Demand
Yesterday in the group some of the firewall's policy texts were provided, asking how they could be converted to objects within PowerShell.
The text sample looks like the following
rule id 39 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "Any"exitrule id 46 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "PING"exitrule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz_group" name "zj-nqtw-wtqz"exit
Scenario 1
Because this text looks very regular, the first solution is to use the convertfrom-string command, with the template that you define, to convert these strings to PS objects.
$t=@‘rule id {ID*:39} action {action:permit} src-zone {srz_zone:"Any"} dst-zone {dst_zone:"Any"} src-addr {src_addr:"Any"} dst-addr {dst_addr:"Any"} service {service_addr:"Any"} {name:""}exitrule id {ID*:46} action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "PING"exitrule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz_group" name "zj-nqtw-wtqz"exit‘@ConvertFrom-String -TemplateContent $t -InputObject $st | ft -AutoSize
Simply explain how this template is designed, copy the entire text, and begin to modify, for example, I need to start each line of the template to be marked with *, curly braces {} Key value pairs, the key is its own name, followed by the value is the original content of the text PS automatically generates corresponding objects according to the rules.
Specific command explanations can be found in https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertfrom-string? view=powershell-5.1
The results are as follows:
ID action srz_zone dst_zone src_addr dst_addr service_addr-- ------ -------- -------- -------- -------- ------------39 permit "Any" "Any" "Any" "Any" "Any" 46 permit "Any" "Any" "Any" "Any" "PING" 11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group"
I look as if the need for the results have, but careful observation found that the text of each piece of policy content slightly different, for example, some rule also has a name attribute, so if not unified, a single template is not the content of the.
Scenario 2
Traditional regular + string concatenation processing
#原始文本 [email protected] "rule ID permit src-zone" any "dst-zone" any "src-addr" any "dst-addr" any "s Ervice "Any" Exitrule ID, permit action src-zone "any" dst-zone "any" src-addr "any" dst-addr "any" service "PING" E Xitrule ID One action permit src-zone "Untrust" Dst-zone "Trust" src-addr "Nqtwgroup" dst-addr "zj-wtqzgroup" service "Wtqz_group" name "Zj-nqtw-wtqz" Exit "@[email protected" () #正则进行多行匹配, gets the block of each rule $st | Select-string ' (? SMI) Rule ID [1-9]{2}.*?exit '-allmatches | Foreach {$_. Matches} | Foreach {#替代一下空格和换行符, which is more structured and easy to handle $temp =$_.value-replace ' rule id ', ' rule-id ' $temp = $temp-replace ' exit ', ' $temp = $te Mp-replace ' \ r \ n ', ', ' $list = $temp. Split (', ') $object = New-object–typename psobject try{foreach ($item in $list) { $c = $item. Trim () split () $name = $c [0] $value = $c [1] $object | Add-member-notepropertyname $name-notepropertyvalue $value-erroraction silentlycontinue}}catch{} $r + = $object} $r | Select Rule-id,action,src-zoNe,dst-zone,src-addr,dst-addr,service,name | Ft
The final result is as follows, and the information is successfully obtained.
rule-id action src-zone dst-zone src-addr dst-addr service name ------- ------ -------- -------- -------- -------- ------- ---- 39 permit "Any" "Any" "Any" "Any" "Any" 46 permit "Any" "Any" "Any" "Any" "PING" 11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group" "zj-nqtw-wtqz"
PowerShell Conversion Firewall Policy