[Fwbuilder-discussion] fwbuilder and argus / Cisco ACLs
Brought to you by:
mikehorn
From: Dietmar G. <die...@sc...> - 2006-03-17 21:07:40
|
Hello, we are putting a large LAN into small segments to protect against worms. The firewall ruleset is quite complicated and I'd like to compare the ruleset against traffic flow logs. Is it possible to compile fwbuilder into simple Cisco ACLs like #allow www-traffic to webserver access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 80 #allow ftp control connection to server access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 21 #allow normal ftp access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 20 This would be very nice for use with the argus flow collector and its rapolicy check. Ciao Dietmar -- Alles Gute / best wishes Dietmar Goldbeck E-Mail: die...@sc... Reporter (to Mahatma Gandhi): Mr Gandhi, what do you think of Western Civilization? Gandhi: I think it would be a good idea. |