Shulou(Shulou.com)06/02 Report--

Demand

Yesterday, someone in the group provided some firewall policy text, asking how it can be converted to an object in PowerShell.

A sample text is shown below

Rule id 39 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "Any" exitrule id 46 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "PING" exitrule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz_group name" zj-nqtw-wtqz "exit" option 1

Because the text looks regular, the first solution is to use the convertfrom-string command, along with a self-defined template, to convert these strings into PS objects.

$t=@'rule id {ID*:39} action {action:permit} src-zone {srz_zone: "Any"} dst-zone {dst_zone: "Any"} src-addr {src_addr: "Any"} dst-addr {dst_addr: "Any"} service {service_addr: "Any"} {name: ""} exitrule id {ID*:46} action permit src-zone "Any" dst-zone "Any" src-addr "Any" Dst-addr "Any" service "PING" exitrule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "dst-addr" zj-wtqzgroup "service" wtqz_group "name" exit'@ConvertFrom-String-TemplateContent $t-InputObject $st | ft-AutoSize

Simply explain how the template is designed, copy the entire text, and start to modify it. For example, the beginning of each line of the template I need needs to be marked with *, the key value pair in the curly braces {}, the key is the name chosen by itself, and the subsequent value is the original content of the text; PS will automatically generate the corresponding object according to the rule.

For specific command explanations, please see https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertfrom-string?view=powershell-5.1.

The results are as follows:

ID action srz_zone dst_zone src_addr dst_addr service_addr---39 permit "Any", "Any" 46 permit Any "" PING "11 permit" untrust "" trust "" nqtwgroup "" zj-wtqzgroup "" wtqz_group "

At first glance, it seems that all the required results are available, but careful observation shows that the content of each strategy in the text is slightly different. For example, some rule also have a name attribute, so that if it is not unified, a single template will not match all the content.

Option 2

Traditional regular + string splicing processing

# original text $st=@ "rule id 39 action permit src-zone" Any "dst-zone" Any "src-addr" Any "dst-addr" Any "service" Any "exitrule id 46 action permit src-zone" Any "dst-zone Any" src-addr "Any" dst-addr "Any" service "PING" exitrule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz _ group "name" zj-nqtw-wtqz "exit" @ $ringing @ () # regular multi-line matching Get the block $st of each rule | Select-String'(? smi) rule id [1-9] {2}. *? exit'-AllMatches | Foreach {$_ .matches} | Foreach {# replace spaces and newline characters to make it more regular It is convenient to process $temp=$_.value-replace 'rule id','rule-id' $temp=$temp-replace' exit',''$temp=$temp-replace'\ r\ nParticipant'$list=$temp.split (',') $object = New-Object-TypeName PSObject try {foreach ($item in $list) {$c=$item.trim (). Split () $name=$c [0] $value=$c [1] $object | Add-Member-NotePropertyName $name-NotePropertyValue $value-ErrorAction SilentlyContinue} catch {} $r+=$object} $r | select rule-id,action Src-zone,dst-zone,src-addr,dst-addr,service,name | ft

The final result is as follows, and all the information has been obtained successfully.

Rule-id action src-zone dst-zone src-addr dst-addr service name-39 permit "Any"Any"Any" "" Any "" Any "46 permit" Any "" PING "11 permit" untrust "" trust "" nqtwgroup "" zj-wtqzgroup "" wtqz_group "" zj-nqtw-wtqz "

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.