Cisco2Checkpoint
Cisco2Checkpoint copied to clipboard
GoSecure
Object protocol case issue
Hi Martin,
Seems another case issue.
Receiving error for the following parse
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service same_name2
service-object object TCPUDP
Error:
#[-] Importing: <ASAObjGroupService # 3 'same_name2'>
Traceback (most recent call last):
File "c2c.py", line 171, in <module>
c2c.importConfig(args.cpPortsFile,args.cpNetObjFile,args.ciscoFile)
File "lib/cisco2checkpoint.py", line 1758, in importConfig
self._importPortGroups(self.parser.getPortGroups())
File "lib/cisco2checkpoint.py", line 1842, in _importPortGroups
self.addObj(CiscoServiceGroup(self, newGrp))
File "lib/cisco2checkpoint.py", line 1062, in __init__
for mm_r in parsedObj.result_dict:
File "lib/ciscoconfparse_patch.py", line 519, in result_dict
.format(name))
ValueError: FATAL: Cannot find service object named TCPUDP
kind regards,
The error disappeared but the example above generate a group with a "any port" member. I'm not sure if it will successfully import. Can you test?
Yes, i'm receiving the following error:
Validation error in field '' of element #1 at object 'same_name2' @ 'Services' --> The referenced object 'any' from table 'globals' does not exist in the database
Object contain invalid reference
Error in line: 6
services::same_name2 Validation error in field '' of element #1 at object 'same_name2' @ 'Services' --> The referenced object 'any' from table 'globals' does not exist in the database
Object contain invalid reference for services::same_name2
Error in line: 7
Is it possible to create a service on checkpoint (on files data/default_r7730_) like tcp_all 1-65535 ( same for udp) and use it accordingly ? If its not possible on checkpoint part, maybe adding the following to the cisco default.
object-group service tcp_all tcp
port-object range 1 65535
object-group service udp_all udp
port-object range 1 65535
Its important to instead of use ANY, to allow only tcp and/or UDP.