Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 16485 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

how to list or export a list of rules

pez
is there a way we can list or export a list of network rules etc... so we can have them reviewed by an external auditor?

I did read that I can use "support" - "printable configuration". However I can't work out how to export that in a useful fashion so that I can email it to someone to review

Am I missing something obvious?

I also saw that I can do iptables -n -L, which I have done, but I was hoping there was a way to list them similar to how they appear in the browser.

thanks
andrew


This thread was automatically locked due to age.
Parents
  • 0
    Here are a few hints on a different direction.


    # cc get packetfilter
    # cc get packetfilter rules
    # cc get packetfilter rules_auto
    # cc get_objects service
    # cc get_object REF_ServiceTACACS
  • 0 in reply to teched_01
    thanks Teched,

    i've included that as well

    regards
    andrew
  • 0 in reply to pez

    I'd really like this feature. It comes in really handy comparing configs and taking out lines etc that you don't need.

    Also, for external audit testing, pen testers use nipper which can parse these configs and provide a report on the router, firewall or switch within a second. They really are good reports and a great tool for strengthening your firewall etc.

    Now that Nipper has gone commercial, It is able to look at a Sophos UTM backup config (using Nipper Studio) which is good. Its a free trial and you can run 2 reports within 30 days so it's worth having a look at. Takes a minute to register and download.

    But a printable config would be very good and Bob's point is also a good point as well ie read only auditor.

Reply
  • 0 in reply to pez

    I'd really like this feature. It comes in really handy comparing configs and taking out lines etc that you don't need.

    Also, for external audit testing, pen testers use nipper which can parse these configs and provide a report on the router, firewall or switch within a second. They really are good reports and a great tool for strengthening your firewall etc.

    Now that Nipper has gone commercial, It is able to look at a Sophos UTM backup config (using Nipper Studio) which is good. Its a free trial and you can run 2 reports within 30 days so it's worth having a look at. Takes a minute to register and download.

    But a printable config would be very good and Bob's point is also a good point as well ie read only auditor.

Children
No Data