****************************************************************************** * Unofficial/unsupported Object Filler and Object Dumper for Check Point's * * SmartCenter Server and Provider-1 MDS - Developed by Martin Hoz * * (c) 2003-2005 by Check Point Software Technologies, Ltd. and subsidiaries * ****************************************************************************** * Version 2.2 - December 2005 * ****************************************************************************** ****************************************************************************** What's New ------------------------------------------------------------------------------ * Object Filler ------------------------------------------------------------------------------ - Fixed bug: When there was a comma in the comments field of the object, Object Filler didn't behave well. Now it works correctly. - Fixed bug: Alert was not properly recognized as a Track option for security rules. Now is recognized and applied properly. - Fixed bug: Under some circumstances, IP ranges were not processed properly throwing an error “Found out that specified parameters don't make sense as specified object type requires. Ignoring...” – Now all the Object Ranges are under all circumstances processed correctly. - Now when processing Service Groups, Object Filler recognizes if the service being added is a predefined one. If it is a predefined service, then it processes it successfully even though such service was not explicitly processed during the program execution. - Now when importing from PIX configurations, it does Service Group recognition with the properly group type (TCP/UDP) for the services. - Added support to configure Host Objects as Mail and DNS Servers. Useful in R55W and R60. - Added support for InterSpect gateways. Useful from R55W and up. - Added support for Connectra gateways. Useful from R60 and up. - Added support for Multicast Address Ranges. Useful on R60 only. - Added support for Empty Groups (groups that have no elements inside them). - Added support for Groups with Exclusion (groups with Exceptions). - Different policy packages are now recognized properly using the keywork “rulebase_header”. Object Filler recognized, imports and process these tags appropriately. - Tested to work properly on Provider-1 NGX R60 and SmartCenter NGX R60 (with some limitations. Please read the limitations section) ------------------------------------------------------------------------------ * Object Dumper ------------------------------------------------------------------------------ - Added support to recognize Host Objects as Mail and DNS Servers. Useful in R55W and R60. - Added support for Multicast Address Ranges. Useful on R60 only. - Added support for InterSpect gateways. Useful from R55W and up. - Added support for Connectra gateways. Useful from R60 and up. - Added support for Empty Groups (groups that have no elements inside them). - Added support for Groups with Exclusion (groups with Exceptions) - Different policy packages are now recognized properly using the keywork “rulebase_header”. Object Dumper exports these tags appropriately. - Now Object Dumper recognized the default objects by Object Type and not only by object name. ------------------------------------------------------------------------------ * Documentation ------------------------------------------------------------------------------ - Created a Tutorial document, meant to be a step-by-step document to be followed to perform some of the basic and powerful operations with the tools. - Created a Provider-1 objects manipulation document, that shows (Among other things) how to move objects between CMAs and the MDS Global Objects Database. - Added to the Documentation a “medium-level” (not too technical but not too light) Presentation about the tools.