aclmaker.pl - simple CGI frontend to Cisco::ACL
aclmaker.pl is a simple CGI script that uses the Cisco::ACL module to generate IOS access control lists.
The script is designed to emulate acl.pl, which is the original script that Cisco::ACL began life as. It is not meant to be in any way fancy or suitable for embedding in a large web site. There is no taint checking enabled, the content type of the output is text/plain, etc, etc, etc.
text/plain
aclmaker.pl takes six input arguments:
permit_or_deny
One of permit or deny.
permit
deny
src_addr
Source and destination addresses may be specified in any combination of three syntaxes: a single IP address, a range of addresses in the format a.a.a.a-b.b.b.b or a.a.a.a-b, or a CIDR block in the format x.x.x.x/nn. You may supply a comma-separated list of any or all of these formats. Use the word "any" to specify all addresses. For example, all of the following are legal:
10.10.10.20 10.10.10.10-200 20.20.20.20-30.30.30.30 10.10.10.20 10.10.10.10-200 10.10.10.10/8,45.45.45.45
src_port
Ports may be specified as a singe port, a range of ports in the form xxxx-yyyy, or a comma separated list of any combination of those. The valid range is 0-65535.
dst_addr
As with src_addr but for the destination endpoint.
dst_port
As with src_port but tor the destination endpoint.
protocol
The protocol for the ACL. One of tcp, udp or ip. For compatibility the value both is interpreted as ip.
tcp
udp
ip
both
The output of aclmaker.pl is by design rather plain. Given the following input parms:
permit_or_deny = deny
src_addr = 192.168.0.1/24
src_port = any
dst_addr = any
dst_port = 25
protocol = tcp
The output is:
deny tcp 192.168.0.0 0.0.0.255 any eq 25
Cisco::ACL
James FitzGibbon, <jfitz@CPAN.org>.
Chris De Young (chd AT chud DOT net) wrote acl.pl, the guts of which are in Cisco::ACL but the interface of which this script emulates.
This module is free software. You may use and/or modify it under the same terms as perl itself.
To install Cisco::ACL, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Cisco::ACL
CPAN shell
perl -MCPAN -e shell install Cisco::ACL
For more information on module installation, please visit the detailed CPAN module installation guide.