Translate Netgate firewall rules to spreadsheet for review.
Project description
Netgate Firewall Converter
IMPORTANT
This is a first-draft alpha walk through the Netgate XML to get a feel for the type of data to be extracted.
The netgate-xml-to-xlsx
converts a standard Netgate firewall .xml configuration file to an .xlsx spreadsheet with multiple tabs.
- Supports Python 3.10+.
- This is an alpha version tested on a limited number of firewall files.
- The specific spreadsheet tabs implemented address our (ASI's) immediate firewall review needs.
- Tested only on Netgate firewall version 21.x files.
Installation
Recommend installing this in a virtual environment.
python -m pip install netgate-xml-to-xlsx
Or by using pipx
pipx install netgate-xml-to-xlsx
Once installed, the netgate-xml-to-xlsx
command is available on your path.
Usage
Help
# Display help
netgate-xml-to-xlsx --help
Sanitize Before Use
Netgate configuration files contains sensitive information. Sanitize the files before processing. Only sanitized files can be processed. The original (unsanitized) file is deleted.
# Sanitize Netgate configuration file(s) for review.
netgate-xml-to-xlsx --sanitize firewall-config.xml
netgate-xml-to-xlsx --sanitize dir/*
Convert to Spreadsheet
- By default, output is sent to the
./output
directory. - Use the
--output-dir
parameter to set a specific output directory. - The output filename is based on the
hostname
anddomain
elements of the XMLsystem
element. - Only sanitized files can generate a spreadsheet output.
# Convert a Netgate firewall configuration file.
netgate-xml-to-xlsx firewall-config.xml
# Convert all files in a directory.
netgate-xml-to-xlsx ../source/*-sanitized.xml
Implementation Notes
Why a plugin architecture?
This is an explicit decision to provide flexibility vs. speed/efficiency. A standard interface only gets so far and attempting to shoe-horn some of the complex elements into a standardized approach seemed futile. Some additional advantages are:
- Simplifies testing. Plugins parse XML and return a list of rows to be output. Plugins do not do their own output. This allows tests to provide source XML and check the returned rows.
- There are numerous Netgate plugins which I'll probably never see. Now people can add their own plugins, along with tests.
- Allows us to have a configuration file that defines what plugins to run, and the order in which to run them.
Tools
* nox
* tbump: setting version number
Using flakeheaven
The large collection of flakeheaven plugins is a bit overboard while I continue to find the best mixture of plugins that work best for my projects.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for netgate_xml_to_xlsx-0.9.7-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 90e00383a500365dcb118557494d88f085168ee91219efa5558d5c2c39da4d2a |
|
MD5 | 9c3e151990cdd8db4df47001f30e31be |
|
BLAKE2b-256 | aa9158493a9408544117cd790f105261c2bbb8e04452263bc8adb0d44c2d56af |