Forum Discussion

jcummings_26137's avatar
jcummings_26137
Icon for Nimbostratus rankNimbostratus
Sep 19, 2018

List AFM rules containing specific addresses?

Is there a way to list only a portion of an AFM rule list that contains a specific address?

I.E. If I have this output:

list security firewall rule-list RULE_LIST

rules {
    ACL_RL_1111 {
        action accept
        ip-protocol tcp
        log yes
        destination {
           addresses {
                1.1.1.1 { }
            }
            port-lists {
                PORTS_TCP
            }
        }
        source {
            address-lists {
                SOURCES_AL
            }
        }
    }
    ACL_RL_1112 {
        action accept
        ip-protocol udp
        log yes
        destination {
            addresses {
                1.1.1.1 { }
                2.2.2.2 { }
            }
            port-lists {
                PORTS_UDP
            }
        }
        source {
            address-lists {
                SOURCES_AL
            }
        }
    }
    ACL_RL_1113 {
        action accept
        ip-protocol tcp
        log yes
        destination {
            address-lists {
                DESTINATIONS_AL
            }
            ports {
                25 { }
            }
        }

And only want to see the sections that contain the IP address 1.1.1.1 (in this case, ACL_RL_1111 and 1112) instead of displaying the entire list, is there a way to accomplish that?

1 Reply

  • you could try this...

     tmsh -q -c "list security firewall rule-list test1"
    security firewall rule-list test1 {
        rules {
            test1 {
                action accept
                rule-number 1
                source {
                    addresses {
                        1.1.1.1 { }
                    }
                }
            }
            test2 {
                action accept
                rule-number 2
                source {
                    addresses {
                        1.1.1.1 { }
                        10.10.10.10 { }
                    }
                }
            }
            test3 {
                action accept
                rule-number 3
                source {
                    addresses {
                        1.1.1.1 { }
                        1.1.1.2 { }
                        10.10.10.10 { }
                    }
                }
            }
            test4 {
                action accept
                rule-number 4
                source {
                    addresses {
                        1.1.1.2 { }
                        1.1.1.4 { }
                    }
                }
            }
        }
    }
    

    filter for 10.10.10.10

     tmsh -q -c "list security firewall rule-list test1" | awk 'BEGIN {RS="\n        }"} /10.10.10.10/ {print $0}'
            test2 {
                action accept
                rule-number 2
                source {
                    addresses {
                        1.1.1.1 { }
                        10.10.10.10 { }
                    }
                }
    
            test3 {
                action accept
                rule-number 3
                source {
                    addresses {
                        1.1.1.1 { }
                        1.1.1.2 { }
                        10.10.10.10 { }
                    }
                }