----------------------------------------------------------------------- FWdoc_to_Tables V 10.6.6 2007- by Volker Tanger ----------------------------------------------------------------------- With this tool you can export rulesets, objects and services into various forms of tables - even complete SQL statements. When exporting rules into tables please keep in mind, that modern firewall rule GUIs often allow group objects and multiple objects and services in the from/to/services columns of the rule tables. You may want to use "FWdoc_Ungroup" to replace group objects with their members and "FWdoc_Unroll_Rules" to unroll the multiple objects rules into single-object ones. We use the LGPL'ed json-py library for reading JSON files, which is included in the .TAR.GZ archive http://sourceforge.net/projects/json-py/ ----------------------------------------------------------------------- Examples ----------------------------------------------------------------------- To create an run-rolled, un-grouped ruleset, exported into tab-separated CSV files e.g. for import into a database fw1r70_to_fwdoc.pl --with_implicit_rules \ --merge_AI=_config/rulebases_5_0.fws \ --rules=_config/Standard.W \ --objects=_config/objects_5_0.C \ --verbose \ | fwdoc_used_objects.py \ | fwdoc_ungroup.py \ | fwdoc_unroll_rules.py \ | fwdoc_to_html.py \ | fwdoc_to_tables.py \ --rules=accessrules.txt \ --natrules=natrules.txt \ --objects=objects.txt \ --services=services.txt \ --layer7=layer7.txt \ --users=users.txt The same, but creating ready-to-run SQL statement files fw1r70_to_fwdoc.pl --with_implicit_rules \ --merge_AI=_config/rulebases_5_0.fws \ --rules=_config/Standard.W \ --objects=_config/objects_5_0.C \ --verbose \ | fwdoc_used_objects.py \ | fwdoc_ungroup.py \ | fwdoc_unroll_rules.py \ | fwdoc_to_html.py \ | fwdoc_to_tables.py \ --rules=accessrules.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into my_accessrules values\(" \ --rowsuffix="\);" \ | fwdoc_to_tables.py \ --natrules=natrules.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into my_natrules values\(" \ --rowsuffix="\);" \ | fwdoc_to_tables.py \ --objects=objects.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into my_objects values\(" \ --rowsuffix="\);" \ | fwdoc_to_tables.py \ --layer7=layer7.sql \ --services=services.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into my_layer7 values\(" \ --rowsuffix="\);" \ | fwdoc_to_tables.py \ --users=users.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into my_users values\(" \ --rowsuffix="\);" ----------------------------------------------------------------------- Roadmap / Programming / Contributing ----------------------------------------------------------------------- Updates will be available at http://www.wyae.de/software/fwdoc/ Please check there for updates prior to submitting patches! There is a user/developer mailing list available. To subscribe send a mail with "subscribe fwtools" as subject to minimalist@wyae.de For bug reports and suggestions or if you just want to talk to me please contact me at volker.tanger@wyae.de or fwtools@wyae.de ----------------------------------------------------------------------- History ----------------------------------------------------------------------- June 2010 v10.6.6 * Nicolas Goralski . fixed missing comma bug in layer3/7 output (missing comma) April 2010 v10.4.29 * Volker Tanger - added fields for extended access rules - interface support from/to - "name" - VPN-context (rules within VPNs) July 2007 * Volker Tanger - corrected missing Any object February 2007 * Volker Tanger - first running draft ----------------------------------------------------------------------- Shortcut: Distributable under GPL ----------------------------------------------------------------------- Copyright (C) 2007- Volker Tanger This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. or on their website http://www.gnu.org/copyleft/gpl.html -----------------------------------------------------------------------