[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Change management tools and techniques
- To: [email protected]
- Subject: Re: [FW-1] Change management tools and techniques
- From: Volker Tanger <[email protected]>
- Date: Thu, 17 Oct 2002 17:34:46 +0200
- Organization: DiSCON GmbH
- References: A<[email protected]>
- Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.0.0) Gecko/20020530
Greetings!
Leon Noble wrote:
>
> extract the rules file from downloaded backups and run with fwrules
> downloadable from www.phoneboy.com in the downloads section. This
> creates an
> html file which is stored and can be accessed over the secure connection,
> this runs everyday. The html file that fwrules creates is a very detailed
> and very accurate representation of your rulebase it is a very good script.
*PLEASE* use the current version from it's homepage
http://www.wyae.de/software/fw1rules/ as phoneboy still hosts an old
copy (version 7.2.7) whereas the current version is 7.3.5 which includes
a number of important bugfixes. Please note that while it runs smoothly
with V4.1 it does not work completely yet for NG configurations.
If you look at the "contrib" directory, you'll find a file called
"ruleshistory.sh" that can be run daily as CRON script. This shell
script creates a HTML configuration output with a date stamp and
compares it to the "latest" configuration stored. If it does not differ
(i.e. no change) it is deleted. If it does differ, the "latest"
configuration is updated and a list of the changes is mailed to the
administrators.
Bye
Volker Tanger
IT-Security Consulting
PS: Yes, Phoneboy does get notified on all updates and constantly is
being nagged to update his download page.
--
discon gmbh
Wrangelstra�e 100
D-10997 Berlin
fon +49 30 6104-3307
fax +49 30 6104-3461
[email protected]
http://www.discon.de/
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================