您好,登錄后才能下訂單哦!
昨天在群里 有人提供了一些防火墻的策略文本,詢問(wèn)如何能夠在PowerShell里面轉(zhuǎn)換為對(duì)象。
文本樣例如下所示
rule id 39
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "Any"
exit
rule id 46
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "PING"
exit
rule id 11
action permit
src-zone "untrust"
dst-zone "trust"
src-addr "nqtwgroup"
dst-addr "zj-wtqzgroup"
service "wtqz_group"
name "zj-nqtw-wtqz"
exit
因?yàn)檫@個(gè)文本看起來(lái)很有規(guī)律,所以第一個(gè)方案是使用 convertfrom-string這個(gè)命令,配合自己定義的模板,可以把這些字符串轉(zhuǎn)換為PS對(duì)象。
$t=
@'
rule id {ID*:39}
action {action:permit}
src-zone {srz_zone:"Any"}
dst-zone {dst_zone:"Any"}
src-addr {src_addr:"Any"}
dst-addr {dst_addr:"Any"}
service {service_addr:"Any"}
{name:""}
exit
rule id {ID*:46}
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "PING"
exit
rule id 11
action permit
src-zone "untrust"
dst-zone "trust"
src-addr "nqtwgroup"
dst-addr "zj-wtqzgroup"
service "wtqz_group"
name "zj-nqtw-wtqz"
exit
'@
ConvertFrom-String -TemplateContent $t -InputObject $st | ft -AutoSize
簡(jiǎn)單的解釋一下這個(gè)模板是怎么設(shè)計(jì)的,把整個(gè)文本copy過(guò)來(lái),在上面開始修改,比如我所需要的模板的每一行的開始需要用*進(jìn)行標(biāo)明,大括號(hào){}里面的鍵值對(duì),鍵是自己取的名字,后面的值是文本的原先的內(nèi)容;PS會(huì)自動(dòng)根據(jù)規(guī)律來(lái)生成對(duì)應(yīng)的對(duì)象。
具體的命令解釋可以參見 https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertfrom-string?view=powershell-5.1
結(jié)果如下所示:
ID action srz_zone dst_zone src_addr dst_addr service_addr
-- ------ -------- -------- -------- -------- ------------
39 permit "Any" "Any" "Any" "Any" "Any"
46 permit "Any" "Any" "Any" "Any" "PING"
11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group"
咋一看好像需要的結(jié)果都有了,不過(guò)仔細(xì)觀察 發(fā)現(xiàn)文本每一塊策略的內(nèi)容略微有些不太一樣,比如說(shuō)有些rule還多了個(gè)name的屬性,這樣的話如果不統(tǒng)一,一個(gè)單一的模板就對(duì)不上所以的內(nèi)容了。
傳統(tǒng)的正則+字符串拼接處理
#原始文本
$st=@"
rule id 39
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "Any"
exit
rule id 46
action permit
src-zone "Any"
dst-zone "Any"
src-addr "Any"
dst-addr "Any"
service "PING"
exit
rule id 11
action permit
src-zone "untrust"
dst-zone "trust"
src-addr "nqtwgroup"
dst-addr "zj-wtqzgroup"
service "wtqz_group"
name "zj-nqtw-wtqz"
exit
"@
$r=@()
#正則進(jìn)行多行匹配,獲取每一個(gè)rule的塊
$st | Select-String '(?smi)rule id [1-9]{2}.*?exit' -AllMatches | Foreach {$_.Matches} |
Foreach {
#替代一下空格和換行符,這樣更規(guī)整,方便處理
$temp=$_.value -replace 'rule id','rule-id'
$temp=$temp -replace 'exit', ''
$temp=$temp -replace '\r\n',','
$list=$temp.split(',')
$object = New-Object –TypeName PSObject
try{
foreach($item in $list){
$c=$item.trim().split()
$name=$c[0]
$value=$c[1]
$object | Add-Member -NotePropertyName $name -NotePropertyValue $value -ErrorAction SilentlyContinue
}}catch{}
$r+=$object
}
$r | select rule-id,action,src-zone,dst-zone,src-addr,dst-addr,service,name | ft
最后結(jié)果如下所示,成功獲取了所以的信息
rule-id action src-zone dst-zone src-addr dst-addr service name
------- ------ -------- -------- -------- -------- ------- ----
39 permit "Any" "Any" "Any" "Any" "Any"
46 permit "Any" "Any" "Any" "Any" "PING"
11 permit "untrust" "trust" "nqtwgroup" "zj-wtqzgroup" "wtqz_group" "zj-nqtw-wtqz"
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。