Powershell轉換防火墻策略
阿新 • • 發佈:2018-03-13
Powershell Convertfrom-string 正則 轉換對象 需求
昨天在群裏 有人提供了一些防火墻的策略文本,詢問如何能夠在PowerShell裏面轉換為對象。
文本樣例如下所示
rule id 39 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "Any" exit rule id 46 action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "PING" exit rule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz_group" name "zj-nqtw-wtqz" exit
方案1
因為這個文本看起來很有規律,所以第一個方案是使用 convertfrom-string這個命令,配合自己定義的模板,可以把這些字符串轉換為PS對象。
$t= @‘ rule id {ID*:39} action {action:permit} src-zone {srz_zone:"Any"} dst-zone {dst_zone:"Any"} src-addr {src_addr:"Any"} dst-addr {dst_addr:"Any"} service {service_addr:"Any"} {name:""} exit rule id {ID*:46} action permit src-zone "Any" dst-zone "Any" src-addr "Any" dst-addr "Any" service "PING" exit rule id 11 action permit src-zone "untrust" dst-zone "trust" src-addr "nqtwgroup" dst-addr "zj-wtqzgroup" service "wtqz_group" name "zj-nqtw-wtqz" exit ‘@ ConvertFrom-String -TemplateContent $t -InputObject $st | ft -AutoSize
簡單的解釋一下這個模板是怎麽設計的,把整個文本copy過來,在上面開始修改,比如我所需要的模板的每一行的開始需要用*進行標明,大括號{}裏面的鍵值對,鍵是自己取的名字,後面的值是文本的原先的內容;PS會自動根據規律來生成對應的對象。
具體的命令解釋可以參見 https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertfrom-string?view=powershell-5.1
結果如下所示:
ID action srz_zone dst_zone src_addr dst_addr service_addr -- ------ -------- -------- -------- -------- ------------ 39 permit "Any" "Any" "Any" "Any" "Any" 46 permit "Any" "Any" "Any" "Any" "PING" 11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group"
咋一看好像需要的結果都有了,不過仔細觀察 發現文本每一塊策略的內容略微有些不太一樣,比如說有些rule還多了個name的屬性,這樣的話如果不統一,一個單一的模板就對不上所以的內容了。
方案2
傳統的正則+字符串拼接處理
#原始文本
$st=@"
rule id 39
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "Any"
exit
rule id 46
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "PING"
exit
rule id 11
action permit
src-zone "untrust"
dst-zone "trust"
src-addr "nqtwgroup"
dst-addr "zj-wtqzgroup"
service "wtqz_group"
name "zj-nqtw-wtqz"
exit
"@
$r=@()
#正則進行多行匹配,獲取每一個rule的塊
$st | Select-String ‘(?smi)rule id [1-9]{2}.*?exit‘ -AllMatches | Foreach {$_.Matches} |
Foreach {
#替代一下空格和換行符,這樣更規整,方便處理
$temp=$_.value -replace ‘rule id‘,‘rule-id‘
$temp=$temp -replace ‘exit‘, ‘‘
$temp=$temp -replace ‘\r\n‘,‘,‘
$list=$temp.split(‘,‘)
$object = New-Object –TypeName PSObject
try{
foreach($item in $list){
$c=$item.trim().split()
$name=$c[0]
$value=$c[1]
$object | Add-Member -NotePropertyName $name -NotePropertyValue $value -ErrorAction SilentlyContinue
}}catch{}
$r+=$object
}
$r | select rule-id,action,src-zone,dst-zone,src-addr,dst-addr,service,name | ft最後結果如下所示,成功獲取了所以的信息
rule-id action src-zone dst-zone src-addr dst-addr service name
------- ------ -------- -------- -------- -------- ------- ----
39 permit "Any" "Any" "Any" "Any" "Any"
46 permit "Any" "Any" "Any" "Any" "PING"
11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group" "zj-nqtw-wtqz"Powershell轉換防火墻策略