examples**\n\n`./examples/functions_range_protocols.py`_\n\n\n\nObjects\n-------\nDocumentation of objects for deep-code divers\n\n`./docs/objects.rst`_\n\n\n\n.. _`./examples/functions_acls.py` : ./examples/functions_acls.py\n.. _`./examples/functions_aces.py` : ./examples/functions_aces.py\n.. _`./examples/examples_addrgroups.py` : ./examples/examples_addrgroups.py\n.. _`./examples/functions_range_protocols.py` : ./examples/functions_range_protocols.py\n.. _`./examples/functions_range_ports.py` : ./examples/functions_range_ports.py\n\n.. _`./docs/acl_list_methods.rst` : ./docs/acl_list_methods.rst\n.. _`./docs/objects.rst` : ./docs/objects.rst\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Python package to parse and manage Cisco ACL (Access Control List)",
"version": "3.3.3",
"project_urls": {
"Bug Tracker": "https://github.com/vladimirs-git/cisco-acl/issues",
"Download URL": "https://github.com/vladimirs-git/cisco-acl/archive/refs/tags/3.3.3.tar.gz",
"Homepage": "https://github.com/vladimirs-git/cisco-acl",
"Repository": "https://github.com/vladimirs-git/cisco-acl"
},
"split_keywords": [
"cisco",
" acl",
" ios",
" nexus",
" nx-os"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "14931ebe73c5d5d795ba1668a32a058300da728fbd997180060e1ea0eaa3f5ca",
"md5": "f357296693230a739c38546c82750ad0",
"sha256": "e51bbc806a93aaf10ad48e7f72b0e050bf059b10b91cf0d6081cebeea6c1d89e"
},
"downloads": -1,
"filename": "cisco_acl-3.3.3.tar.gz",
"has_sig": false,
"md5_digest": "f357296693230a739c38546c82750ad0",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 46040,
"upload_time": "2024-07-14T11:15:18",
"upload_time_iso_8601": "2024-07-14T11:15:18.887869Z",
"url": "https://files.pythonhosted.org/packages/14/93/1ebe73c5d5d795ba1668a32a058300da728fbd997180060e1ea0eaa3f5ca/cisco_acl-3.3.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-07-14 11:15:18",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "vladimirs-git",
"github_project": "cisco-acl",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "cisco-acl"
}
JSON
