4 Replies Latest reply on Apr 13, 2011 3:55 AM by PhilM

    File containing NetObjects


      Which file in Sidewinder contains NetObjects ?  If i want to view all my netobjects on CLI , so how can I view ? For viewing rules it is

      cf policy query.

        • 1. Re: File containing NetObjects

          To view all of the network objects, run the following commands:


          cf domain q      (for domain type network objects)

          cf geo q             (for geo-location type network objects)

          cf host q            (for host type network objects)

          cf ipaddr q        (for IP address type network objects)

          cf iprange q      (for IP range type network objects)

          cf netmap q      (for netmap type network objects)

          cf subnet q       (for subnet type network objects)


          To output to a file, use the '>' and specify a filename. For example, 'cf subnet q > subnet_objects'.


          You may also export all of the network objects into a comma delimited file so that you may import them into a spreadsheet. To do so, run 'cf policy export type=net_object'.

          1 of 1 people found this helpful
          • 2. Re: File containing NetObjects

            There is no file - the objects (and other configuartion data) are stored in a database.


            The command


            cf policy export type=net_objects


            will give you what you want.


            Alternatively you can query the single tables using the following commands:


            cf domain query

            cf host query

            cf ipaddr query

            cf iprange query

            cf netgroup query

            cf netmap query

            cf subnet query

            • 3. Re: File containing NetObjects

              Thanks oreeh for your support. But I also wanted to know the directory path in which netobjects are saved. IF I modify the file and then want to upload on Firewall with updated netobjects then in which directory I have to save it.


              Hope I will get the answer



              • 4. Re: File containing NetObjects



                As oreeh has said, the objects themselves are not stored in a file but are stored in the Firewall's main configuration database.


                The various cf commands will allow you to view the contents of the different tables (domains, hosts, IP addresses, etc...). You can send the output of these commands to a file using the ">" operator. So:-


                cf ipaddr query > ip-addresses.txt


                will create a text file called "ip-addresses.txt" containing the output of the "cf ipaddr query" command. Unless you specify a full path with the filename, it will be stored in the /home/<your_user_name> directory.


                The output is formatted (minus the cf) exactly as used for the command itself. So, if you wanted to transfer network objects from one Firewall to another, you can simply transfer the text file to the other appliance and run the following command:-


                cf -f <filename>


                The process will fail if there are existing objects of the same name, but I've used this technique to great effect on a number of occasions, creating several hundred network objects on a new firewall in a matter of seconds.


                Hope that helps.