1 of 1 people found this helpful
To view all of the network objects, run the following commands:
cf domain q (for domain type network objects)
cf geo q (for geo-location type network objects)
cf host q (for host type network objects)
cf ipaddr q (for IP address type network objects)
cf iprange q (for IP range type network objects)
cf netmap q (for netmap type network objects)
cf subnet q (for subnet type network objects)
To output to a file, use the '>' and specify a filename. For example, 'cf subnet q > subnet_objects'.
You may also export all of the network objects into a comma delimited file so that you may import them into a spreadsheet. To do so, run 'cf policy export type=net_object'.
There is no file - the objects (and other configuartion data) are stored in a database.
cf policy export type=net_objects
will give you what you want.
Alternatively you can query the single tables using the following commands:
cf domain query
cf host query
cf ipaddr query
cf iprange query
cf netgroup query
cf netmap query
cf subnet query
Thanks oreeh for your support. But I also wanted to know the directory path in which netobjects are saved. IF I modify the file and then want to upload on Firewall with updated netobjects then in which directory I have to save it.
Hope I will get the answer
As oreeh has said, the objects themselves are not stored in a file but are stored in the Firewall's main configuration database.
The various cf commands will allow you to view the contents of the different tables (domains, hosts, IP addresses, etc...). You can send the output of these commands to a file using the ">" operator. So:-
cf ipaddr query > ip-addresses.txt
will create a text file called "ip-addresses.txt" containing the output of the "cf ipaddr query" command. Unless you specify a full path with the filename, it will be stored in the /home/<your_user_name> directory.
The output is formatted (minus the cf) exactly as used for the command itself. So, if you wanted to transfer network objects from one Firewall to another, you can simply transfer the text file to the other appliance and run the following command:-
cf -f <filename>
The process will fail if there are existing objects of the same name, but I've used this technique to great effect on a number of occasions, creating several hundred network objects on a new firewall in a matter of seconds.
Hope that helps.