FireWall-1 FAQ Downloads
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
These are provided AS-IS without any support or warranty. If they work for you, great. If not (most likely because you either don't have Perl installed or you're running them on Win95/NT), then don't ask me. The only one I wrote was the Session Auth agent.
CPFW1TK for Windows and Unix: A series of scripts/programs designed to process FireWall-1's tarballs without using WinZip. This package was provided by JP Vossen. Updates can be found at http://www.jpsdomain.org/public/public.html#packages.
fwexport.sh.txt: A bash script to parse the output from fw logexport -n.
fwl1nets.pl.txt: A Perl script that will take comma and tab seperated files (exports from Excel) of network names, network IPs and netmasks and then builds the corresponding objects.C entries. By Gareth Bromley.
fw1rules.tar.gz: (tarball) Volker Tanger's continuously updated version of fwrules mirrored from his site. Older versions are archived in FWRulesArchive.zip. You can also get updates to this script from his site.
ofiller24.tgz: Sometime ago, Martin Hoz, a Check Point SE based in Mexico, started writing some tools used to make easier the task of populating the SmartCenter? and importing configurations from Check Point's competition (PIX, NetScreen?, etc.) called Object Filler and Object Dumper. These tools have been freely available (and we plan to continue) and became popular among several people.
opie-client-2.32-1.i386.rpm: OPIE Client software (MD4 and MD5 S/Key generator). This version was compiled against libc6 on Intel, which means that it should work on any RedHat 5.0 or later system. The source for this program can be found here.
sessauth.pl.txt: A plaintext FireWall-1 Session Authentication agent. This doesn't do SSL, but someone with familiarity with Perl and the appropriate perl libraries could make this work. Written by yours truly. .