Guest User!

You are not Sophos Staff.

Thread Info
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 3073 views
  • Users 0 members are here
Options
Suggested

Localize an Object to delete it in SFOS

LuCar Toni

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Table of Contents

Overview

This recommended read goes over the steps to localize an object within SFOS.

If you’re trying to delete an object within SFOS and it’s already in use, you have to localize the rules first and delete/edit those rules.

In the case of complex setups, it can be complicated to localize all rules. 

The following UI error will occur:

"Host could not be deleted. Firewall rule exists for this host."

What to do

Doing a full export of the entire configuration under "Backup & firmware - Import export" gives you a XML File, which helps localize all config settings.

If you know the location of the config, you can export only firewall rules for example. If the usage is unknown to you, you can do a full export. 
Within the file is the "Entities.xml" file.
With a standard text editor, you can localize all objects, using your object. 
The object itself:

A TLS Inspection rule using this object:

SMTP General Settings are using this as a Required TLS Host object:

One Firewall Rule is using this object as Source called "FirewallRule".

There is one NAT Rule using this object as Source Network.

This option is an easy way to do a "where is used" option if needed to delete it. 



Updated Disclaimer
[edited by: Erick Jan at 2:07 PM (GMT -7) on 17 Apr 2023]
Parents

  • This is a cumbersome way to find used objects, but I think i can work with it.

    But why the hell the export does not contain the unique rule number id so i can find it easily with the filter?
    Why is Sophos not giving us the whole information about a firewall rule or nat rule?

  • in reply to Nafets

    Import/Export is not aware of the "Number" of the firewall rule and other rules. This is due the fact, that it only builds the framework of the rule, not the particular database. Firewall rule id and other ids are unique to the firewall, the import/export file is universal usable. 

    If there would be IDs, this would lead to issues, if you would use the same export on another firewall. 

    __________________________________________________________________________________________________________________

  • in reply to LuCar Toni

    OK. Is there a chance this "used by" feature we all know from sophos utm will get implemented into SFOS?
    I had to create a powershell script which is using the api to find in which rules objects are used

Reply Children
Unfiltered HTML