Release Notes: This release further updates the 'print' and 'fltprint' mode spreadsheets to include VPN tunnel usage info and source / destination negation from the policy, as well as "install on" info (most relevant to checkpoint). The version has changed to 0.3 because 'print' modes now include almost all of the "important" details pulled from the configs and logs.
Release Notes: This release further updates the NAT analysis capabilities of the script. More information is populated in the NAT columns of the print mode spreadsheets.
Release Notes: This release further improves the NAT analysis capabilities of 360-FAAR, the output of which is listed in the six new print mode columns, src, dst, and service, for both the NAT translations which are listed in the logs and in the policy, for each object.
Release Notes: This release corrects MIP interface NAT ANY service name and adds nat dst ip statements to NAT tables so that NAT translated addresses from policies can be filtered against in rr mode CIDR filters. This release also correctly reads disabled rules in Netscreen and adds further checks to the rr mode rulebase builders. The Netscreen reader now reads tunnel VPN rules, and these can be used to filter out encrypted traffic in rr mode.
Release Notes: This release further updates the Cisco policy writer, resolves issues with service groups in access lists, and fixes a few Cisco reader bugs which printed undefined warnings.
Release Notes: This release adds further updates to dbedit output. od mode now outputs object and service groups, and dbedit output is also now printed straight to a file for easy "dbedit -f filename" use.
Release Notes: This release adds object output to dbedit text in od mode, and NOTE: statements to the policy reader sections. net and service_builder subs now catch and report circular groups and sub groups. Many bugs have been fixed in Cisco object, group, and rule readers and writers. The proto port and toZone fromZone divider character has been changed from . to ~ .
Release Notes: This release simply removes one or two Checkpoint FW-1 defaults. These defaults caused some rulebase builds in Checkpoint FW-1 r75.10 to fail (namely, rulebases using TCP port 8080, which is fairly common). This version has been tested and used successfully with FW-1 r75.10.
Release Notes: This release includes support for Cisco ASA global host, subnet, and range objects, as well as most service object types and identifiers. The Cisco defaults list is better, and the source policy usage field now prints correct information. All the policy readers have been upgraded to detect unknown objects in groups and policies.
Release Notes: This release provides a workaround for Netscreen objects identified by DNS name in the config and adds new fields to the 'print' modes spreadsheet. These fields list services in use in relation to objects and rules as well as usage info from the log file and hit counts.