Checkpoint FW Configuration

**noid** · October 6, 2003, 10:43

Its driving me crazy that I can't remember the name of the file. Check out www.phoneboy.com and blog.phoneboy.com for what is probably the best and most comprehensive CP FW-1 site on the net. There's more info there than in CP's own SecureKnowledge database.

**yankee** · October 6, 2003, 12:02

I think it's these two files (someone check me on this):

$FWDIR/conf/objects.C

and either

$FWDIR/conf/rulebasename.fws (Windows)
$FWDIR/conf/rulebasename.W (UNIX)

They're stored in some sort of CP proprietary scripting language (I think call "inspect script"). To convert it, you may want to look at:

http://sourceforge.net/projects/cp2fwbuilder/

**noid** · October 6, 2003, 12:29

it is in its own scripting lang, but its fairly easy to pick out whats happening in the file.

**good_guy_id911** · October 6, 2003, 23:04

well, thanks., guys..

--good_guy_id911--

**kraa26** · October 15, 2003, 08:57

Originally posted by yankee

I think it's these two files (someone check me on this):

$FWDIR/conf/objects.C

and either

$FWDIR/conf/rulebasename.fws (Windows)
$FWDIR/conf/rulebasename.W (UNIX)

They're stored in some sort of CP proprietary scripting language (I think call "inspect script"). To convert it, you may want to look at:

http://sourceforge.net/projects/cp2fwbuilder/

Your right.... objects.C is all the NAT'd objects and special objects created in Checkpoint..

rulebasename.W is your rules... I use these to "toggle" some firewall policies.

Checkpoint FW Configuration

Checkpoint FW Configuration

Comment

Comment

Comment

Comment

Comment