I will try and explain as best I can.
I have been given the task of cleaning up a firewall configuration that contains hundreds and hundreds of policies over a period of time. The first thing I need to do to achieve this is to work out the required services and their zones and to and from points.
I have completed the actual sorting in Excel, and now, if I need to achieve the desired results I will have to manually go through each entry, this could take weeks or months and time is not on our side for this project.
So, here is what I would manually have to do:
1: Get the /32 IP Address (not a problem).
2: Search for that address on the second worksheet with the completed policies (including all addresses and services per policy)
3: Once found, note the policy ID, the services and all addresses.
Now here is the issue
4: I then have to search for the next instance of the IP address and note the same details again.
5: And again as per 3 and 4 above.
6: Once all have been found, I then have to look at all the services and networks and addresses to see what is replicated and remove what is replicated.
What I really need is some help with a user inpput box I can enter the IP required. Then a button of some sort (OK) I guess, and it finds that IP address and the associated services and networks etc etc.....
The columns are listed as follows:
Policy ID (Column D) , From Zone (Column E), To Zone (Column F), Src Address (Column G), Dst Address (Column H) , Services (Column I) , Action (Permit, deny, etc) (Column J).
The reason for this is that I know a lot of /32 masked addresses are going to be included with the same services and maybe even the same to and from zones as an actual network address.... well that's pointless.....
Any help would be greatly appreciated.
Thanks
Clive
I have been given the task of cleaning up a firewall configuration that contains hundreds and hundreds of policies over a period of time. The first thing I need to do to achieve this is to work out the required services and their zones and to and from points.
I have completed the actual sorting in Excel, and now, if I need to achieve the desired results I will have to manually go through each entry, this could take weeks or months and time is not on our side for this project.
So, here is what I would manually have to do:
1: Get the /32 IP Address (not a problem).
2: Search for that address on the second worksheet with the completed policies (including all addresses and services per policy)
3: Once found, note the policy ID, the services and all addresses.
Now here is the issue
4: I then have to search for the next instance of the IP address and note the same details again.
5: And again as per 3 and 4 above.
6: Once all have been found, I then have to look at all the services and networks and addresses to see what is replicated and remove what is replicated.
What I really need is some help with a user inpput box I can enter the IP required. Then a button of some sort (OK) I guess, and it finds that IP address and the associated services and networks etc etc.....
The columns are listed as follows:
Policy ID (Column D) , From Zone (Column E), To Zone (Column F), Src Address (Column G), Dst Address (Column H) , Services (Column I) , Action (Permit, deny, etc) (Column J).
The reason for this is that I know a lot of /32 masked addresses are going to be included with the same services and maybe even the same to and from zones as an actual network address.... well that's pointless.....
Any help would be greatly appreciated.
Thanks
Clive
![[glasses]](/data/assets/smilies/glasses.gif "[glasses] [glasses]")
Just traded in my OLD subtlety...![[tongue]](/data/assets/smilies/tongue.gif "[tongue] [tongue]")
