WYAE - FWTOOLS Mailing List Archive

Re: [fwtools] Bug found! New version of fw1r55_to_fwdoc
From:	"J.D. Baldwin"
Date:	Tue, 24 Jul 2007 14:05:57 -0400

> Thanks to a fwdoc file sent by J. I finally was able to track down the
> error: it was within the implicit NAT rules, where there was a typo
> printing  
> 	"enabled": "yes," 
> instead of
> 	"enabled": "yes", 
> 
> The new 0.8.8 version is available at
> http://www.wyae.de/software/fwdoc/
> 
> The other fwdoc_to_* files are still the same.
> 
> Please try wether that solves your problems.

I am still seeing the bug on NG with a newly downloaded 0.8.8.  Here
is the output of fw_used_objects.py:

# ./fw1r55_to_fwdoc.pl --rules=XX-XX-YY-Combined.W --objects=objects_5_0.C --merge_AI=rulebases_5_0.fws --anonymize > p.jns
# cat p.jns | ./fwdoc_used_objects.py -u 2>&1 | head -30
Traceback (most recent call last):
  File "./fwdoc_used_objects.py", line 57, in 
    fwdoc = json.read(fwdoctxt)
  File "/opt/adm/fwdoc_work/json.py", line 311, in read
    return JsonReader().read(s)
  File "/opt/adm/fwdoc_work/json.py", line 55, in read
    result = self._read()
  File "/opt/adm/fwdoc_work/json.py", line 64, in _read
    return self._readObject()
  File "/opt/adm/fwdoc_work/json.py", line 222, in _readObject
    val = self._read()
  File "/opt/adm/fwdoc_work/json.py", line 66, in _read
    return self._readArray()
  File "/opt/adm/fwdoc_work/json.py", line 198, in _readArray
    item = self._read()
  File "/opt/adm/fwdoc_work/json.py", line 64, in _read
    return self._readObject()
  File "/opt/adm/fwdoc_work/json.py", line 222, in _readObject
    val = self._read()
  File "/opt/adm/fwdoc_work/json.py", line 66, in _read
    return self._readArray()
  File "/opt/adm/fwdoc_work/json.py", line 205, in _readArray
    raise ReadException, "Not a valid JSON array: '%s' due to: '%s'" % (self._generator.all(), ch)
json.ReadException: Not a valid JSON array: '{
  "firewall": {
        "brand": "CheckPoint",
        "type": "FireWall-1 / VPN-1",
        "version": "3.0 - 4.1 - NG R55",
[... etc.]

I will see whether I can sanitize a .jns file enough to send it along.
-- 
  _+_ From the catapult of |If anyone disagrees with any statement I make, I
_|70|___:)=}- J.D. Baldwin |am quite prepared not only to retract it, but also
\      /  baldwin@panix.com|to deny under oath that I ever made it. -T. Lehrer
***~~~~-----------------------------------------------------------------------