wildcard mask while ASA syntax - Githubissues

GoSecure / Cisco2Checkpoint

Tool that assists in migrating firewall rules from Cisco to Checkpoint. Will optimize rules for you (rationalization, reuse merging, etc.).

http://gosecure.net/2017/01/30/cisco2checkpoint-cisco-checkpoint-conversion-tool/

GNU General Public License v3.0

21 stars 11 forks source link

wildcard mask while ASA syntax #20

Open iceoeu opened 7 years ago

iceoeu commented 7 years ago

Hello,

I got wildcard mask in access list while use ASA syntax. It should not be wildcard for ASA! Please, correct it!

I discover one more problem. It do not undestand the follow: name 172.16.1.0 kino access-list oleg_list extended permit ip 192.168.1.0 255.255.255.0 kino 255.255.255.0

The result is: modify network_objects N_kino-24 ipaddr kino

Best regards, Oleg

iceoeu commented 7 years ago

It change mask to wildcard.

create network N_192.168.1.0-8 modify network_objects N_192.168.1.0-8 ipaddr 192.168.1.0 modify network_objects N_192.168.1.0-8 netmask 0.0.0.255 modify network_objects N_192.168.1.0-8 comments "" modify network_objects N_192.168.1.0-8 color "black" update network_objects N_192.168.1.0-8

iceoeu commented 7 years ago

A little correction: 'sip' : '5060 5061' ->'sip' : '5060-5061'

iceoeu commented 7 years ago

In config.py

iceoeu commented 7 years ago

I disable hostmask2netmask to avoid wildcard mask for asa.

iceoeu commented 7 years ago

I discover duplicate host if there is a host in ACL.

iceoeu commented 7 years ago

It does not recognized ' service-object udp range'.