tidy-acl

Tidy ACLs listings on ASA

Normaly a show access-list would bring up something like

access-list OUTSIDE-IN line 1 extended permit ip object-group FOO any (hitcnt=9001)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.1 any (hitcnt=9000)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.2 any (hitcnt=1)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.3 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.4 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.5 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.6 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.7 any (hitcnt=0)
access-list OUTSIDE-IN line 2 extended permit ip object-group BAR any (hitcnt=9002)
  ...

Sometimes you just like to see the leading configuration lines. To get there you can simply exclude a double whitespace like:

show access-list | exclude \ \ 
access-list OUTSIDE-IN line 1 extended permit ip object-group FOO any (hitcnt=9001)
access-list OUTSIDE-IN line 2 extended permit ip object-group BAR any (hitcnt=9002)

all pages tagged asa

tidy-acl
Posted
Comments on this page are closed.