RE: [fw-wiz] Cisco PIX config beautifier???

• Previous message: Chris Keladis: "Re: [fw-wiz] 802.1x"
• Maybe in reply to: Kevin Miller: "[fw-wiz] Cisco PIX config beautifier???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: 'Kevin Miller' <kmiller@inflow.com>, "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com>
Date: Fri, 8 Aug 2003 08:08:29 +0200

cisco does have a gui (yuk) but I read somewhere that the guys that make
firewallbuilder for iptables has also written a Pix version, Firewallbuilder
is ok, so I reacon the gui should be, just remember, a Fw1 rulset is way
different to a PIX, as acls are per interface and not globaly, so the pix
gui might be large and slooow. That is my experiance with cisco's anyway.

CLI Rules, specially since 6.31 supports "| include" and "| grep". Makes
1000's acl entries managable :-))

-----Original Message-----
From: Kevin Miller [mailto:kmiller@inflow.com]
Sent: 07 August 2003 12:55
To: 'firewall-wizards@honor.icsalabs.com'
Subject: [fw-wiz] Cisco PIX config beautifier???

Has anyone ever found a utility that will parse a PIX config and change it
into a more easy to read format (eg. Checkpoint style)? At one time there
was a utility for Checkpoint that would parse the objects.c and
rulebases.fws and create an HTML file that contained the rulebase and links
for details about the objects.

I know a script could be written with out too much effort but I am curious
to see if anyone else has already written something.

Thanks for the help

Kevin

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

___________________________________________________________________________________________________

The views expressed in this email are, unless otherwise stated, those of the author and not those
of the FirstRand Banking Group or its management. The information in this e-mail is confidential
and is intended solely for the addressee. Access to this e-mail by anyone else is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or
omitted in reliance on this, is prohibited and may be unlawful.
Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data
transmitted electronically and to preserve the confidentiality thereof, no liability or
responsibility whatsoever is accepted if information or data is, for whatever reason, corrupted
or does not reach its intended destination.

                               ________________________________
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Chris Keladis: "Re: [fw-wiz] 802.1x"
• Maybe in reply to: Kevin Miller: "[fw-wiz] Cisco PIX config beautifier???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]