In article , wrote: :What I want to know is basically, which TCP/UDP ports are accessibale :inbound and outbound on serial interfaces which connects to the :internet.
:I don't want to use a port scanner as I currently have all router :configurations.
:Is there any ACL optimizer that you would recommend to do this?
I don't have any particular ACL optimizer in mind -- they are tricky things to write.
How complex are the configurations, structurally? Are you just interested in "any" as the source? Is there a lot of subselection by destination?
Considering the complexity of your configuration, would it be sufficient, do you think, for a program to build up a list of permitted and denied ports per destination? I've done some set manipulation C code that might turn out to be useful in this kind of analysis, but I would need to think a bit more about how to handle permit / deny combinations.