my @matches = split / /,$entry;
	 my $position = 3;
	 
	 if ($matches[$position] eq "permit")
	 {
		$hash{func} = $matches[$position];
		$position++;
	 }
	 elsif ($matches[$position] eq "deny")
	 {
		$hash{func} = $matches[$position];
		$position++;
	 }
	#completed action
	 if ($matches[$position] eq "object-group")
	 {
		$position++;
		my $protocol = get_obj_grp ($matches[$position]); #get_obj_grp is a separate function read from a hash table
		$hash{protocol} = join('<br>',@{$protocol->{entries}});
		$position++;
	 }
	 elsif($matches[$position] =~ /ip|tcp|udp|icmp/)
	 {
		$hash{protocol} = $matches[$position];
		$position++;		
	 }
	 else
	 {
		$position++; #shouldn't reach here
	 }# completed protocol
	  
	 if ($matches[$position] eq "object-group")
	 {
		$position++;
		my $source = get_obj_grp ($matches[$position]);
		$hash{source_net} = join('<br>',@{$source->{entries}});
		$position++;
	 }

	 elsif ($matches[$position] eq "any")
	 {
		$hash{source_net} = "any";
		$position++;
	 }	 
	 
	 elsif ($matches[$position] eq "host")
	 {
		$position++;
		if ($matches[$position] =~ m/^\d+\.\d+\.\d+\.\d+$/) {
			$hash{source_net} = "host $matches[$position]";
		}
		else{
			$hash{source_net} = "host " . find_name($matches[$position]);
		}
		$position++;
	 }

	 elsif($matches[$position] =~ m/^\d+\.\d+\.\d+\.\d+$/)
	 {
		$hash{source_net} = $matches[$position]." ".$matches[$position+1];
		$position++;
		$position++;
 	 }
	 elsif($matches[$position+1] =~ m/^\d+\.\d+\.\d+\.\d+$/)
	 {
		$hash{source_net} = find_name($matches[$position])." ".$matches[$position+1];
		$position++;
		$position++;
 	 }
	#completed source
	 
	 if ($matches[$position] eq "object-group")
	 {
		$position++;
		my $source = get_obj_grp ($matches[$position]);
		$hash{dest_net} = join('<br>',@{$source->{entries}});
		$position++;
	 }

	 elsif ($matches[$position] eq "any")
	 {
		$hash{dest_net} = "any";
		$position++;
	 }	 
	 
	 
	 elsif ($matches[$position] eq "host")
	 {
		$position++;
		if ($matches[$position] =~ m/^\d+\.\d+\.\d+\.\d+$/) {
			$hash{dest_net} = "host $matches[$position]";
		}
		else{
			$hash{dest_net} = "host " . find_name($matches[$position]);
		}
		$position++;
	 }

	 elsif($matches[$position] =~ m/^\d+\.\d+\.\d+\.\d+$/)
	 {
		$hash{dest_net} = $matches[$position]." ".$matches[$position+1];
		$position++;
		$position++;
 	 }
	 elsif($matches[$position+1] =~ m/^\d+\.\d+\.\d+\.\d+$/)
	 {
		$hash{dest_net} = find_name($matches[$position])." ".$matches[$position+1];
		$position++;
		$position++;
 	 }
	 #completed destination	 
	 
	 if ($matches[$position] eq "object-group")
	 {
		$position++;
		my $protocol = get_obj_grp ($matches[$position]);
		$hash{dest_port} = join('<br>',@{$protocol->{entries}});
		$position++;
	 }
	 elsif($matches[$position] eq "eq")
	 {
		$position++;
		$hash{dest_port} = $matches[$position];			
	 }
	 elsif($matches[$position] eq "range")
	 {
		$position++;
		$hash{dest_port} = $matches[$position]." to ".$matches[$position+1];	
		$position++;
		$position++;
	 }	 
	 else
	 {
		$position++
	 }# completed port
	    
          $entry = \%hash;         
     }