What do you think of this?

use Modern::Perl;
use Regexp::Common;

my $cisco_protocol = qr {
    (?:ip|tcp|udp)
    |
    (?:object-group\s+[\S]+)
}x;

my $cisco_network = qr{
    (?:host\s+[\S]+)
    |
    (?:$RE{net}{IPv4}\s+$RE{net}{IPv4})
    |
    (?:object-group\s+[\S]+)
    |
    any
}x;

my $cisco_ports = qr{
    (?:eq\s+\d+)
    |
    (?:range\s+\d+\s+\d+)
}x;

my $cisco_regex = qr{^
    access-list
    \s+
    (?<name>[\S]+) # name
    \s+
    extended
    \s+
    (?<action>(?:permit|deny)) # action
    \s+
    (?<proto>$cisco_protocol) # protocol
    \s+
    (?<source>$cisco_network)  # source_network
    \s+
    (?<destination>$cisco_network)  # destination_network
    (?:\s+(?<ports>$cisco_ports))? # ports
}x;

while ( my $rule = <DATA> ) {
    chomp $rule;
    say "Parsing >$rule<";
    if ( $rule =~ m/$cisco_regex/ ) {
        say "Name:        $+{name}";
        say "Action:      $+{action}";
        say "Protocol:    $+{proto}";
        say "Source:      $+{source}";
        say "Destination: $+{destination}";
        say "Ports:       $+{ports}" if defined $+{ports};
        print "\n";
    }
    else { say "No match\n"; }
}

__DATA__
access-list V420_IN extended permit object-group Symantec_Service_Grou
+p object-group Symantec_Clients Symantec_Servers
access-list V420_IN extended permit object-group Symantec_Service_Grou
+p 10.148.0.0 255.254.0.0 host 10.149.16.40
access-list V420_IN extended permit object-group Symantec_Service_Grou
+p any any
access-list V420_IN extended permit tcp any any range 137 139
access-list V420_IN extended permit tcp any any eq 445
[download]

Output:

Parsing >access-list V420_IN extended permit object-group Symantec_Ser
+vice_Group object-group Symantec_Clients Symantec_Servers<
No match

Parsing >access-list V420_IN extended permit object-group Symantec_Ser
+vice_Group 10.148.0.0 255.254.0.0 host 10.149.16.40<
Name:        V420_IN
Action:      permit
Protocol:    object-group Symantec_Service_Group
Source:      10.148.0.0 255.254.0.0
Destination: host 10.149.16.40

Parsing >access-list V420_IN extended permit object-group Symantec_Ser
+vice_Group any any<
Name:        V420_IN
Action:      permit
Protocol:    object-group Symantec_Service_Group
Source:      any
Destination: any

Parsing >access-list V420_IN extended permit tcp any any range 137 139
+<
Name:        V420_IN
Action:      permit
Protocol:    tcp
Source:      any
Destination: any
Ports:       range 137 139

Parsing >access-list V420_IN extended permit tcp any any eq 445<
Name:        V420_IN
Action:      permit
Protocol:    tcp
Source:      any
Destination: any
Ports:       eq 445
[download]

As you see the first one does not match as I think the rule is not well formed. It seems to miss an object-group token.

---

---

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

• How do I compose an effective node title?
• How do I post a question effectively?
• Markup in the Monastery

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		&
	<		&lt;
	>		&gt;
	[		&#91;
	]		&#93;

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.