i need to gather firewall rules (ACL) in which source ip is a public ip or public subnet and destination is an internal server and port is tcp/3389. I am wondering how to write a script that will excluded all ACL in which source ip is internal (starting with 10.xx.xx.xx) and gather only ACL in which public ip is source.
EXAMPLE OF ACL allowing access from public ip to internal ip:access-list OUT_access_in line 2 extended permit tcp host 8.8.8.8 host 10.10.10.5 eq 3389
access-list OUT_access_in line 3 extended permit tcp 8.8.8.0 255.255.255.0 host 10.10.10.5 eq 3389
EXAMPLE OF ACL allowing access from one internal ip to another internal ip:
access-list IN_access_in line 2 extended permit tcp host 10.15.15.5 host 10.10.10.5 eq 3389
access-list IN_access_in line 3 extended permit tcp 10.15.15.0 255.255.255.0 host 10.10.10.5 eq 3389
access-list IN_access_in line 4 extended permit tcp any host 10.10.10.5 eq 3389
Thanks,
Vikram