blackredcat <[email protected]> wrote:
>
> ..is there a way, inside SmartDashboard, to do a search/replace of the
> natted configured IP (i mean only those ip in the "nat tab") ?
No.
> so i thought to edit the objects_5_0.C
That is a great thought, but it does not work. The objects are actually
stored in a database, and the text file is merely a convenient
representation of that database. If you want to make changes you must
edit the database. SmartDashboard is one way to do that, but there are
other tools, such as GUIdbedit that you were wondering about, and also a
command-line tool DBedit, which I use for these sorts of situations.
What you can do is create a "command file" to feed to DBedit, which is
based on the changes you want to make.
DBedit accepts commands of this form:
create <object_type> <object_name>
modify <table_name> <object_name> <field_name> <value>
rename <table_name> <object_name> <new_object_name>
update <table_name> <object_name>
update_all
delete <table_name> <object_name>
print <table_name> <object_name>
printxml <table_name> <object_name>
addelement <table_name> <object_name> <field_name> <value>
rmelement <table_name> <object_name> <field_name> <value>
rmbyindex <table_name> <object_name> <field_name> <index_number>
add_owned_remove_name <table_name> <object_name> <field_name> <value>
quit [-update_all|-noupdate]
The "odumper" and "ofiller" processes that another poster referred to
are a great resource that you should look into. However, I am not sure
if they will do precisely what you need, which is to modify existing
objects. The best tool for that job is your brain, and also dbedit. :)
For example, if you want to modify the NAT IP associated with an
existing object:
modify network_objects OBJECT_NAME NAT:valid_ipaddr 111.222.333.444
update network_objects OBJECT_NAME
where of course you replace OBJECT_NAME with the name of your object.
If your site is like ours, and you put the IP of the object into the
object name, you may have to rename the object, as well:
rename network_objects OBJECT_NAME NEW_OBJECT_NAME
update network_objects NEW_OBJECT_NAME
You can, instead of inserting the hundreds of 'update' statements into
your command file, just use this command at the end:
quit -update_all
Once you have all these modify commands put together into a file, you
can use dbedit like so:
dbedit -local -f FILENAME
The other poster's comment about how you should make a backup, is a very
good suggestion.
Modifying existing objects in this fashion is very preferable due to the
fact that you don't have to drag and drop the objects in your existing
rules; they will just change where they are.
--
David DeSimone == Network Admin == [email protected]
"I don't like spinach, and I'm glad I don't, because if I
liked it I'd eat it, and I just hate it." -- Clarence Darrow
This email message is intended for the use of the person to whom it has been
sent, and may contain information that is confidential or legally protected. If
you are not the intended recipient or have received this message in error, you
are not authorized to copy, distribute, or otherwise use this message or its
attachments. Please notify the sender immediately by return e-mail and
permanently delete this message and any attachments. Verio, Inc. makes no
warranty that this email is error or virus free. Thank you.
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
