Skip to content
A script to modify IOS and NX-OS ACLs
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.



  • Clone the repository git clone
  • Initialize a new python virtual environment python -m virtualenv venv
  • Install the required python modules ./venv/bin/python -m pip -r requirements.txt


  • Create a new YAML file or modify the provided YAML file
  • device_list entries should have a hostname and device_type (either cisco_ios or cisco_nxos)
    - hostname:
      device_type: cisco_ios
    - hostname:
      device_type: cisco_nxos
  • acl_name should refer to an ACL that already exists
    • Creating new ACLs isn't currently supported, but will be added when needed
  • if append is set to True, then the lines are added to the ACL. Otherwise the ACL is replaced
    • Line numbers can be specified in either instance, but should only be necessary when appending
    • When possible append False is preferred as this enforces consistancy
  • Note on ACL lines the pipe prior to the list of ACEs must be present for the YAML to be parsed correctly
  • Run the script with ./venv/bin/python mod_acl.yml
You can’t perform that action at this time.