Skip to main content

NQE Query to list NATed IP addresses

  • 2 August 2024
  • 0 replies
  • 22 views

The following NQE query lists all the IP addresses that are part of a NAT rule on any device in the network.

/**
 * @intent List all NAT entries
 * @description List all NAT entries, including post NAT IPs
 */

foreach device in network.devices
foreach natEntry in device.natEntries
let headerMatches = natEntry.headerMatches
let ipv4SrcSubnets = natEntry.headerMatches.ipv4Src
let ipv4DstSubnets = natEntry.headerMatches.ipv4Dst
let ipv4NatSrcSubnets = (foreach rewrite in natEntry.rewrites
                         select rewrite.ipv4Src)
let ipv4NatDstSubnets = (foreach rewrite in natEntry.rewrites
                         select rewrite.ipv4Dst)
where isPresent(max(ipv4NatSrcSubnets)) || isPresent(max(ipv4NatDstSubnets))

select {
  deviceName: device.name,
  "NAT type": natEntry.natType,
  "Source IP": ipv4SrcSubnets,
  "Destination IP": ipv4DstSubnets,
  "Source port start": (foreach tpSr in headerMatches.tpSrc
               select tpSr.start),
  "Source port end": (foreach tpSr in headerMatches.tpSrc
             select tpSr.end),
  "Dest port start": (foreach tpDt in headerMatches.tpSrc
               select tpDt.start),
  "Dest port end": (foreach tpDt in headerMatches.tpSrc
             select tpDt.end),
  "Post NAT Source": max(ipv4NatSrcSubnets),
  "Post NAT Destination": max(ipv4NatDstSubnets)
}

 

Be the first to reply!

Reply


Badge winners

  • NQE Contributor
    dakotagloryhas earned the badge NQE Contributor
  • Community Champ Award
    GaryBhas earned the badge Community Champ Award
  • Community Champ Award
    AndyLhas earned the badge Community Champ Award
  • NQE Contributor
    Christopherhas earned the badge NQE Contributor
  • NQE Contributor
    Tyson Henriehas earned the badge NQE Contributor
Show all badges
Terms of UseCookie settings