 |
FirewallBuilder |
|
Chapter 7. Network Discovery: A Quick Way to Create Objects
One of the distinguishing features that Firewall Builder provides is support for automated object creation. This helps populate the objects tree for large networks with lots of hosts and subnets. What might take hours to do manually, the Discovery Druid wizard can help you do in minutes.
To start the Discovery Druid, select /.
The Discovery Druid supports three main methods for automated object creation:
Reading file /etc/hosts
Network discovery using SNMP queries
Import the configuration of a firewall or router
You choose the method on the first page of the Druid ( Figure 7-1. )
Just check the radio-button next to the method you want to use and click .
7.1. Reading the /etc/hosts file
This method imports the host records present in the standard /etc/hosts file or any other file that contain records in the following format (this format is actually described in the manual page hosts(5)).
IP_Address host_name
The IP address must be separated from the host name with any number of spaces or tab symbols. Lines starting with '#' are considered comments and are ignored.
When you choose the import from /etc/hosts on the first page, the Druid asks you for the file path and name on the next page. Once that information is entered, it reads the contents of that file and presents a table of new networks (Figure 7-2).
This part of the druid is the same for all discovery methods.
The left column shows the networks that were discovered. The right column shows the network objects that will be created. To start with, the right column is empty.
This page of the Druid also has the following buttons:
Selects all records in the column.
Deselects all records in the column.
Brings up a filter dialog. Filtering helps manage long lists of objects.
Removes the currently applied filter and shows all records in the table.
The Druid can filter records in the table either by their address, by their name, or by both. To filter by address enter part of it in the "Address" field. The program compares the text entered in the filter dialog with an address in the table and shows only those records whose address starts with the text of the filter. For example, to only filter out hosts with addresses on the net 10.3.14.0 we could use the filter "10.3.14". Likewise, to remove hosts "bear" and "beaver" (addresses 10.3.14.50 and 10.3.14.74) we could use the filter "10.3.14.6". Note that the filter string does not contain any wildcard symbols like "*". The filter shows only records that have addresses which literally match the filter string.
Filtering by the object name uses the POSIX regular expressions syntax described in the manual page regex(7). For example, to find all records whose names start with "f" we could use the regular expression "^f". The "^" symbol matches the beginning of the string, so this regular expression matches any name that starts with "f". To find all names that end with "somedomain.com", we could use the regular expression ".*somedomain.com$"
Once you have reviewed the discovered networks, decide which ones you want to turn into Network objects. Then, copy those networks to the right column.
To populate the right column with objects, select the networks you want, then click the right arrow (-->) to put them in the right column.
Click . The discovered Hosts list displays:
Again, populate the right column with the objects you want to create:
Click . The final object list displays:
Here you can specify which type of object will be created for each discovered item: Address, Host, or Firewall. Here we are changing the object "sveasoft (10.3.14.202)" from a host to a firewall:
Click . The target library control appears:
Here you can specify which library the objects will appear in. Normally this would be User, unless you have created a user-defined library. Click .
The wizard finishes processing, and your new objects appear in your library:
Copyright © 2000-2008 NetCitadel, LLC. All rights reserved.
Using free CSS Templates.