The PhoneBoy Blog

FireWall-1 FAQ Downloads

Last Modified: 31 Dec 2003

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.

I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.

If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)

These are provided AS-IS without any support or warranty. If they work for you, great. If not (most likely because you either don’t have Perl installed or you’re running them on Win95/NT), then don’t ask me. The only one I wrote was the Session Auth agent.

• adtr.pl.txt A script to generate HTML outout of your NAT rules. Written by Jon Erickson.

• CPFW1TK for Windows and Unix: A series of scripts/programs designed to process FireWall-1’s tarballs without using WinZip. This package was provided by JP Vossen. Updates can be found at http://www.jpsdomain.org/public/public.html#packages. 

• db_load.tar or DB_LOAD.ZIP: A set of scripts for switching the logs, ftping them to another box and loading them into an Oracle database. Written by Jim Edwards.

• fwexport.sh.txt: A bash script to parse the output from fw logexport -n.

• fw1repo.zip: A log summarizer written in Perl on NT by Ed Ravin.

• fwl1nets.pl.txt: A Perl script that will take comma and tab seperated files (exports from Excel) of network names, network IPs and netmasks and then builds the corresponding objects.C entries. By Gareth Bromley.

• fwlogsum.tar.gz: A log summariser written in Perl on Linux by Rui Pedro Bernardino. Latest version available at http://fwlogsum.sourceforge.net/

• fwlogswex.zip: GUI version of fw logswitch/logexport for WinNT by Carsten Schmidt.

• fwobjects.pl.txt: A script to dump objects.C into a more readble form. Written by Gerhard Grasboeck.

• fwownalert.pl.gz:A user-defined alert program (written by Carsten Goerke)

• fw1rules.tar.gz: (tarball) Volker Tanger’s continuously updated version of fwrules mirrored from his site. Older versions are archived in FWRulesArchive.zip. You can also get updates to this script from his site.

• fwscript.zip: Some Unix scripts to maintain firewall logs. Written by Chris Hill of Automotive Products Group, Ltd, based on an idea by Feroz Kahn.

• ofiller24.tgz: Sometime ago, Martin Hoz, a Check Point SE based in Mexico, started writing some tools used to make easier the task of populating the SmartCenter? and importing configurations from Check Point’s competition (PIX, NetScreen?, etc.) called Object Filler and Object Dumper. These tools have been freely available (and we plan to continue) and became popular among several people.

• opie-client-2.32-1.i386.rpm: OPIE Client software (MD4 and MD5 S/Key generator). This version was compiled against libc6 on Intel, which means that it should work on any RedHat 5.0 or later system. The source for this program can be found here.

• otpgen.zip: Another S/Key generator program for Windows 95/NT. Written by Andy Bontoft.

• sessauth.pl.txt: A plaintext FireWall-1 Session Authentication agent. This doesn’t do SSL, but someone with familiarity with Perl and the appropriate perl libraries could make this work. Written by yours truly. .