Re: FW analyzer

From: Joseph Garcia <bsd_usr@xxxxxxxxx>
Date: Wed, 16 Aug 2006 17:28:39 -0700

Justin C. Sherrill wrote:
On Mon, August 14, 2006 1:04 pm, Haidut wrote:

The exact name is CheckPoint NGX R60 HFA02.

Oh, then you mean rules from an external hardware firewall device, not the
ones running in DragonFly.

I haven't seen any open source firewall rule analyzers, though I also
haven't looked; I could use one for PIX firewalls.  If there was one, it'd
probably be in pkgsrc: http://pkgsrc.se/ though I don't see anything in
~30 seconds of browsing.

I think in FreeBSD's ports tree there's some pix firewall config thingie. I never really looked at it because my PIX firewall rules are really simple. What model PIX do you have? What version of the PIX OS are you running? 7.0 looks pretty interesting.


