Hello guest, if you read this it means you are not registered. Click here to register in a few simple steps, you will enjoy all features of our Forum.
Bottom Page

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
JunOS FW policies to Python dictionaries
#1
I have about 10K lines of JunOS (srx1500) FW output, from which I need to create individual dictionaries for each "Policy". I only care about source & destination addresses, not ports & protocols. Is there an easy way to do this?

Here's an example of the(massaged) firewall output:
Quote:Policy: RULE_12345, action-type: permit, State: enabled, Index: 153, Scope Policy: 0
Source addresses:
SUBNET_1: 10.1.1.0/24
SUBNET_2: 10.2.2.0/24
Destination addresses:
SUBNET_3: 10.3.3.0/24
SUBNET_4: 10.4.4.0/24
Policy: RULE_23456, action-type: permit, State: enabled, Index: 153, Scope Policy: 0
Source addresses:
SUBNET_1: 10.1.1.0/24
Destination addresses:
SUBNET_3: 10.3.3.0/24
SUBNET_5: 10.5.5.0/24

I need to turn a bunch of ^^that into something like this:
Quote:RULE_12345 = {"sources": ['10.1.1.0/24', '10.2.2.0/24'], "destinations":['10.3.3.0','10.4.4.0']}
RULE_23456 = {"sources": ['10.1.1.0/24'], "destinations":['10.3.3.0','10.5.5.0']}
Quote
#2
where can I find technical doc on this format? (like in CLI user guide or similar)
Quote
#3
This is the output of "show security policies detail" from a juniper srx1500. I've massaged it from a Linux shell to get only the relevant information shown above. The command is documented at:

https://www.juniper.net/documentation/en...icies.html
Quote
#4
And what code have you written so far?
Quote
#5
Only the desired output dictionary, above. I don't know how to make the second thing from the first thing
Quote
#6
today's your lucky day. This is quick and dirty, you should probably try to make it more efficient, but it works
You will also have to modify file names and paths

from pathlib import Path
import json


class ParseData:
    def __init__(self):
        self.home = Path('.')
        self.datafile = self.home / 'data' / 'data.txt'
        self.dataout = self.home / 'data' / 'data.json'

        self.datadict = { }
        self.source = None
        self.rule = None

        self.dest = None
        newitem = False

        self.reading_source = False
        self.reading_destination = False
        self.alldata = [ ]

        with self.datafile.open() as f, self.dataout.open('w') as fo:
            line = f.readlines()
            for item in line:
                if item.startswith('Policy:'):
                    if newitem:
                        self.save_item()
                    elements = item.split()
                    self.rule = elements[1].strip(',')
                    print(self.rule)
                    self.datadict[self.rule] = { }
                    newitem = True
                    continue
                elif item.startswith('Source'):
                    self.source = "sources"
                    self.reading_source = True
                    print('found source')
                    self.datadict[self.rule]['sources'] = { }
                    continue
                elif item.startswith('Destination'):
                    self.reading_source = False
                    self.reading_destination = True
                    print('found dest')
                    self.datadict[self.rule]['destinations'] = { }
                    continue
                elements = item.split()
                if self.reading_source:
                    self.datadict[self.rule]['sources'].append(elements[1])
                else:
                    self.datadict[self.rule]['destinations'].append(elements[1])
            # Save last item
            self.save_item()
            json.dump(self.alldata, fo)

    def save_item(self):
        self.alldata.append(self.datadict)
        self.datadict = {}
        self.source = None
        self.rule = None
        self.dest = None
        self.reading_source = False
        self.reading_destination = False

    def readback_test(self):
        self.alldata = [ ]
        with self.dataout.open() as f:
            self.alldata = json.load(f)
            for item in self.alldata:
                print(item)

if __name__ == '__main__':
    pd = ParseData()
    pd.readback_test()
Quote
#7
Thanks so much!
Quote

Top Page

Forum Jump:


Users browsing this thread: 1 Guest(s)