152 lines
3.2 KiB
Bash
Executable File
152 lines
3.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
IFS=
|
|
HOSTNAME=/home/rancid/var/rancid/network/configs/$1
|
|
|
|
pho()
|
|
{
|
|
echo "<"$1">"
|
|
}
|
|
|
|
phc()
|
|
{
|
|
echo "</"$1">"
|
|
}
|
|
|
|
get_object()
|
|
{
|
|
OBJN=$1
|
|
#egrep -A 100 "$OBJN$" $HOSTNAME | egrep "object|subnet|host" | egrep -m2 -B 100 "^[a-z]" | head -n -1 | tail -n +2 | while read -r LINE
|
|
egrep -A 100 "$OBJN$" $HOSTNAME | egrep -m2 -B 100 "^[a-z]" | head -n -1 | tail -n +2 | while read -r LINE
|
|
do
|
|
if [[ "$LINE" =~ "group-object" ]]
|
|
then
|
|
echo "<br><i><b>>>> $LINE</b></i>"
|
|
else
|
|
echo $LINE
|
|
fi
|
|
if [[ "$LINE" =~ "group-object" ]]
|
|
then
|
|
OBJNN=$(echo $LINE | awk '{print $2}')
|
|
get_object $OBJNN
|
|
echo " <i><b><<< group-object $OBJNN</b></i><br><br>"
|
|
elif [[ "$LINE" =~ "network-object object" ]]
|
|
then
|
|
OBJNN=$(echo $LINE | awk '{print $3}')
|
|
get_object $OBJNN
|
|
echo ""
|
|
else
|
|
I=1
|
|
fi
|
|
done
|
|
}
|
|
|
|
pho html
|
|
pho head
|
|
echo "
|
|
<style>
|
|
td {
|
|
border: 1px solid black;
|
|
spacing: 0px;
|
|
padding: 10px;
|
|
}
|
|
table {
|
|
border-spacing: 10px;
|
|
border-collapse: separate;
|
|
}
|
|
</style>
|
|
"
|
|
|
|
phc head
|
|
pho body
|
|
pho "table cellspacing=1 cellpading=1"
|
|
# pick crypto map entry
|
|
egrep "crypto map .* set peer|crypto map .* ipsec-isakmp dynamic" $HOSTNAME | grep -v 65535 | while read -r LINE ; do
|
|
NR=$(echo "$LINE" | awk '{print $4}')
|
|
CM=$(echo "$LINE" | awk '{print $3}')
|
|
pho tr
|
|
|
|
pho "td valign=top style='white-space: pre'"
|
|
echo "<b>Tunnel</b>"
|
|
echo "#"$NR
|
|
phc td; pho "td valign=top style='white-space: pre'"
|
|
echo "<b>Crypto Map:</b>"
|
|
echo "$CM"
|
|
phc td
|
|
|
|
pho "td valign=top style='white-space: pre'"
|
|
#get peer for cm entry
|
|
echo "<b>Peer(s):</b>"
|
|
PEER=$(egrep "crypto map .* $NR set peer|crypto map .* $NR ipsec-isakmp dynamic" $HOSTNAME | awk '{print $7 " " $8 " " $9}')
|
|
PEERIP=$PEER
|
|
echo $PEER | sed 's/ /<br>/g'
|
|
phc td
|
|
|
|
pho "td valign=top style='white-space: pre'"
|
|
#get acl for cm entry
|
|
ACL=$(egrep "crypto .*map .* $NR match address" $HOSTNAME | awk '{print $7}')
|
|
echo "<b>Access-List:</b>"
|
|
echo $ACL
|
|
phc td
|
|
|
|
pho "td valign=top style='white-space: pre'"
|
|
ACEl=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $6 " " $7}')
|
|
echo "<b>Lokal:</b>"
|
|
|
|
echo $ACEl | while read -r LINEl
|
|
do
|
|
echo $LINEl
|
|
if [[ "$LINEl" =~ "object" ]]
|
|
then
|
|
OBJN=$(echo $LINEl | awk '{print $2}')
|
|
get_object $OBJN
|
|
fi
|
|
done
|
|
phc td
|
|
|
|
pho "td valign=top style='white-space: pre'"
|
|
ACEr=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $8 " " $9}')
|
|
echo "<b>Remote:</b>"
|
|
|
|
echo $ACEr | while read -r LINEr
|
|
do
|
|
echo $LINEr
|
|
if [[ "$LINEr" =~ "object" ]]
|
|
then
|
|
OBJN=$(echo $LINEr | awk '{print $2}')
|
|
get_object $OBJN
|
|
fi
|
|
done
|
|
|
|
phc td
|
|
phc tr
|
|
|
|
pho tr
|
|
|
|
pho "td style='border-style: none'"
|
|
phc td
|
|
|
|
pho "td colspan=5"
|
|
for IP in `echo $PEERIP | sed 's/ /\n/'`
|
|
do
|
|
IP=$(echo $IP | sed 's/ //')
|
|
grep -A 3 "tunnel-group $IP" $HOSTNAME | grep "isakmp keepalive" && pho br
|
|
|
|
GP=$(egrep -A 3 "tunnel-group $IP" $HOSTNAME | grep "default-group-p" | sed 's/ default-group-policy //')
|
|
echo "Group-Policy: $GP<br>"
|
|
done
|
|
|
|
egrep "crypto map .* $NR " $HOSTNAME | grep pfs | awk '{print $6 " " $7 "<br>"}'
|
|
egrep "crypto map .* $NR " $HOSTNAME | grep security | awk '{print $6 " " $7i " " $8 " " $9 "<br>"}'
|
|
egrep "crypto map .* $NR " $HOSTNAME | grep transform | awk '{print $7 " " $8 "<br>"}'
|
|
phc td
|
|
phc tr
|
|
pho "tr height=20px"
|
|
phc tr
|
|
done
|
|
|
|
phc table
|
|
phc body
|
|
phc html
|
|
|