forked from JulieChv/Analyse_Reseaux
ajout de doc
This commit is contained in:
Chevallier
204
Parseurs_config_Firewall/MODELE.md
Normal file
204
Parseurs_config_Firewall/MODELE.md
Normal file
@@ -0,0 +1,204 @@
|
||||
```json
|
||||
{
|
||||
"firewall-device": {
|
||||
"type": "", //palo-alto, forcepoint, stormshield
|
||||
"name": [
|
||||
"NOM_Switch"
|
||||
]
|
||||
},
|
||||
"openconfig-interfaces:interfaces": {
|
||||
"interface": [
|
||||
{
|
||||
"name": "INTERFACE NAME",
|
||||
"config": {
|
||||
"name": "INTERFACE NAME",
|
||||
"type": "", //iana-if-type:ieee8023adLag, iana-if-type:ethernetCsmacd, ...
|
||||
"enabled": true,
|
||||
"description": "DESCRIPTION"
|
||||
},
|
||||
"subinterfaces": {
|
||||
"subinterface": [
|
||||
{
|
||||
"index": 0,
|
||||
"config": {
|
||||
"index": 0,
|
||||
"enabled": true
|
||||
},
|
||||
"oc-ip:ipv4": {
|
||||
"oc-ip:addresses": {
|
||||
"oc-ip:address": [
|
||||
{
|
||||
"oc-ip:ip": "IP",
|
||||
"oc-ip:config": {
|
||||
"oc-ip:ip": "IP",
|
||||
"oc-ip:prefix-length": "MASQUE"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"openconfig-network-instance:network-instances": {
|
||||
"network-instance": [
|
||||
{
|
||||
"name": "NOM",
|
||||
"config": {
|
||||
"name": "NOM",
|
||||
"type": "TYPE"
|
||||
},
|
||||
"interfaces": {
|
||||
"interface": [
|
||||
{
|
||||
"id": "" // INTERFACE
|
||||
}
|
||||
]
|
||||
},
|
||||
"protocols": { //routing table
|
||||
"protocol": [
|
||||
{
|
||||
"identifier": "STATIC",
|
||||
"name": "STATIC",
|
||||
"static-routes": {
|
||||
"static": [
|
||||
{
|
||||
"prefix": "CIDR",
|
||||
"next-hops": {
|
||||
"next-hop": [
|
||||
{
|
||||
"index": "", //NAME
|
||||
"config": {
|
||||
"index": "", //NAME
|
||||
"next-hop": "", //NEXT VR ou NEXT HOP IP
|
||||
"metric": 10,
|
||||
"oc-loc-rt-netinst:next-network-instance": "", //NEXT VR si NEXT VR
|
||||
"oc-loc-rt-netinst:nh-network-instance": "" // NEXT HOP IP si NEXT HOP IP
|
||||
},
|
||||
"interface-ref": {
|
||||
"config": {
|
||||
"interface": "" // INTERFACE
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"openconfig-acl:acl": {
|
||||
"acl-sets": {
|
||||
"acl-set": [
|
||||
{
|
||||
"name": "NOM",
|
||||
"type": "openconfig-acl:ACL_IPV4",
|
||||
"config": {
|
||||
"name": "NOM",
|
||||
"type": "openconfig-acl:ACL_IPV4",
|
||||
"description": "DESCRIPTION"
|
||||
},
|
||||
"state": {
|
||||
"description": true
|
||||
},
|
||||
"acl-entries": {
|
||||
"acl-entry": [
|
||||
{
|
||||
"sequence-id": 1,
|
||||
"config": {
|
||||
"sequence-id": 1,
|
||||
"description": [ //application
|
||||
"ping",
|
||||
]
|
||||
},
|
||||
"state": {
|
||||
"sequence-id": 1,
|
||||
"description": "" //Format "Misc: liste des tag member"
|
||||
},
|
||||
"ipv4": {
|
||||
"config": {
|
||||
"source-address": "any",
|
||||
"destination-address": "any"
|
||||
}
|
||||
},
|
||||
"transport": {
|
||||
"config": {
|
||||
"source-port": "any",
|
||||
"destination-port": "" //service member
|
||||
}
|
||||
},
|
||||
"actions": {
|
||||
"config": {
|
||||
"forwarding-action": "", //openconfig-acl:ACCEPT, openconfig-acl:ACCEPT_DISABLED, openconfig-acl:DROP, openconfig-acl:NAT
|
||||
"log-action": ""
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"custom-firewall-objects:firewall-objects": {
|
||||
"address": [
|
||||
{
|
||||
"name": "ADDRESS NAME",
|
||||
"config": {
|
||||
"name": "ADDRESS NAME",
|
||||
"ip_netmask": "IP ou CIDR",
|
||||
"description": "DESCRIPTION",
|
||||
"misc": [] //tag member
|
||||
}
|
||||
}
|
||||
],
|
||||
"address-group": [
|
||||
{
|
||||
"name": "ADDRESS GROUP NAME",
|
||||
"config": {
|
||||
"name": "GROUP NAME",
|
||||
"members": [
|
||||
"ADDRESS NAME"
|
||||
],
|
||||
"description": "DESCRIPTION",
|
||||
"misc": [] //tag member
|
||||
}
|
||||
}
|
||||
],
|
||||
"service": [
|
||||
{
|
||||
"name": "SERVICE NAME",
|
||||
"config": {
|
||||
"name": "SERVICE NAME",
|
||||
"protocol": "", //udp, tcp, ...
|
||||
"port": "",
|
||||
"source_port": "1",
|
||||
"description": "DESCRIPTION",
|
||||
"misc": [] //tag member
|
||||
}
|
||||
}
|
||||
],
|
||||
"service-group": [
|
||||
{
|
||||
"name": "SERVICE GROUP NAME",
|
||||
"config": {
|
||||
"name": "SERVICE GROUP NAME",
|
||||
"members": [
|
||||
"SERVICE NAME"
|
||||
],
|
||||
"description": "DESCRIPTION",
|
||||
"misc": [] //tag member
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
```
|
||||
@@ -4,8 +4,8 @@
|
||||
|
||||
Cet outil permet de **parser les configurations de différents types de firewalls** (Palo Alto, Stormshield, Forcepoint) et de **convertir ces informations en un format JSON normalisé basé sur des modèles OpenConfig en YANG**.
|
||||
|
||||
Il fournit également la possibilité de générer une **matrice de flux au format Excel** pour visualiser les communications et règles de trafic dans l’infrastructure.
|
||||
Il founit également la possibilité de générer une **matrice de routage au format Excel** pour visualiser les routes statiques dans l’infrastructure.
|
||||
- Il fournit également la possibilité de générer une **matrice de flux au format Excel** pour visualiser les communications et règles de trafic dans l’infrastructure.
|
||||
- Il founit également la possibilité de générer une **matrice de routage au format Excel** pour visualiser les routes statiques dans l’infrastructure.
|
||||
|
||||
## Fonctionnalités principales
|
||||
|
||||
|
||||
Reference in New Issue
Block a user