Skip to main content

Identifying Devices with Inbound/Outbound ACLs Configured on Interfaces

  • February 25, 2025
  • 0 replies
  • 27 views
  • Translate

This NQE can be a quick way for you to identify interfaces and subinterfaces with configured ACLs. This could be invaluable from a couple angles: path analysis/troubleshooting and audit.

Check it out! Let me know what you think!

*I put both 
where length(acls.inboundAclNames) > 0 && length(acls.outboundAclNames) > 0
and
where length(acls.inboundAclNames) > 0 || length(acls.outboundAclNames) > 0

because I feel both can have benefit in their own circumstances.

foreach device in network.devices
foreach interface in device.interfaces
foreach subinterface in interface.subinterfaces
let acls = subinterface.acls
where length(acls.inboundAclNames) > 0 && length(acls.outboundAclNames) > 0
// where length(acls.inboundAclNames) > 0 || length(acls.outboundAclNames) > 0
select {
  deviceName: device.name,
  asset: device.tagNames,
  interfaceName: interface.name,
  subinterfaceName: subinterface.name,
  inboundAclNames: acls.inboundAclNames,
  outboundAclNames: acls.outboundAclNames
}

 

0 replies

Be the first to reply!

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings