Topic Thread

Expand all | Collapse all

Firewall policy-address-services export

  • 1.  Firewall policy-address-services export

     
    Posted 29 days ago
      |   view attached
    Hello,

    I'm looking for a way to convert from config file in .txt for example to .csv following components :

      * Addresses
      * Addresses group
      * VIP
      * IPPOOL
      * Services
      * Service Group

    During research, i found this subject : https://fusecommunity.fortinet.com/groups/community-home/digestviewer/viewthread?GroupId=1099&MID=424&CommunityKey=526bc34f-f3fe-4695-857c-2a7ad92ab83d&tab=digestviewer

    But i'm not able to modified this for my usage. Moreover, i found a script in attachment for rules only.

    So if you have any idea or another solution, feel free to suggest it !

    Thanks a lot for you help.

    Best regards

    ------------------------------
    Yohann [LastName] [Designation]
    Ing?nieur syst?me / r?seaux
    [CompanyName]
    [City] [State]
    [Phone]
    ------------------------------

    Attachment(s)

    txt
    policy.txt   1K 1 version


  • 2.  RE: Firewall policy-address-services export

     
    Posted 29 days ago

    I have done this several ways in the past for audits:

    1- manually edited the config item sections into a single line to be able to import into excel and then work there to create a nice format that shows the rules and what each item was in  a single line so they didn't have to do all the cross referencing. Not high tech but gets the task done. Some auditors though want to see the real thing so made sure what I was going to do was okay before spending the time.  
    2 - similar to above but for large configs, worked with regex commands in textpad to limit the manual edits before I could pull into Excel
    3 - Used image captures of the rules from the GUI and supplemented this with object details and group details so the auditor had the full info.
    4-provided read only views on the firewall or shared desktops.
    I have not found a good way to ever get a full conversion into a format in an automated fashion that was sufficient for the auditor.
    Pete




    ------------------------------
    Peter [LastName] [Designation]
    Enterprise Engineer, Networking
    [CompanyName]
    [City] [State]
    [Phone]
    ------------------------------



  • 3.  RE: Firewall policy-address-services export

     
    Posted 29 days ago
    Notepad++ and excel can solve everything 

    Andre Silva - AMSiNETWORKS.COM





  • 4.  RE: Firewall policy-address-services export

     
    Posted 29 days ago
    Like duct tape or WD40 in the real world ( :

    ------------------------------
    Peter [LastName] [Designation]
    Enterprise Engineer, Networking
    [CompanyName]
    [City] [State]
    [Phone]
    ------------------------------



  • 5.  RE: Firewall policy-address-services export

     
    Posted 28 days ago
    Sure. Join lines on notepad , manipulate on excel and insert new lines  on notepad++   ... I just migrated 1200 lines form Cisco asa to fortigate doing this....

    Andre Silva - AMSiNETWORKS.COM





  • 6.  RE: Firewall policy-address-services export

     
    Posted 26 days ago
    Hello,

    Thanks for your reply. To be honest, notepad ++ and excel, i can't anymore. :-)

    When i found these 3 scripts, it was really helpfull and we just have to continue this good work. Moreover, i don't succeed in my quest for adapting these to service, vip, ippool...

    Nobody doing this through python or perl like i've attached before ?

    Best regards,

    ------------------------------
    Yohann [LastName] [Designation]
    Ing?nieur syst?me / r?seaux
    [CompanyName]
    [City] [State]
    [Phone]
    ------------------------------