Cisco IOS CLI regular expressions (“Ceci n’est pas une pipe.”)

[taken from a  note originally written March 2007]

Yesterday, I was trying to find a method to implement an  ‘AND’ function within the Cisco IOS cisco command line.  I was familiar with the  ‘OR’ function available through the ‘|’ symbol (which is to say, the same symbol as the pipe).

For example, if you wanted to show the running config, and filter out lines that contained either ‘foo’ or ‘bar’, you could type

show run | include foo|bar

The second “pipe,”  in this case, isn’t a pipe, but the symbol for an ‘OR’ function.

Magritte -- this (pipe) is not a pipe

“Ceci n’est pas une pipe.”

 

I wasn’t able to find a way to do an ‘AND’ in an analogous fashion, but I  did find a decent Cisco webpage on CLI and regular expressions (regexp) that helped a bit. That page can be found here: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/cliparse.htm

It is possible to do ‘AND’ type functions implicitly by using a more complex set of matching rules based on regular expressions.

Here’s a example that shows (from an interactive session on the Cisco CLI) if access-lists have been applied to interfaces using the “access-group” command:

sh run | include (^interface [A-Z])|(ip access-group [0-9a-zA-Z])

Lines that start with ‘interface’ followed by an uppercase letter (the expression matches anything in the range A-Z) are supposed to match things like ‘interface Fastethernet,’ ‘interface Serial’ and so on. The second part of the expression matches access-groups that have three possible initial character ranges: a lowercase letter (a-z), an uppercase letter (A-Z), or a number (0-9) for the standard access lists.
Some rudimentary filtering is done, so things like Loopback sourcing, route-maps, and so on, don’t match.

Interfaces that have no access-lists applied have on the interface name listed, but interfaces with an access-group command show the complete access-group statement under the relevant interface (which makes sense, given that this is only a filtered ’show run’).

Output might look something like this:

interface Serial3/3
interface Serial3/3.1 point-to-point
ip access-group pac in
ip access-group ket out
interface FastEthernet4/0
interface Serial6/0
ip access-group Ozona in

If this kind of function is useful for you, it is even easier to use if you put it in an alias on your switch or router:

#conf t
#alias exec shlag sh run | include (^interface [A-Z])|(ip access-group [0-9a-zA-Z])

Of course, pick a name for the alias that you’ll remember.

Tags: , , ,

Leave a Reply

You must be logged in to post a comment.