A perl script to convert Cisco IOS/Nexus/ASA configurations to HTML for easier comprehension

Mike Hale eyeronic.design at gmail.com
Thu Oct 6 21:37:11 UTC 2016


On Thu, Oct 6, 2016 at 1:26 PM, Jesse McGraw <jlmcgraw at gmail.com> wrote:
> Nanog,
>     (This is me scratching an itch of my own and hoping that sharing it
> might be useful to others on this list.  Apologies if it isn't)
>   When I'm trying to comprehend a new or complicated Cisco router, switch or
> firewall configuration an old pet-peeve of mine is how needlessly difficult
> it is to follow deeply nested logic in route-maps, ACLs, QoS policy-maps etc
> etc
> To make this a bit simpler I’ve been working on a perl script to convert
> these text-based configuration files into HTML with links between the
> different elements (e.g. To an access-list from the interface where it’s
> applied, from policy-maps to class-maps etc), hopefully making it easier to
> to follow the chain of logic via clicking links and using the forward and
> back buttons in your browser to go back and forth between command and
> referenced list.
> I've put the script itself up here
> <https://github.com/jlmcgraw/network_configuration_navigator>:
> https://github.com/jlmcgraw/network_configuration_navigator
> See here
> <ttp://htmlpreview.github.com/?https://github.com/jlmcgraw/network_configuration_navigator/blob/master/examples/html_test_case_1.cfg.html>
> for output examples
> http://htmlpreview.github.com/?https://github.com/jlmcgraw/network_configuration_navigator/blob/master/examples/html_test_case_1.cfg.html
> Here's a quick web demo <https://hidden-waters-8218.herokuapp.com/> on
> Heroku
> https://hidden-waters-8218.herokuapp.com/
>     (This is just a simple web front-end to the script.  I'm not a web-savvy
> guy so I'm sure it's poorly coded and terribly insecure.
>     Please don't upload anything sensitive to this, it's just for testing!)
> I know there is a lot of stuff that could be done better so let me know if
> you think of anything new or notice something I’ve done wrong.
> One unexpected thing that has come out of this script is the ability to
> catch items that are defined but never actually used, whether it's due to a
> fat-finger or just being leftover cruft. This has proven very valuable in
> catching mistakes that are otherwise hard to spot.  Unfortunately the script
> can't currently catch the inverse (things that are called but never defined)
> due to the way the regexes are constructed
> Surely this has all been done before but I couldn't find anything in a few
> brief moments of searching so here we are.
> -Jesse
> Notes:
>     See the box on the right for a key and links to jump to the first line
> of the various types of sections or unused items
>     There are some command-line options for reformatting (make some numbers
> that are hard to read into more human-readable ones, add colors to
> permits/denies, scrub sensitive info etc, remove some redundancy).  Try and
> see what you like.
>     If you run it against multiple configuration files at once it will also
> attempt to link between them when applicable (e.g. BGP neighbors, route next
> hops, interfaces on the same subnet etc).  I regularly use it on a ~900
> configuration files set with no problems
>     Developed under Ubuntu Linux, somewhat tested on Windows but not at all
> on OS
>     Based on configs that I work with so it doesn't cover all possible
> commands.  Send patches!

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

More information about the NANOG mailing list