Hello,
Just wondering if anyone has managed to export Fortigate address host objects and ip addresses to a text file or csv etc ?
What I am really trying to achieve is to identify any inconsistencies in the address objects where either the host no longer exists or where the ip has been reallocated to a different host. So the process would be to identify any address object with a 255.255.255.255 mask, do a DNS lookup, try to ping it etc and report on this.
If I could extract the address and ips then I could probably do the rest in a bash script or something, but I imagine someone has already done the initial extraction part ? I've found the perl script to extract the policies into a .csv, but I'm not a perl guy, so if someone has done this already, that would be very useful.
Thanks in advance,
Fortigate 310B
Fortimanager 400A
Fortianalyzer 200D
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi IShall,
From the CLI console you can save the firewall address objects to a file
Open ssh session with fortigate using putty.exe and log all the output to a file (Session > Logging > All session output > Log File name > save the file as *.log)
config firewall address
sh full
end
all the output will be saved on a text file.
let me know if you have any further queries.
Regards,
Somu
Hi IShall,
using below command you can list the address object with 255.255.255.255 mask
sh firewall address | grep "255.255.255.255"
Hope this helps you.
Regards,
Somu
Thanks Somu,
Certainly that is the starting point. What I am aiming to do is extract the host objects (i.e. address object with type "ipmask" and mask "255.255.255.255") and further process just these. So I'll need some scripting to do that.
Regards,
Yeas and with the -A you ca get the full name;
show firewall address | grep -A 4 "255.255.255.255"
You will still need to manipulate the items to find any duplicates or unused address or address-groups. Than you can cross reference these to active policies.
I'm sure you could write a script parser to find all occurrence of "named address" to the policies.
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1717 | |
1093 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.