----------------------------------------------------------------------- FWdoc_unroll_rules V 0.1 (2007-02-28) 2007 by Volker Tanger ----------------------------------------------------------------------- Modern firewall rule GUIs often allow multiple objects and services in the from/to/services columns of the rule tables. With "FWdoc_Unroll_Rules" you can unroll the multiple objects rules into single-object ones. This usually is used when transforming the ruleset into a target format that cannot work with multi-object rules or when exporting into tables (or SQL statements). Please be aware that unrolling a ruleset usually multiplied the number of rules by quite a manifold - an increase of a factor around 50 is not uncommon in productive rulesets. We use the LGPL'ed json-py library for reading JSON files, which is included in the .TAR.GZ archive http://sourceforge.net/projects/json-py/ ----------------------------------------------------------------------- Examples ----------------------------------------------------------------------- To create an run-rolled, un-grouped ruleset, exported into SQL statements for import into a database fw1r55_to_fwdoc.pl --with_implicit_rules \ --merge_AI=_config/rulebases_5_0.fws \ --rules=_config/Standard.W \ --objects=_config/objects_5_0.C \ --verbose \ | fwdoc_used_objects.py \ | fwdoc_ungroup.py \ | fwdoc_unroll_rules.py \ | fwdoc_to_html.py \ | fwdoc_to_tables.py \ --rules=accessrules.sql \ --natrules=natrules.sql \ --objects=objects.sql \ --services=services.sql \ --layer7=layer7.sql \ --users=users.sql \ --column-separator="," \ --enclose="'" \ --rowprefix="insert into accessrules values\(" \ --rowsuffix="\);" ----------------------------------------------------------------------- Roadmap / Programming / Contributing ----------------------------------------------------------------------- Updates will be available at http://www.wyae.de/software/fwdoc/ Please check there for updates prior to submitting patches! There is a user/developer mailing list available. To subscribe send a mail with "subscribe fwtools" as subject to minimalist@wyae.de For bug reports and suggestions or if you just want to talk to me please contact me at volker.tanger@wyae.de or fwtools@wyae.de ----------------------------------------------------------------------- History ----------------------------------------------------------------------- February 2007 * Volker Tanger - first running draft ----------------------------------------------------------------------- Shortcut: Distributable under GPL ----------------------------------------------------------------------- Copyright (C) 2000-2007 Volker Tanger This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. or on their website http://www.gnu.org/copyleft/gpl.html -----------------------------------------------------------------------