PIX::Accesslist::Line - ACL line object for each line of an PIX::Accesslist.

PIX::Accesslist::Line is used by PIX::Accesslist to hold a single line of an ACL. Each line can be searched against a set of IP & port criteria to find a match. Users will not usually have to create objects from this directly.

See PIX::Accesslist for more information regarding PIX Accesslists.

 $line = new PIX::Accesslist::Line(
	$action, $proto, $source, 
	$source_ort, $dest, $dest_port, $idx,
	$parent_acl_obj
 );

elements( )

Returns the total access-list elements (ACE) for the ACL line. Note: It's not wise to call this over and over again. Store the result in a variable and use that variable if you need to use this result in multiple places.

match(%args)

Returns a true value if the criteria given matches the logic of the ACL line. 'Loose' matching is performed. For example, If you supply a single IP or port a match may return TRUE on a line even though the final logic of the line might overwise be FALSE according to the OS on the firewall. If you want to be sure you get accurate matching you must provide all criteria shown below.

* source : Source IP

* sport : Source Port

* dest : Destination IP

* dport : Destionation Port

* proto : Protocol

Note: source port {sport} is not usually used. You will usually only want to use {dport}.

print([$any])

Pretty prints the ACL line. Tries to make it easy to read. If object-group's are used the names are printed instead of IP's if more than a single IP is present for a line.

$any is an optional string that will be used for any IP that represents 'ANY', defaults to: 0.0.0.0/0. It's useful to change this to 'ANY' to make the output easier to read.

  1)  permit (tcp)   192.168.0.0/24 -> 0.0.0.0/0 [Web_Services_tcp: 80,443]

num( )

Returns the line number for the ACL line

action(), permit(), deny()

Returns the action string 'permit' or 'deny' of the ACL line, or true if the ACL line is a permit or deny, respectively.

Jason Morriss <lifo 101 at - gmail dot com>

Please report any bugs or feature requests to bug-pix-walker at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=PIX-Walker. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

    perldoc PIX::Walker

    perldoc PIX::Accesslist
    perldoc PIX::Accesslist::Line

    perldoc PIX::Object
    perldoc PIX::Object::network
    perldoc PIX::Object::service
    perldoc PIX::Object::protocol
    perldoc PIX::Object::icmp_type

Copyright 2006-2008 Jason Morriss, all rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.