[38212] in North American Network Operators' Group
Re: Cisco ACL Manager(s)
daemon@ATHENA.MIT.EDU (Joe Shaw)
Thu May 31 14:30:05 2001
Date: Thu, 31 May 2001 13:29:13 -0500 (CDT)
From: Joe Shaw <jshaw@insync.net>
To: "Robert A. Hayden" <rhayden@geek.net>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.21.0105311308400.10760-100000@geek.net>
Message-ID: <Pine.GSO.4.33.0105311324050.18566-100000@vellocet.insync.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 31 May 2001, Robert A. Hayden wrote:
> Any recommendations out there on software to make management of Cisco ACLs
> a little easier than traditional manual ways? Doesn't even need to do the
> insertion into the router, just be able to produce something that can be
> cut-n-pasted into place.
I'm not sure exactly what you're looking for, but you could check into
Filter Language Compiler, by Darren Reed of ipfilter fame (or infamy
depending on how you look at it). Looks interesting, but I'm not sure if
it would decrease your admin efforts unless you're pushing the same policy
throughout your network's edge devices.
One of FLC's biggest features is it's ability to work with the various
UNIX packet filters, as well as Cisco ACL's.
Regards,
--
Joseph W. Shaw II
CCNA/Network Security Goon
"Unemployed. Will hack for food. God bless."
