When we are exporting the rule in CSV format, It does not show the IP and NAT details, As per sk120342 we can export rulebase to HTML format.
Need to Run the below command in Expert Mode
$MDS_FWDIR/scripts/web_api_show_package.sh -o /var/log
chmod 777 filename
Now unzip with 7zip or any other software and check the rules in HTML format.
Host address within the network groups are not show
Benefits of Exporting to HTML Format:
- Detailed Information: The HTML format includes comprehensive details that are missing in the CSV format, such as IP and NAT details.
- User-Friendly: HTML files can be easily viewed and navigated using a web browser, making it convenient for administrators to analyze the rulebase.
- Improved Documentation: Exporting to HTML allows for better documentation and sharing of firewall policies among team members.
- Ease of Access: Changing permissions and unzipping the file makes it simple to transfer and access the data on different systems.
This is the example how to export the rulebase policy in HTML format
[Expert@MGMT:0]# fw ver This is Check Point's software version R81.10 - Build 883 [Expert@MGMT:0]# [Expert@MGMT:0]# unset TMOUT [Expert@MGMT:0]# [Expert@MGMT:0]# $MDS_FWDIR/scripts/web_api_show_package.sh -o /var/log Script finished running successfully! Result file location: /var/log/show_package-2022-08-15_00-30-15.tar.gz [Expert@MGMT:0]# [Expert@MGMT:0]# [Expert@MGMT:0]# chmod 777 /var/log/show_package-2022-08-15_00-30-15.tar.gz [Expert@MGMT:0]# [Expert@MGMT:0]# ls -lrth total 2.0M drwx------ 2 admin root 6 Mar 15 2020 ppp -rwxr-xr-x 1 admin root 422 Jun 25 2021 converter_helper_users.sh -rwxr-xr-x 1 admin root 1.9K Jun 25 2021 converter_helper_cron.sh drwxr-xr-x 2 38 38 6 Jun 25 2021 ntpstats drwxr-xr-x 2 admin root 6 Jun 25 2021 image -rw-rw---- 1 admin root 2.6K Aug 14 18:31 zetc_collector.xml drwxrwx--- 6 admin root 93 Aug 14 18:33 opt drwxrwx--- 2 cp_postgres config 26 Aug 14 18:33 pg_log drwxr-xr-x 2 admin root 6 Aug 14 18:38 PackageRepository -rw-r--r-- 1 admin config 30K Aug 14 18:38 ftw_install.log drwxr-xr-x 4 admin root 32 Aug 14 23:33 CPbackup drwxr-xr-x 3 admin root 22 Aug 14 23:33 dump -rw------- 1 admin utmp 0 Aug 14 23:33 btmp -rw------- 1 admin root 0 Aug 14 23:33 maillog -rw------- 1 admin root 0 Aug 14 23:33 spooler -rw-r--r-- 1 admin root 0 Aug 14 23:33 CPbackup.elg drwxr-xr-x 3 admin root 17 Aug 14 23:33 CPsnapshot drwxrwx--- 3 admin root 20 Aug 14 23:35 cpupgrade drwxrwx--- 3 admin root 18 Aug 14 23:37 spool drwxrwx--- 11 admin root 143 Aug 14 23:37 dlp drwxrwxrwx 2 admin root 6 Aug 14 23:37 upload drwxrwxrwx 2 admin root 6 Aug 14 23:37 download drwxr-xr-x 3 admin root 17 Aug 14 23:37 upgrade -rw------- 1 admin root 251K Aug 14 23:41 anaconda.log -rw------- 1 admin root 87K Aug 14 23:41 anaconda.syslog -rw-r--r-- 1 admin root 90K Aug 14 23:47 dmesg -rw-r--r-- 1 admin root 0 Aug 14 23:47 kp_trace -rw-r--r-- 1 admin root 124 Aug 14 23:48 dynamicCli.log drw-r--r-- 2 admin root 23 Aug 14 23:48 routed_db -rw-r--r-- 1 admin root 1.4K Aug 14 23:48 routed.log -rw-r--r-- 1 admin root 250 Aug 14 23:48 gaia_api_taskmanager.log -rw-r--r-- 1 admin root 571 Aug 14 23:48 celery.log -rw-r--r-- 1 admin config 251K Aug 14 23:48 gaia_api_server.log -rw-r--r-- 1 admin root 7.4K Aug 14 23:48 routed_messages -rw-rw---- 1 admin root 86 Aug 14 23:48 sensor_start.log -rw-r--r-- 1 admin root 98 Aug 14 23:49 cp_idrac.log -rw-r--r-- 1 admin root 73K Aug 14 23:49 bootsplashc_log.log -rw-r--r-- 1 admin root 483K Aug 14 23:49 bootsplashd_log.log -rw-rw---- 1 admin root 1.6K Aug 14 23:50 LastMinorVersionFix.elg drwxr-xr-x 4 admin root 142 Aug 14 23:50 CPda -rw-rw---- 1 admin root 215 Aug 14 23:51 cpdiag_to_cpd_sched.log -rw-rw---- 1 admin root 0 Aug 14 23:51 CPDIAG_FIXER_TOKEN -rw-rw---- 1 admin root 558 Aug 14 23:52 cpdiag_fix_not_matching_cpsched.log -rw-rw---- 1 admin root 0 Aug 14 23:52 CPDIAG_FIXER_TOKEN_3 drwx------ 3 admin root 24 Aug 14 23:56 CPDepInst drwx------ 3 admin root 52 Aug 14 23:57 diagnostics -rw-r--r-- 1 admin root 162 Aug 14 23:57 blink_PlugAndPlay.log drwxr-xr-x 2 admin root 6 Aug 14 23:58 crash drwxr-x--- 2 admin root 23 Aug 14 23:58 audit -rw-r--r-- 1 admin root 0 Aug 14 23:58 rconfd.log -rw-r--r-- 1 admin root 0 Aug 14 23:58 httpd_access_log -rw-r--r-- 1 admin root 0 Aug 14 23:58 httpd2_access_log -rw-r--r-- 1 admin root 79 Aug 14 23:58 gaia_init_config.log -rw-r--r-- 1 admin config 0 Aug 14 23:58 gaiaApi.log drwxrwx--- 2 admin root 31 Aug 14 23:58 autoupdater_hcp_install_info -rw------- 1 admin root 197 Aug 14 23:58 boot.log drwxrwx--- 5 admin root 72 Aug 14 23:58 sensor drwxr-xr-x 2 admin root 43 Aug 15 00:00 sa drwxrwx--- 6 admin root 59 Aug 15 00:00 CPzetc -rw------- 1 admin root 699 Aug 15 00:09 auth -rw-r--r-- 1 admin root 29K Aug 15 00:13 lastlog -rw-rw---- 1 admin root 543 Aug 15 00:14 show_package-2022-08-15_00-14-09.tar.gz drwxrwx--- 3 cp_postgres root 50 Aug 15 00:14 install_policy -rw-r--r-- 1 admin root 238K Aug 15 00:18 db drwx------ 6 admin root 102 Aug 15 00:26 AutoUpdater -rw-r--r-- 1 admin root 26K Aug 15 00:26 httpd2_error_log drwxrwx--- 3 admin root 58 Aug 15 00:29 tmp -rw------- 1 admin root 847 Aug 15 00:30 cron -rw-rw---- 1 admin config 543 Aug 15 00:30 uepm_activation.log -rw-r--r-- 1 admin root 25 Aug 15 00:30 pkg_config_log -rw------- 1 admin root 20K Aug 15 00:30 secure -rw-rw-r-- 1 admin utmp 13K Aug 15 00:30 wtmp -rw------- 1 admin root 253K Aug 15 00:30 messages -rwxrwxrwx 1 admin root 21K Aug 15 00:30 show_package-2022-08-15_00-30-15.tar.gz -rw-r--r-- 1 admin root 37K Aug 15 00:31 vmware-vmsvc.log [Expert@MGMT:0]#
Exporting the rulebase to HTML format in Check Point Management Server provides a more detailed and user-friendly view of firewall policies. By following the steps outlined above, administrators can easily generate and access the necessary information for effective network management.