PowerShell Conversion Firewall Policy

Demand

Yesterday in the group some of the firewall's policy texts were provided, asking how they could be converted to objects within PowerShell.

The text sample looks like the following

rule id 39  action permit  src-zone "Any"  dst-zone "Any"  src-addr "Any"  dst-addr "Any"  service "Any"exitrule id 46  action permit  src-zone "Any"  dst-zone "Any"  src-addr "Any"  dst-addr "Any"  service "PING"exitrule id 11  action permit  src-zone "untrust"  dst-zone "trust"  src-addr "nqtwgroup"  dst-addr "zj-wtqzgroup"  service "wtqz_group"  name "zj-nqtw-wtqz"exit

Scenario 1

Because this text looks very regular, the first solution is to use the convertfrom-string command, with the template that you define, to convert these strings to PS objects.

$t=@‘rule id {ID*:39}  action {action:permit}  src-zone {srz_zone:"Any"}  dst-zone {dst_zone:"Any"}  src-addr {src_addr:"Any"}  dst-addr {dst_addr:"Any"}  service {service_addr:"Any"}  {name:""}exitrule id {ID*:46}  action permit  src-zone "Any"  dst-zone "Any"  src-addr "Any"  dst-addr "Any"  service "PING"exitrule id 11  action permit  src-zone "untrust"  dst-zone "trust"  src-addr "nqtwgroup"  dst-addr "zj-wtqzgroup"  service "wtqz_group"  name "zj-nqtw-wtqz"exit‘@ConvertFrom-String -TemplateContent $t -InputObject $st | ft -AutoSize

Simply explain how this template is designed, copy the entire text, and begin to modify, for example, I need to start each line of the template to be marked with *, curly braces {} Key value pairs, the key is its own name, followed by the value is the original content of the text PS automatically generates corresponding objects according to the rules.
Specific command explanations can be found in https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertfrom-string? view=powershell-5.1

The results are as follows:

ID action srz_zone  dst_zone src_addr    dst_addr       service_addr-- ------ --------  -------- --------    --------       ------------39 permit "Any"     "Any"    "Any"       "Any"          "Any"       46 permit "Any"     "Any"    "Any"       "Any"          "PING"      11 permit "untrust" "trust"  "nqtwgroup" "zj-wtqzgroup" "wtqz_group"

I look as if the need for the results have, but careful observation found that the text of each piece of policy content slightly different, for example, some rule also has a name attribute, so if not unified, a single template is not the content of the.

Scenario 2

Traditional regular + string concatenation processing

 #原始文本 [email protected] "rule ID permit src-zone" any "dst-zone" any "src-addr" any "dst-addr" any "s Ervice "Any" Exitrule ID, permit action src-zone "any" dst-zone "any" src-addr "any" dst-addr "any" service "PING" E  Xitrule ID One action permit src-zone "Untrust" Dst-zone "Trust" src-addr "Nqtwgroup" dst-addr "zj-wtqzgroup" service "Wtqz_group" name "Zj-nqtw-wtqz" Exit "@[email protected" () #正则进行多行匹配, gets the block of each rule $st | Select-string ' (? SMI) Rule ID [1-9]{2}.*?exit '-allmatches | Foreach {$_. Matches} | Foreach {#替代一下空格和换行符, which is more structured and easy to handle $temp =$_.value-replace ' rule id ', ' rule-id ' $temp = $temp-replace ' exit ', ' $temp = $te    Mp-replace ' \ r \ n ', ', ' $list = $temp. Split (', ') $object = New-object–typename psobject try{foreach ($item in $list) { $c = $item. Trim () split () $name = $c [0] $value = $c [1] $object | Add-member-notepropertyname $name-notepropertyvalue $value-erroraction silentlycontinue}}catch{} $r + = $object} $r | Select Rule-id,action,src-zoNe,dst-zone,src-addr,dst-addr,service,name | Ft

The final result is as follows, and the information is successfully obtained.

rule-id action src-zone  dst-zone src-addr    dst-addr       service      name          ------- ------ --------  -------- --------    --------       -------      ----          39      permit "Any"     "Any"    "Any"       "Any"          "Any"                      46      permit "Any"     "Any"    "Any"       "Any"          "PING"                     11      permit "untrust" "trust"  "nqtwgroup" "zj-wtqzgroup" "wtqz_group" "zj-nqtw-wtqz"

PowerShell Conversion Firewall Policy