NAT overview extraction script share
-
This little dirty python script is for when you have been a good boy and aliased all your NAT ports and your internal hosts, and then are trying to get an overview of what is really going on:
give this script your saved config xml
import xmltodict with open('pfsense_config.xml', 'r') as pfscxml: pfsd = xmltodict.parse(pfscxml.read()) dr = False def splitports(ports): portlist = ports.split(' ') for i in range(len(portlist)): try: portlist[i] = int(portlist[i]) except: pass try: portlist.sort() except: pass for i in range(len(portlist)): if i == len(portlist) - 1: print(portlist[i], end=' -> ') else: print(portlist[i]) for item in pfsd['pfsense']['nat']['rule']: try: if item['disabled'] is None: dr = True except: dr = False pass if not dr: print('') try: print(item['source']['address'] + ' -> '+ item['destination']['port'] + ' -> ' + item['target'] + ' : ' + item['descr']) except: print('any -> ' + item['destination']['port'] + ' - ' + item['target'] + ' : ' + item['descr']) pass target = str(item['target']) ports = str(item['destination']['port']) # find alias for ports portaliasfound = False for port in pfsd['pfsense']['aliases']['alias']: if port['name'] == ports and port['type'] == 'port': splitports(port['address']) portaliasfound = True if portaliasfound is False: print(ports, end=' -> ') # find IP for target alias targetaliasfound = False for targets in pfsd['pfsense']['aliases']['alias']: if targets['name'] == target and targets['type'] == 'host': print(targets['address']) targetaliasfound = True if targetaliasfound is False: print(target)