search

sjhloco / firewall_policy_report

Creates an Excel worksheet report from an ASA or Checkpoint firewall rule set with details of the hit counts and the last time the rule was hit
MIT License
4 stars 1 forks source link

how to run against a file #4

Open mairm1340 opened 1 year ago

mairm1340 commented 1 year ago

amrim@z370: firewall_policy_report on  main [!?] via  v3.10.8 ┌────────────────────────────────────────────── └─> pytest -v zsh: command not found: pytest

amrim@z370: firewall_policy_report on  main [!?] via  v3.10.8 ┌────────────────────────────────────────────── └─> pytest test/test_acl_report.py::test_asa_format_data -v zsh: command not found: pytest

can you please advise how we can run this on a file with the outputs captured.

mairm1340 commented 1 year ago

kindly assist

mairm1340 commented 1 year ago

❯ pytest -v ======================================================================================================== test session starts ======================================================================================================== platform linux -- Python 3.10.8, pytest-6.2.4, py-1.10.0, pluggy-0.13.1 -- /usr/bin/python cachedir: .pytest_cache rootdir: /home/amrim/CiscoAutomation/firewall_policy_report/test collected 3 items

test_acl_report.py::test_data_model PASSED [ 33%] test_acl_report.py::test_asa_format_data PASSED [ 66%] test_acl_report.py::test_ckp_format_data FAILED

It was an issue iwth my zsh file which is now sorted but how do I run the script against the outputs ? do i need to paste the output of show access-list in some file in test folder ? kindly share little details

sjhloco commented 1 year ago

Sorry I dont understand what you mean or are trying to do, from the outputs you are running unit tests against Checkpoint formatting? Those unit tests work fine for me.

mairm1340 commented 1 year ago

Sorry I dont understand what you mean or are trying to do, from the outputs you are running unit tests against Checkpoint formatting? Those unit tests work fine for me.

I need some details as to how I can run the script if I don't have access to the firewall. I should take what outputs from the Device and how can I run the script for Cisco ASA kindly assist.

sjhloco commented 1 year ago

There is no option to run against files, I use it for running against multiple ASAs and Checkpoints so is not really practical to use files. I have no plans at present to introduce static files as dont have a need for it.

For you to use static files you are going to have to edit the script yourself. If you look at the get_acls method in the asa.py file you can see where the command outputs are gathered, this is the place to start if you are wanting to feed static output into it.

def get_acls(fw, sid):
    asa_all_acls, acl_brief, acl_brief_temp = ([] for i in range(3))

    # 2a. Gets the name of all ACLs to be used in the show acl name brief cmd
    asa_acl = sid.send_command('show run access-group')
    ra_vpn_acl = sid.send_command('show run | in split-tunnel-network-list')
    sts_vpn_acl = sid.send_command('show run | in match address')
    for ace in asa_acl.splitlines():
        asa_all_acls.append(ace.split(' ')[1])
    for ace in ra_vpn_acl.splitlines():
        asa_all_acls.append(ace.split('value ')[1])
    for ace in sts_vpn_acl.splitlines():
        asa_all_acls.append(ace.split('address ')[1])

    # 2b. Gathers show ACL (as a string) and show ACL brief (as a list) output for all the ACLs
    for ace in set(asa_all_acls):
        acl_brief_temp.append(sid.send_command('show access-list {} brief'.format(ace)))
    acl_expanded = sid.send_command('show access-list | ex elements|cached|alert-interval|remark')

    # 2c. Creates new ACL brief list of all lines that have a timestamp (matching 8 characters, space, 8 characters)
    for item in acl_brief_temp:
        for line in item.splitlines():
            if re.match(r"^\S{8}\s\S{8}\s", line):
                acl_brief.append(line)
    return acl_brief, acl_expanded
jasfree commented 1 year ago

I am running the script against an ASA, and keep getting 'Unable to enter enable mode!'

============================== Firewall Policy Report v0.1 ============================== Checking the input file and options entered are valid... Enter global fw password for user 'freeman': Testing asa username/password and device connectivity ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00 ⚠️ WARNING - 'Unable to enter enable mode!'

The script ist ran using the following parameters:

(acl_report) gns3@gns3lab:~/firewall_policy_report-main$ python3 main.py -u freeman -n ACLreport20230919 -l ~/firewall_policy_report-main/

I have tried using the glob_user/glob_pass and user/pword with the same result.

What am I doing wrong? Should the username and password be in double quotes?