init II

2024-10-13 23:32:58 +02:00
parent 30627b25b3
commit dbfba56f66
38 changed files with 3897 additions and 0 deletions
--- a/config-parser/asa-vpn-config-parser.sh
+++ b/config-parser/asa-vpn-config-parser.sh
@@ -0,0 +1,139 @@
+#!/bin/bash
+
+IFS=
+HOSTNAME=/home/rancid/var/rancid/network/configs/$1
+
+pho()
+{
+echo "<"$1">"
+}
+
+phc()
+{
+echo "</"$1">"
+}
+
+get_object()
+{
+ OBJN=$1
+ egrep -A 100 "$OBJN$" $HOSTNAME | egrep -m2 -B 100 "^[a-z]" | head -n -1 | tail -n +2 | while read -r LINE
+ do
+  echo $LINE "<br>"
+  if [[ "$LINE" =~ "group-object" ]]
+  then
+   OBJNN=$(echo $LINE | awk '{print $2}')
+   get_object $OBJNN
+  elif [[ "$LINE" =~ "network-object object" ]]
+  then
+   OBJNN=$(echo $LINE | awk '{print $3}')
+   get_object $OBJNN
+  else
+   I=1
+  fi
+ done
+}
+
+pho html
+pho head
+echo "
+<style>
+td {
+  border: 1px solid black;
+  spacing: 0px;
+  padding: 10px;
+}
+table { 
+    border-spacing: 10px;
+    border-collapse: separate;
+}
+</style>
+"
+
+phc head
+pho body
+pho "table cellspacing=1 cellpadding=1"
+# pick crypto map entry
+egrep "crypto map .* set peer" $HOSTNAME | while read -r LINE ; do
+ NR=$(echo "$LINE" | awk '{print $4}')
+ CM=$(echo "$LINE" | awk '{print $3}')
+pho tr
+
+pho "td valign=top style='white-space: nowrap'"
+ echo "Tunnel #"$NR
+phc td; pho "td valign=top style='white-space: nowrap'"
+ echo "Crypto Map:<br><br>$CM"
+phc td
+
+pho "td valign=top"
+ #get peer for cm entry
+echo "Peer(s):<br><br>"
+ PEER=$(egrep "crypto map .* $NR set peer" $HOSTNAME | awk '{print $7 " " $8 " " $9}')
+ PEERIP=$PEER
+ echo $PEER | sed 's/ /<br>/g'
+phc td
+
+pho "td valign=top style='white-space: nowrap'" 
+ #get acl for cm entry
+ ACL=$(egrep "crypto map .* $NR match address" $HOSTNAME | awk '{print $7}')
+ echo "ACL:<br><br>" $ACL
+phc td
+
+pho "td valign=top"
+ ACEl=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $6 " " $7}')
+ echo "Lokal:<br><br>"
+
+ echo $ACEl | while read -r LINEl
+ do
+  echo $LINEl "<br>"
+  if [[ "$LINEl" =~ "object" ]]
+  then
+   OBJN=$(echo $LINEl | awk '{print $2}')
+   get_object $OBJN
+  fi
+  echo "<br>"
+ done
+phc td
+
+pho "td valign=top style='white-space: nowrap'"
+ ACEr=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $8 " " $9}')
+ echo "Remote:<br><br>"
+
+ echo $ACEr | while read -r LINEr
+ do
+  echo $LINEr "<br>"
+  if [[ "$LINEr" =~ "object" ]]
+  then
+   OBJN=$(echo $LINEr | awk '{print $2}')
+   get_object $OBJN
+  fi
+  echo "<br>"
+ done
+
+phc td
+phc tr
+
+pho tr
+
+pho "td style='border-style: none'"
+phc td
+
+pho "td colspan=5"
+for IP in `echo $PEERIP | sed 's/ /\n/'`
+do
+IP=$(echo $IP | sed 's/ //')
+grep -A 3 "tunnel-group $IP" $HOSTNAME | grep "isakmp keepalive" && pho br
+done
+
+egrep "crypto map .* $NR " $HOSTNAME | grep pfs | awk '{print $6 " " $7 "<br>"}'
+egrep "crypto map .* $NR " $HOSTNAME | grep security | awk '{print $6 " " $7i " " $8 " " $9 "<br>"}'
+egrep "crypto map .* $NR " $HOSTNAME | grep transform | awk '{print $7 " " $8 "<br>"}'
+phc td
+phc tr
+pho "tr height=20px"
+phc tr
+done
+
+phc table
+phc body
+phc html
+