Merge pull request #38 from ShibalovRoman/master

chkp-ofirs · web-flow · commit 207ed1ca99c2 · 2021-12-28T12:18:00.000+02:00
Add skip unused objects option to firepower vendor
diff --git a/CiscoMigration/CiscoConverter.cs b/CiscoMigration/CiscoConverter.cs
@@ -1608,6 +1608,7 @@ private void Add_Networks()
                 {
                     var cpHost = new CheckPoint_Host();
                     cpHost.Name = network.AutoGeneratedName();
+                    cpHost.Name = cpHost.SafeName();
                     cpHost.IpAddress = network.IpAddress;
                     cpHost.ConvertedCommandId = network.CiscoCommandId;
                     AddCheckPointObject(cpHost);
@@ -1616,6 +1617,7 @@ private void Add_Networks()
                 {
                     var cpNetwork = new CheckPoint_Network();
                     cpNetwork.Name = network.AutoGeneratedName();
+                    cpNetwork.Name = cpNetwork.SafeName();
                     cpNetwork.Subnet = network.IpAddress;
                     cpNetwork.Netmask = network.NetMask;
                     cpNetwork.MaskLength = network.MaskPrefix != null ? network.MaskPrefix : "";
@@ -1646,6 +1648,7 @@ private void Add_Objects()
                     case Cisco_Object.ObjectTypes.Host:
                         var cpHost = new CheckPoint_Host();
                         cpHost.Name = ciscoObject.CiscoId;
+                        cpHost.Name = cpHost.SafeName();
                         cpHost.Comments = ciscoObject.Description;
                         cpHost.IpAddress = ciscoObject.HostAddress;
                         ApplyConversionIncidentOnCheckPointObject(cpHost, ciscoObject);
@@ -1656,6 +1659,7 @@ private void Add_Objects()
                     case Cisco_Object.ObjectTypes.Network:
                         var cpNetwork = new CheckPoint_Network();
                         cpNetwork.Name = ciscoObject.CiscoId;
+                        cpNetwork.Name = cpNetwork.SafeName();
                         cpNetwork.Comments = ciscoObject.Description;
                         cpNetwork.Subnet = ciscoObject.Network;
                         cpNetwork.Netmask = ciscoObject.Netmask;
@@ -1668,6 +1672,7 @@ private void Add_Objects()
                     case Cisco_Object.ObjectTypes.Range:
                         var cpRange = new CheckPoint_Range();
                         cpRange.Name = ciscoObject.CiscoId;
+                        cpRange.Name = cpRange.SafeName();
                         cpRange.Comments = ciscoObject.Description;
                         cpRange.RangeFrom = ciscoObject.RangeFrom;
                         cpRange.RangeTo = ciscoObject.RangeTo;
@@ -1679,6 +1684,7 @@ private void Add_Objects()
                     case Cisco_Object.ObjectTypes.TcpService:
                         var cpTcp = new CheckPoint_TcpService();
                         cpTcp.Name = ciscoObject.CiscoId;
+                        cpTcp.Name = cpTcp.SafeName();
                         cpTcp.Comments = ciscoObject.Description;
                         cpTcp.Port = ciscoObject.ServicePort;
                         ApplyConversionIncidentOnCheckPointObject(cpTcp, ciscoObject);
@@ -1689,6 +1695,7 @@ private void Add_Objects()
                     case Cisco_Object.ObjectTypes.UdpService:
                         var cpUdp = new CheckPoint_UdpService();
                         cpUdp.Name = ciscoObject.CiscoId;
+                        cpUdp.Name = cpUdp.SafeName();
                         cpUdp.Comments = ciscoObject.Description;
                         cpUdp.Port = ciscoObject.ServicePort;
                         ApplyConversionIncidentOnCheckPointObject(cpUdp, ciscoObject);
@@ -1729,6 +1736,7 @@ private void Add_NetworkGroups()
                 {
                     var cpNetworkGroup = new CheckPoint_NetworkGroup();
                     cpNetworkGroup.Name = ciscoGroup.CiscoId;
+                    cpNetworkGroup.Name = cpNetworkGroup.SafeName();
                     cpNetworkGroup.Comments = ciscoGroup.Description;
                     ApplyConversionIncidentOnCheckPointObject(cpNetworkGroup, ciscoGroup);
                     CheckObjectNameValidity(cpNetworkGroup, ciscoGroup);
@@ -1784,6 +1792,7 @@ private void Add_InterfacesAndRoutes()
                 {
                     var cpNetworkGroup = new CheckPoint_NetworkGroup();
                     cpNetworkGroup.Name = ciscoInterface.CiscoId + "_subnets";
+                    cpNetworkGroup.Name = cpNetworkGroup.SafeName();
 
                     foreach (Cisco_Interface.Subnet subnet in ciscoInterface.Topology)
                     {
@@ -1799,6 +1808,7 @@ private void Add_InterfacesAndRoutes()
 
                         var cpNetwork = new CheckPoint_Network();
                         cpNetwork.Name = networkName;
+                        cpNetwork.Name = cpNetwork.SafeName();
                         cpNetwork.Subnet = subnet.Network;
                         cpNetwork.Netmask = subnet.Netmask;
                         AddCheckPointObject(cpNetwork);
@@ -1846,6 +1856,7 @@ private void Add_Zones()
 
                     var cpZone = new CheckPoint_Zone();
                     cpZone.Name = CiscoCommand.InterfacePrefix + ciscoAccessGroup.InterfaceName;
+                    cpZone.Name = cpZone.SafeName();
                     ApplyConversionIncidentOnCheckPointObject(cpZone, ciscoAccessGroup);
                     AddCheckPointObject(cpZone);
                 }
@@ -1858,6 +1869,7 @@ private void Add_Zones()
                 {
                     var cpZone = new CheckPoint_Zone();
                     cpZone.Name = ciscoInterface.CiscoId;
+                    cpZone.Name = cpZone.SafeName();
                     cpZone.Comments = "Zone without access-group";
                     ApplyConversionIncidentOnCheckPointObject(cpZone, ciscoInterface);
                     AddCheckPointObject(cpZone);
@@ -1903,6 +1915,7 @@ private void Add_ServicesAndServiceGroups()
                 {
                     var cpServiceGroup = new CheckPoint_ServiceGroup();
                     cpServiceGroup.Name = ciscoGroup.CiscoId;
+                    cpServiceGroup.Name = cpServiceGroup.SafeName();
                     cpServiceGroup.Comments = ciscoGroup.Description;
 
                     foreach (string groupName in ciscoGroup.MembersGroupNames)
@@ -2322,6 +2335,7 @@ private void Add_TimeRange(int caTimeId, string caTimeRangeName, string cpTimeRa
 
             CheckPoint_Time cpTime = new CheckPoint_Time();
             cpTime.Name = cpTimeRangeName;
+            cpTime.Name = cpTime.SafeName();
             cpTime.Comments = "Old Time Object name: " + caTimeRangeName;
             cpTime.StartNow = true;
             cpTime.EndNever = true;
diff --git a/MigrationBase/SupportedVendors.cs b/MigrationBase/SupportedVendors.cs
@@ -25,6 +25,7 @@ public class SupportedVendors
         #region Constants
 
         public const string CiscoConfigurationFileLabel = "Cisco configuration file:";
+        public const string FirepowerConfigurationFileLabel = "FirePower configuration file:";
         public const string CiscoProduct = "Cisco to Check Point Migration Tool";
         public const string CiscoProductDescription = "This tool supports migration of Cisco ASA 8.3\nand above configuration files.";
         public const string JuniperConfigurationFileLabel = "JunosOS XML configuration file:";
diff --git a/SmartMove/CommandLine.cs b/SmartMove/CommandLine.cs
@@ -125,7 +125,7 @@ public int DisplayHelp()
             Console.WriteLine("\t" + "-d | --domain" + "\t\t" + "domain name (for CiscoASA, FirePower, JuniperSRX, JuniperSSG only)");
             Console.WriteLine("\t" + "-n | --nat" + "\t\t" + @"(""-n false"" |"" -n true"" [default])  convert NAT configuration [enabled by default]");
             Console.WriteLine("\t" + "-l | --ldap" + "\t\t" + "LDAP Account unit for convert user configuration option (for FortiNet, PaloAlto and Panorama only)");
-            Console.WriteLine("\t" + "-k | --skip" + "\t\t" + @"(""-k false"" |"" -k true"" [default]) do not import unused objects (for FortiNet, PaloAlto, CiscoASA, Panorama, JuniperSRX and JuniperSSG only) [enabled by default]");
+            Console.WriteLine("\t" + "-k | --skip" + "\t\t" + @"(""-k false"" |"" -k true"" [default]) do not import unused objects (for FortiNet, Firepower, PaloAlto, CiscoASA, Panorama, JuniperSRX and JuniperSSG only) [enabled by default]");
             Console.WriteLine("\t" + "-f | --format" + "\t\t" + "format of the output file (JSON[default], TEXT)");
             Console.WriteLine("\t" + "-i | --interactive" + "\t" + @"-i false | -i true [default] Interactive mode provides a better user experience.Disable when automation is required[enabled by default]");
             Console.WriteLine("\t" + "-a | --analyzer" + "\t\t" + @"mode for analyze package");
@@ -143,7 +143,7 @@ public int CheckOptionsValidity(CommandLine commandLine)
         {
             var fullVendorsList = new List<string> { "CiscoASA", "JuniperSRX", "JuniperSSG", "FortiNet", "PaloAlto", "Panorama", "FirePower" }; //all vendors
             var vendorsList1 = new List<string> { "CiscoASA", "JuniperSRX", "JuniperSSG", "FirePower" };                                        //option -d
-            var vendorsList2 = new List<string> { "FortiNet", "PaloAlto", "Panorama", "CiscoASA", "JuniperSRX", "JuniperSSG" };                 //option -k
+            var vendorsList2 = new List<string> { "FortiNet", "PaloAlto", "Panorama", "CiscoASA", "JuniperSRX", "JuniperSSG", "FirePower" };    //option -k
             if (String.IsNullOrEmpty(commandLine.Vendor))
             {
                 Console.WriteLine("Option -v is mandatory but not specified.", MessageTypes.Error);
@@ -787,10 +787,12 @@ public void DoAnalyze(CommandLine commandLine)
                     vendorConverter = converter;
                     break;
                 case "FirePower":
-                    vendorConverter = new CiscoConverter()
+                    CiscoConverter fpConverter =  new CiscoConverter()
                     {
                         isUsingForFirePower = true
                     };
+                    fpConverter.SkipUnusedObjects = commandLine.DontImportUnusedObjects;
+                    vendorConverter = fpConverter;
                     break;
                 case "JuniperSRX":
                     JuniperConverter juniperConverter = new JuniperConverter();
@@ -1220,7 +1222,8 @@ public void DoMigration(CommandLine commandLine)
                 case "FirePower":
                     vendorConverter = new CiscoConverter()
                     {
-                        isUsingForFirePower = true
+                        isUsingForFirePower = true,
+                        SkipUnusedObjects = commandLine.DontImportUnusedObjects
                     };
                     break;
                 case "JuniperSRX":
diff --git a/SmartMove/MainWindow.xaml.cs b/SmartMove/MainWindow.xaml.cs
@@ -302,6 +302,10 @@ private void VendorSelector_OnSelectionChanged(object sender, SelectionChangedEv
                     ConfigurationFileLabel = SupportedVendors.CiscoConfigurationFileLabel;
                     SkipUnusedObjects.Visibility = Visibility.Visible;
                     break;
+                case Vendor.FirePower:
+                    ConfigurationFileLabel = SupportedVendors.FirepowerConfigurationFileLabel;
+                    SkipUnusedObjects.Visibility = Visibility.Visible;
+                    break;
                 case Vendor.JuniperJunosOS:
                     ConfigurationFileLabel = SupportedVendors.JuniperConfigurationFileLabel;
                     SkipUnusedObjects.Visibility = Visibility.Visible;
@@ -632,7 +636,8 @@ private async void Go_OnClick(object sender, RoutedEventArgs e)
                     break;
                 case Vendor.FirePower:
                     vendorConverter = new CiscoConverter() {
-                        isUsingForFirePower = true
+                        isUsingForFirePower = true,
+                        SkipUnusedObjects = SkipUnusedObjectsConversion
                     };
                     break;
                 case Vendor.JuniperJunosOS:
