#!/usr/bin/perl use strict; my $TR="_"; my $PR="CS"; print "\n"; open CONF, "$0.conf"; my @CONF=; close CONF; foreach my $line (@CONF) { chomp $line; next if ($line =~ /^#/); object("NO", $line) if ($line =~ /^NO/); object("SO", $line) if ($line =~ /^SO/); } foreach my $line (@CONF) { next if ($line =~ /^#/); objectgroup("NG", $line) if ($line =~ /^NG/); objectgroup("SG", $line) if ($line =~ /^SG/); } print "\n"; sub object { my ($O,$line)=@_; my (undef,$NAME,$Object,$comment) = split /:/, $line; print "object "; print "network " if ($O eq "NO"); print "service " if ($O eq "SO"); print "$TR$PR$TR$O$TR$NAME\n"; print " " if ($O eq "NO"); print " service " if ($O eq "SO"); print "$Object\n"; print " description $comment\n" if ($comment); print "exit\n"; } sub objectgroup { my ($O,$line)=@_; my (undef,$NAME,$Object,$comment) = split /:/, $line; print "object-group "; print "network " if ($O eq "NG"); print "service " if ($O eq "SG"); print "$TR$PR$TR$O$TR$NAME\n"; my @Objects = split /,/, $Object; foreach my $Ob (@Objects) { print " network-object " if ($O eq "NG"); print " service-object " if ($O eq "SG"); print "object $TR$PR$TR"; print "NO" if ($O eq "NG"); print "SO" if ($O eq "SG"); print "$TR$Ob\n"; } print " description $comment\n" if ($comment); print "exit\n"; } #PR:CS #TR:_ #NO:NAME1:host 1.2.3.5 > object network TR PR TR NO TR NAME1 \n host 1.2.3.5 \n #NO:NAME2:network 1.2.2.0 255.255.255.0 > object network TR PR TR NO TR NAME2 \n network 1.2.2.0 255.255.255.0 \n #NG:NAME:NAME1,NAME2 > object-group network TR PR TR NG TR NAME \n network-object object TR PR TR NO TR NAME1 \n network-object object TR PR TR NO TR NAME2 \n #SO:NAME1:tcp source eq 123 destination range 100 200 > object service TR PR TR SO TR NAME1 \n tcp source eq 123 destination range 100 200 #SO:NAME2:tcp destination eq 112 > object service TR PR TR SO TR NAME2 \n tcp destination eq 112 #SG:NAME:NAME1,NAME2 > object-group service TR PR TR SG TR NAME \n service-object object TR PR TR SO TR NAME1 \n service-object object TR PR TR SO TR NAME2 \n