Script to find all rules in the Access Control Policy and mass change them
See desiredState variable inside, settings are self-explanatory
You can also specify CSV-file with "SecurityZone;Subnet"
columns, script will try to find and set destination zones in the rules
If [Default-Zone-Name] is specified, script will assume that every network missing in CSV-file belongs to that zone.
Also, it will check all the rules where [Default-Zone-Name] is the only SrcZone and try to find and set source zone(s).
Script will delete 'deny ip any any' rules by default (variable deleteDenyIPAnyAny)
Script will warn about 'permit ip any any' rules, but will not delete them
Script will change all 'ALLOW' rules to 'TRUST' (variable changeAllowToTrust)
Screen output will be logged into 'fmc_mass_log.log' text file
fmc_mass_log <FMC_address> <Policy_Name> [<VRF-Subnet.csv> [Default-Zone-Name]]
Net_1;192.168.0.0/24
Net_2;192.168.10.128/25
Inside_DMZ;10.0.0.0/8
Net_1;192.168.30.0/24