Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT overview extraction script share

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    1 Posts 1 Posters 308 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Non-ICE
      last edited by Non-ICE

      This little dirty python script is for when you have been a good boy and aliased all your NAT ports and your internal hosts, and then are trying to get an overview of what is really going on:

      give this script your saved config xml

      import xmltodict
      
      with open('pfsense_config.xml', 'r') as pfscxml:
          pfsd = xmltodict.parse(pfscxml.read())
      
      dr = False
      
      
      def splitports(ports):
          portlist = ports.split(' ')
          for i in range(len(portlist)):
              try:
                  portlist[i] = int(portlist[i])
              except:
                  pass
          try:
              portlist.sort()
          except:
              pass
          for i in range(len(portlist)):
              if i == len(portlist) - 1:
                  print(portlist[i], end=' -> ')
              else:
                  print(portlist[i])
      
      
      for item in pfsd['pfsense']['nat']['rule']:
          try:
              if item['disabled'] is None:
                  dr = True
          except:
              dr = False
              pass
      
          if not dr:
              print('')
              try:
                  print(item['source']['address'] + ' -> '+ item['destination']['port'] + ' -> ' + item['target'] + '  : ' + item['descr'])
              except:
                  print('any -> ' + item['destination']['port'] + ' - ' + item['target'] + '  : ' + item['descr'])
                  pass
      
              target = str(item['target'])
              ports = str(item['destination']['port'])
      
              # find alias for ports
              portaliasfound = False
              for port in pfsd['pfsense']['aliases']['alias']:
                  if port['name'] == ports and port['type'] == 'port':
                      splitports(port['address'])
      
                      portaliasfound = True
              if portaliasfound is False:
                  print(ports, end=' -> ')
      
              # find IP for target alias
              targetaliasfound = False
              for targets in pfsd['pfsense']['aliases']['alias']:
                  if targets['name'] == target and targets['type'] == 'host':
                      print(targets['address'])
                      targetaliasfound = True
              if targetaliasfound is False:
                  print(target)
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.