Q: How do I use the cprules utility to document my Checkpoint ruleset?
A:
The free cprules utility can read your data files from your management server and produce HTML output. Here's how:
- Log onto your management server and find the conf directory that contains objects_5_0.C and rulebases_5_0.fws.
- FTP or SCP these files down to the PC which has cprules installed.
-
On the management box, run these two commands:
fwm dbexport -f users.exp fwm dbexport -g -f groups.exp
- Copy the users.exp and groups.exp files to your PC as well.
-
On the PC, run
perl CPusers.pl. This will create users.C -
For each ruleset in your database for which you want a report, run
perl CPrules.pl --rulebase {rulesetname}. This will create a subdirectory called rulesetname containing the output.
