On Thu, Apr 8, 2010 at 9:35 PM, Brielle Bruns <br...@2mbit.com> wrote:
> I grabbed that access-list from the routers directly, so thats why it's been
> generated already. If there's a tool for UNIX/Linux that can generate the
> wildcard masks from CIDR in bulk for use in creating ACLs, I'd be happy to
> put it up on the page.
UNIX/Linux users can probably accomplish using simple scripting,
since there are perl modules such as NetAddr::IP available.
eg
#!/usr/bin/perl
use Net::CIDR qw/cidradd/;
use NetAddr::IP;
@list=();
while (<>) {
chomp;
while ( $_ =~ s/^\s*([a-fA-F0-9:.]+)\/(\d+)\s*/ / ) {
@list = cidradd($1 . '/' . $2, @list);
}
}
for (@list) { $ip = new NetAddr::IP($_);
print "access-list 199 deny " . $ip->addr() . " " . $ip->wildcard() . "\n"
;
}
--
-J
