----------------------------------------------------------------------- FWdoc_unused_Objects v10.6.6 2007- by Volker Tanger ----------------------------------------------------------------------- Modern firewall rule GUIs usually come with a number of pre-defined services and objects. Not all of these are used in each ruleset - and during the life of a firewall ruleset a number of definitions no longer used accumulates. To cut out this slack from the reports, you can use "FWdoc_unused_Objects" as filter. To identify this slack for weeding you can use it with the --unused_objects switch. When using this switch please keep in mind, that this will usually break output that need object/service members of a group object. Thus neither "FWdoc_to_HTML" nor "FWdoc_Ungroup" will work with the filtered *UN*used objects. We use the LGPL'ed json-py library for reading JSON files, which is included in the .TAR.GZ archive http://sourceforge.net/projects/json-py/ ----------------------------------------------------------------------- Examples ----------------------------------------------------------------------- To create a cleaned-up firewall documentation without unused objects run fw1r55_to_fwdoc.pl --with_implicit_rules \ --merge_AI=_config/rulebases_5_0.fws \ --rules=_config/Standard.W \ --objects=_config/objects_5_0.C \ --verbose \ | fwdoc_used_objects.py \ | fwdoc_to_html.py \ > _Config.html To create a list of unused objects, call fw1r55_to_fwdoc.pl --with_implicit_rules \ --merge_AI=_config/rulebases_5_0.fws \ --rules=_config/Standard.W \ --objects=_config/objects_5_0.C \ --verbose \ | fwdoc_used_objects.py --unused_objects \ | fwdoc_to_txt.py \ > _Unused_objects.txt ----------------------------------------------------------------------- Roadmap / Programming / Contributing ----------------------------------------------------------------------- Updates will be available at http://www.wyae.de/software/fwdoc/ Please check there for updates prior to submitting patches! There is a user/developer mailing list available. To subscribe send a mail with "subscribe fwtools" as subject to minimalist@wyae.de For bug reports and suggestions or if you just want to talk to me please contact me at volker.tanger@wyae.de or fwtools@wyae.de ----------------------------------------------------------------------- History ----------------------------------------------------------------------- June 2010 v10.6.6 * David DeSimone - corrected handling of emtpy NAT rules - corrected handling of emtpy user lists - corrected handling of gateway clusters February 2007 v0.1 * Volker Tanger - first running draft ----------------------------------------------------------------------- Shortcut: Distributable under GPL ----------------------------------------------------------------------- Copyright (C) 2007- Volker Tanger This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. or on their website http://www.gnu.org/copyleft/gpl.html -----------------------------------------------------------------------