Tool to clean up your acl

f1outsourcing · February 5, 2021, 4:59pm

I just wanted to share a cidr-merger tool I have found that merges your ip addresses. I did not test it fully but it is worth looking at. From 2371 addresses of the amazon cloud to 888.

[@ ~]$ cat amazon-cloud.json | jq -r .prefixes[].ip_prefix| wc -l
3819
[@ ~]$ cat amazon-cloud.json | jq -r .prefixes[].ip_prefix| sort -u | wc -l
2871
[@ ~]$ cat amazon-cloud.json | jq -r .prefixes[].ip_prefix| sort -u | tr '\n' ' ' | ./cidr-merger - | wc -l
888


[@ ~]$ cat google-cloud.json | jq -r .prefixes[].ipv4Prefix | wc -l
388
[@ ~]$ cat google-cloud.json | jq -r .prefixes[].ipv4Prefix | sort -u | wc -l
384
[@ ~]$ cat google-cloud.json | jq -r .prefixes[].ipv4Prefix | sort -u | tr '\n' ' ' | ./cidr-merger - | wc -l
invalid ip/CIDR address/range: null
176


[@ ~]$ cat microsoft.json | jq -r .values[].properties.addressPrefixes[] | grep -v ':' | wc -l
31683
[@ ~]$ cat microsoft.json | jq -r .values[].properties.addressPrefixes[] | grep -v ':' | sort -u | wc -l
17338
[@ ~]$ cat microsoft.json | jq -r .values[].properties.addressPrefixes[] | grep -v ':' | sort -u |  tr '\n' ' ' | ./cidr-merger - | wc -l
1842

lukastribus · February 5, 2021, 6:11pm

A python alternative is:

Topic		Replies	Views
Tool to generate ACLs from an OpenAPI specification? Help!	0	156	March 7, 2023
Block request if host == IP Help!	3	1415	October 5, 2018
PFsense custom acl whitelist IP alias backend specific block reject others Help!	3	3827	November 27, 2020
HaProxy ACL - internal IP addresses Help!	2	498	March 18, 2021
Use backend if usr_path* Help!	0	897	February 1, 2017

Tool to clean up your acl

Related Topics