Imagine you have an access policy that looks something like this:
Further, imagine that you are reassigning all the IP addresses in 192.168.2.0/24 to be in the 192.168.3.0/24 subnet and that you need to modify the firewall rules to match.
One way to handle this is to manually browse through every rule in your firewall, removing the .2.0 addresses where you find them and replacing them with the equivalent .3.0 addresses. Or, you could do a Find and Replace operation.
Selectfrom the menu to open the Find and Replace dialog, shown here:
To replace every net-192.168.2.0 object with the net-192.168.3.0 object, first create the new network object. Then, drag (or Copy/Paste) a net-192.168.2.0 object into the Find object field and the net-192.168.3.0 object into the Replace object field. Then, set the Scope for search and replace pull-down menu to , as shown here:
Clickto replace all instances.
The Find object dialog has a number of controls you can use to constrain your searches:
Object parameter pull-down menu
Allows you to specify how you search for objects. You can search by name (usable on all objects), address (usable on all addressable objects), TCP/UDP port (usable on TCP and UDP objects), Protocol Number (usable on IP service objects) and ICMP type (usable on ICMP service objects).
The text field is populated automatically if you drag an object into the Find object field. Otherwise, you can type the text in manually.
Use regular expressions
Checking the Use regular expressions checkbox causes the text field to be interpreted as a Perl regular expression. You can only do searches based on a regular expression. You cannot do replaces based on a regular expression.
Drag an object into the field to find instances of that object.
Drag an object into the field to use it as the replacement object in a search and replace.
Scope of search and replace
Allows you to specify whether a search or search and replace will cover just the object tree, the tree and the policies of all firewalls in the object file, just the policies in the object file, or just the current open policy.
Thebutton finds the next instance of the object. It does not do a replace. replaces all instances of the object in the given scope. replaces the current instance. replaces the current instance and jumps to the next one.
Copyright © 2000-2012 NetCitadel, Inc. All rights reserved.
Using free CSS Templates.