parse_policy
Parse vendor-native firewall configs to normalized JSON. Inspect extracted rules, verify object resolution, and expand addresses before analyzing overlaps.
Instructions
Parse a vendor-native firewall config and return normalized JSON rules. Use this to inspect what the built-in parser extracts — verify rule counts, object resolution, and address expansion before running overlap analysis. The output uses the same normalized schema accepted by analyze_firewall_rule_overlap.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| vendor | Yes | Vendor identifier. One of: "panos", "asa", "ftd", "ios", "iosxr", "checkpoint", "juniper", "junos", "sros", "fortios". | |
| os_version | No | Optional OS version string for parser variant selection. | |
| context_objects | No | Optional JSON string with supplemental object definitions (address groups, service objects). | |
| ruleset_payload | No | Complete firewall config in vendor-native text format. For IOS: paste the full 'show access-lists <name>' output. For PAN-OS: paste the full XML config tree. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |