Re: Processing checkpoint web visualization tool XML-output with Perl




Hola Javier,

If I understood well while readind the abstract ofiller/odumper are tools for processing fw objects only but not the whole config. Is that correct or am I mistaken?

Anyway, what I want to do is following.
We have our CP rules organized in groups, each of them containig the rules
belonging to one project. These groups of rules have a text header line above them.
Well, now I'd like to read all of the rules and produce reports one for each of the groups.
My strategy is to first use the visualization tool. This way I get everything in XML. And this is my problem at the moment:-).
I started reading XML, XSL and the Perl Modules and I started already with XPath.
The problem is now reading all the rules between two <header_text> elements, i.e. the rules belonging to this group.
Whatever I tried I allways got the whole rule set, so I can't know which rules belong to a specific group of rules. I think, the problem is that the <header_text> nodes are also implemented as rules and these <rule> nodes are siblings to the other rules, so I can't use the <header_text> rule as a parent node to its including rules...
All the fw rules have the same parent, to say that more clearly.
I don't know whether XPath is the right tool in this case.


Peter (Milleson),

Thanks for your example in TreeBuilder, I'll give it a try too.


Frederik,

This is only for log processing, I think.
Nevertheless, thanks for the hint, I'll need this too for the next project "which fw rule has been used when last?".


Thanks to anyone for the answers

Saludos and cheers
Jannis

--- Javier Reyna <jreyna@xxxxxxxxxxxxxx> schrieb am Di, 24.2.2009:

Von: Javier Reyna <jreyna@xxxxxxxxxxxxxx>
Betreff: Re: Processing checkpoint web visualization tool XML-output with Perl
An: "Jannis Kafkoulas" <jasecml@xxxxxxxxx>
CC: security-basics@xxxxxxxxxxxxxxxxx
Datum: Dienstag, 24. Februar 2009, 13:09
What information do you need to extract?

Maybe you'll find usefull the tool developed by Martin
Hoz. ofiller/odumper, it reads
the configuration from checkpoint and dump it to csv file.

Check it out:

http://www.chatscope.com/ofiller/


On Mon, Feb 23, 2009 at 07:32:30AM -0800, Jannis Kafkoulas
wrote:

Hi,

I have to extract information from the CP NG ruleset.
Of cource I'd like to have this done
automatically.
I think using the "advanced (XML) Format"
method is the best I can do.
I decided to process the output with XML::Modules in
Perl.
But the problem is I'm a very newbie in XML
(just started working through it:-( ).
So, did someone the Job already in order to give me
some hints which Modules to use the best?

Thanks a lot for any help

jannis




--
Saludos!
________________

Javier Reyna
CCSE WCSE ISS-CS NSP JNCIA-FWV
Consultor en Seguridad
jreyna@xxxxxxxxxxxxxx
www.onlinet.com.mx
,,__
o" )~
''''