WYAE - FWTOOLS Mailing List Archive

RE: [fwtools] real port numbers in a rules-dump
From:
Date:	Wed, 14 Apr 2004 11:20:20 +0200

Hmm..

the attached patch adds two new tags for "rule-templates"

<<>>: prints out the rule numbers. If the script can't determine a =

            service name it prints the servicename itself.=20
            ex: 80 53
<<>>/$rulenegated$txt/g;
=20
+	# Translate servicenames into port numbers
+	my @protocols;
+	my @ports;
+	foreach my $srv (split /=A7/, $access_services[$i]) {=20
+		push @ports,	($svc_dst_port{$srv} || $srv;
+		push @protocols, 	($svc_type{$srv} || "-") . ":" . =
($svc_dst_port{$srv} || $srv),
+	}
+
+	my $port_text 		=3D join($TemplateITEMSEP, @ports);
+	my $protocol_text 	=3D join($TemplateITEMSEP, @protocols);
+
+
+	$line =3D~ s/<<>>/$port_text/g;
+	$line =3D~ s/<<>>/$protocol_text/g;
 	$line =3D~ s/<<>>/$access_action[$i]/g;
 	$line =3D~ s/<<>>/$access_track[$i]/g;
 	$line =3D~ s/<<>>/$access_time[$i]/g;

-----Original Message-----
From: Volker Tanger [mailto:volker.tanger@detewe.de]
Sent: Dienstag, 13. April 2004 17:56
To: dw6794@sbc.com
Cc: Schuettel, Reto; fwtools@wyae.de
Subject: Re: [fwtools] real port numbers in a rules-dump


> On Tue, 13 Apr 2004 11:18:41 -0400 "WISNIEWSKI, DANIEL (SBCSI)"
>  wrote:
>=20
> > For all used services used in a rule:
> > fw1rules.pl --objects=3D$OBJECTS --rules=3D$FWDIR/conf/$POLICY.W
> > --template=3D$services --output=3D

Shortcut: within the fw1rules directory replace $service with

	templates/services.tsv

Bye

Volker Tanger
ITK Security