forked from job/aclhound
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathTODO
38 lines (28 loc) · 1.12 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Features to be delivered:
(language / parser / render)
- add grouping of port ranges in efficient way
- add greater/then lesser/then to the language
- add 'log' (disable not needed, just comment out the policy line)
(general)
- add the concept of a 'hack' (manual non-compiled ACL, useful for migrations)
(devices)
- add Juniper support (comes after all other features are done)
Subcommands to be created:
aclhound diff <file> [ vendor ]
- branch to previous commit
- compile for file (if device just proceed, if policy require vendor)
- checkout head again
- compile file
- produce unified diff
'aclhound submit' extension
- [ ] do diff-all
- [x] git-review
NOTES:
use http://packetpushers.net/cisco-configuration-archive-rollback-using-revert-instead-of-reload/ on IOS for confirm/rollback
ASA:
- remove ACL from interfaces first
- Upload ACL
( clear access-list ...
access-list derp derp )
- add ACL back to interfaces
http://www.gossamer-threads.com/lists/cisco/nsp/96410