Solved: TCL ACL-Editor

Krasnoperov · ‎08-29-2011

Hello, may be somebody have working tcl script which edit ACL in "user friendly mode", I found this

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/prod_presentation0900aecd805456f7.pdf

but for some reason it's not working

Joe Clarke · ‎08-29-2011

I wrote this script a long time ago. It worked then, and should work now. However, the presentation does not include the full code. You can download that script and more at http://www.marcuscom.com/BRKNMS-3021.zip . The script is called edit_acl.tcl.

View solution in original post

Joe Clarke · ‎08-29-2011

I wrote this script a long time ago. It worked then, and should work now. However, the presentation does not include the full code. You can download that script and more at http://www.marcuscom.com/BRKNMS-3021.zip . The script is called edit_acl.tcl.

Krasnoperov · ‎08-29-2011

Thank you Joseph! It's realy working, is it posible to change this script for named acl using?

thanks a lot

Joe Clarke · ‎08-29-2011

Sure, but it would require work to get all of the ACEs as they do not begin with the "ip access-list" command. You'd have to replace the CLI command in the get_acl function with something like:

"show run | section ip access-list .* $acl"

Some of the other ios_config commands will need to be adjusted as well to handle the named ACLs.

Krasnoperov · ‎08-30-2011

thanks Joseph, I'm not good in coding, I tried to change script for named acl using but failed, decide just change my named acl to numbered acl, I think it will work