Cisco Meraki L3 Rule Deduplicator: Get rid of those pesky duplicate firewall rules

This Python script:

1. Connects to a Meraki network
2. Evaluates the current L3 firewall rules
3. Removes duplicate rules
4. Uploads a clean, non-duplicated set up rules.

What problem is this script trying to solve?

No doubt - The Meraki dashboard is great. However, it is possible to create duplicate L3 firewall rules. Overtime, this can result in an unnecessary amount of unused rules. This script compares the current set of rules, minus the comments, and uploads a clean new set of L3 firewall rules without the duplicates.

Before

After

Requirements

This script requires a Python environment and the libraries included in the requirements.txt file.

Import requirements file: pip install -r requirements.txt

Configparser to store and access secrets

All the API keys are stored in a config.ini file using configparser. Your config.ini file should look like this:

Project file structure

Usage

$  python.exe rule_cleanup.py

How do I get my Meraki API key?

Super easy! You can find the instructions in this Meraki doc.

How do I get my Meraki Org ID and Network ID?

Also super easy! You can find the instructions in the Meraki API documentation.

References

This script only evaluates the existing layer 3 firewall rules and removes any duplicated rules. Here are a few examples of scripts that will allow you to programmatically add layer 3 firewall rules.

1. Using a Docker container by Oleksii Borisenko - @oborys
2. GVE DevNet Meraki MX Firewall Provisioner by Jorge Banegas
3. Add Meraki MX L3 Firewall Rule to Networks by Gerardo Chaves - @ggchaves

Known Issues

None

Getting help

If you have questions, concerns, bug reports, etc., please create an issue against this repository.

Author(s)

This project was written and is maintained by the following individuals:

• Aaron Davis aarodavi@cisco.com